Commit Graph

15140 Commits

Author SHA1 Message Date
3cbe0e7a1c Describe IPSEC via SNAT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-08 14:33:54 -08:00
221753c3c0 INLINE_MATCHES=No in sample configs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.12-base
2018-02-08 12:53:20 -08:00
b14924bd64 New macros - Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-08 12:29:56 -08:00
c0a608ef84 Updated IPMI Macro (Tuomo Soini)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-08 11:59:55 -08:00
c518e85215 Clarify warning message regarding INLINE_MATCHES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-08 11:21:38 -08:00
34fd10df41 Fix typo 2018-02-08 10:49:14 -08:00
e7004da47c Fix typo 2018-02-08 10:49:06 -08:00
91c76f7559 Add INLINE_MATCHES=Yes to deprecated option list
- Issue a warning for each line requiring change.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-07 19:08:28 -08:00
2e4af68b98 Always report IPSET_MATCH in 'show capabilities' output.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.12-RC1
2018-02-06 13:41:28 -08:00
de9f29d7d4 Update Actions article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-05 17:11:30 -08:00
99ddb17c9e Update the Macros article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-05 17:11:05 -08:00
8ea9d0bbef Mention capabilities file to speed up 'start'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-02 10:45:21 -08:00
ebe09a95b8 Lightweight format_rule() for use in digest creation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-02 09:27:19 -08:00
f32b304eb6 Describe disabling shorewall under systemd in the FAQs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-31 14:59:15 -08:00
7bdd69d151 Optimization category 8 tweaks
- Document cost of the category in shorewall.conf(5)
- Omit DONT_DELETE chains from consideration right off the bat

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-31 14:58:01 -08:00
a08f0cfe10 Avoid awkward blank lines
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.12-Beta2
2018-01-30 19:15:10 -08:00
09a81ae574 Omit trailing black space from the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 14:31:54 -08:00
7042d586b2 Clarify BLACKLIST_DISPOSITION in shorewall.conf(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 13:54:03 -08:00
e17c4ac8af Reorganize code around wait/Interface-variable fix
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 11:25:37 -08:00
37101a2031 Merge branch '5.1.11' into 5.1.12 2018-01-28 13:15:42 -08:00
40bcfd15e5 Revert "Correct order of optional interface and address variable handling"
This reverts commit f4cae55c1e.
2018-01-28 13:15:13 -08:00
230ab06e5d Reverse order of required-interface and address variable processing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.11.2
2018-01-28 13:10:44 -08:00
09cda21dd4 Revert "Correct order of optional interface and address variable handling"
This reverts commit 9253f90ac5.
2018-01-28 12:29:38 -08:00
9253f90ac5 Correct order of optional interface and address variable handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-28 11:39:06 -08:00
f4cae55c1e Correct order of optional interface and address variable handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-28 10:54:03 -08:00
070a67d665 Deimplement OPTIMIZE_USE_FIRST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-24 11:56:20 -08:00
9796c58eb2 Add OPTIMIZE_MASK constant
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-23 13:15:44 -08:00
cabc20957f Delete an unnecessary variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-23 09:45:50 -08:00
a9a379c5a5 Implement INPUT SNAT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.12-Beta1
2018-01-22 16:37:38 -08:00
3bf5066f82 Document multiple DEST interfaces in the snat file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-22 11:12:28 -08:00
b2c33a0f9a Add snat to the list of manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-22 10:48:58 -08:00
64f704a964 Improve quoting in the route-balancing logic
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-21 14:46:51 -08:00
416224ee05 Correct typos and anachronisms in Chains.pm comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-21 11:53:58 -08:00
92ce1beddc Move read_yesno_with_timeout() to lib.cli-std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-20 14:26:13 -08:00
4d6bf8564e Avoid unnecessary variable expansion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-20 14:25:42 -08:00
fb4b362724 Eliminate unnecessary local array
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-20 13:26:10 -08:00
97de2be778 Change a fatal_error() call with an assertion in add_policy_rules()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 13:39:51 -08:00
85cae3c7f8 Add parens to improve readability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 12:47:17 -08:00
acd425a3c2 Remove superfluous logic from validate_portpari1()
- Add comments

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 12:46:52 -08:00
4e6949f996 Document port masquerading
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.11.1
2018-01-19 08:55:56 -08:00
5d7dcc3122 Unify variable style
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 13:42:13 -08:00
23d498146b Merge branch '5.1.11'
# Conflicts:
#	Shorewall/lib.cli-std
2018-01-18 13:40:37 -08:00
422d0b216a Don't use the -quit option to Busybox find
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 13:39:44 -08:00
37ecbff23a Merge branch '5.1.11'
# Conflicts:
#	Shorewall/lib.cli-std
2018-01-18 13:37:52 -08:00
491309a78a Don't use the -quit option to Busybox find
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 13:36:23 -08:00
bc993c384c Don't use the -quit option to Busybox find
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 11:34:46 -08:00
0e4c1cdac1 Init: Correct indentation
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.11-base
2018-01-12 10:26:37 -08:00
27a0f0f7a0 Make TRACK_PROVIDERS=Yes the default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.1.11-RC1
2018-01-10 08:46:01 -08:00
9ac075fd56 Clear the connection mark in tunneled packets from tracked providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-09 17:12:14 -08:00
b2604583af Revert "Clear the connection mark in tunneled packets from tracked providers"
This reverts commit 62c6411cb0.
2018-01-09 17:01:51 -08:00