Commit Graph

69 Commits

Author SHA1 Message Date
Tom Eastep
468ff6efab First cut at IPSET/Dynamic-zone support in Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-31 11:23:43 -07:00
Tom Eastep
2dec3a8ecb Correct handling of AUDIT_TARGET is both cli libraries.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-30 11:39:21 -07:00
Tom Eastep
471d405f7d Delete A_* from 'show actions' output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 16:41:08 -07:00
Tom Eastep
d15475efae Cleanup of AUDIT before Beta 3
- Correct merge snafus
- Rename the new actions (e.g., ADROP->A_DROP)
- Correct MACLIST_DISPOSITION logic
2011-05-20 07:47:35 -07:00
Tom Eastep
e9df13a42b Resolve merge conflicts 2011-05-19 15:10:22 -07:00
Tom Eastep
5e68dbfa9a Complete first attempt at AUDIT support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-19 12:06:43 -07:00
Tom Eastep
d2ab27c071 More AUDIT changes 2011-05-18 21:25:57 -07:00
Tom Eastep
ce8df2f66c Revert "Bump version to Beta 3"
This reverts commit 465e729288.
2011-05-18 17:50:12 -07:00
Tom Eastep
465e729288 Bump version to Beta 3 2011-05-18 17:08:07 -07:00
Tom Eastep
f62287ccbf Correct output noise in the output of 'shorewall6 show connections' - take 2 2011-04-04 09:14:22 -07:00
Tom Eastep
66dd89234f Correct output noise in the output of 'shorewall6 show connections' 2011-04-04 09:13:17 -07:00
Tom Eastep
cc633c5bd9 Shorewall 4.4.19 Changes 2011-04-03 09:56:30 -07:00
Tom Eastep
70fc8bdfb6 Add support for per-IP accounting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-01-30 07:20:05 -08:00
Tom Eastep
4cc8e5422d Add ACCOUNT target detection 2011-01-30 07:14:08 -08:00
Tom Eastep
2702d7f208 Implement header matching 2010-11-24 10:46:06 -08:00
Tom Eastep
520608dd66 Implement undocumented dumpfilter extension file 2010-10-07 14:19:09 -07:00
Tom Eastep
cee05d9763 Refine -lite handling of scfilter.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:30 -07:00
Tom Eastep
ac71868cc1 Package the scfilter along with the generated script for -lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 10:59:15 -07:00
Tom Eastep
2fa7e11976 Add 'scfilter' extension script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 07:38:14 -07:00
Tom Eastep
0f4d8eb929 Use 'conntrack' for 'show connections' 2010-09-23 19:08:40 -07:00
Tom Eastep
57bcfee559 Add 'Mark in any table' capability 2010-08-27 08:35:33 -07:00
Tom Eastep
0234564a1b Add destination IP blacklisting 2010-08-10 17:33:50 -07:00
Tom Eastep
364ad41cf5 Add support for new ipset match syntax 2010-08-03 21:06:17 -07:00
Tom Eastep
0b9aa0f84b Fix the dump command 2010-07-31 13:52:28 -07:00
Tom Eastep
0b3dfcc844 Revert version to Beta 3 2010-07-31 13:23:53 -07:00
Tom Eastep
74092a9b14 Restrict Shorewall6 netstat call to IPv6 only 2010-07-06 06:42:37 -07:00
Tom Eastep
2ee4fd8f5a Add FWMARK_RT_MASK capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-04 09:08:04 -07:00
Tom Eastep
2d6647c445 Make 'shorewall6 show connections' more readable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-22 08:32:15 -07:00
Tom Eastep
055ac41a23 Make IPv6 log output readable 2010-06-21 15:38:47 -07:00
Tom Eastep
6d61e962eb Use -m conntrack if available in place of -m state
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-25 13:35:41 -07:00
Tom Eastep
a0abb11f67 Extend 'show log <ipaddr>' to search for a regular expression.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-19 13:02:21 -07:00
Tom Eastep
508475d80b Avoid panic among the user base by suppressing missing table error messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-19 10:10:20 -07:00
Tom Eastep
abb943bfb7 Do library consolidation on IPv6 and load lib.cli into shorecap.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-04 13:11:33 -08:00
Tom Eastep
4c081e5998 Add lib.run
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-04 09:12:48 -08:00
Tom Eastep
a963c8f955 Don't export CONFDIR or SHAREDIR
Document CONFDIR, SHAREDIR and VARDIR
Add FILEMODE to the old reserved variable names

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 11:46:23 -08:00
Tom Eastep
3f73b3c408 Export *DIR variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 10:39:18 -08:00
Tom Eastep
c6981de0e5 Complete elimination of globals that are not .conf options
Documentation to follow

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 09:50:07 -08:00
Tom Eastep
ee74696747 IPv6 work to only export when necessary
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 08:59:58 -08:00
Tom Eastep
2656a9b0c7 Eliminate use of PRODUCT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 12:34:36 -08:00
Tom Eastep
5613d0105a Remove all reliance on HOSTNAME
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 11:59:38 -08:00
Tom Eastep
3ea6f6792f Eliminate VERSION reserved variable name
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 08:02:10 -08:00
Tom Eastep
53c73bc8e9 Eliminate VERBOSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-28 17:58:01 -08:00
Tom Eastep
061d850c16 Rename RESTOREPATH to g_restorepath
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-26 08:35:50 -08:00
Tom Eastep
cd2056f0aa Apply the preceding change to Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 17:01:44 -08:00
Tom Eastep
bffb1793d7 More global variable renaming
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 07:52:35 -08:00
Tom Eastep
b2350829b9 Rename 'debugging' to 'g_debugging'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-22 16:43:38 -08:00
Tom Eastep
20ca22d437 Eliminate some of the all-caps variable name restrictions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-22 08:23:17 -08:00
Tom Eastep
e690303937 Modify Roberto's patch for 'show <chain>' error reporting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-20 19:09:54 -08:00
Roberto C. Sanchez
6a3b2b0dee Clarify error message when user asks shorewall to show a non-existent chain 2010-02-20 21:57:45 -05:00
Tom Eastep
38b8a8a7fd Allow Shorewall6 to display the tc config of one interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 19:09:46 -08:00