Tom Eastep
|
46b8e2e957
|
Avoid exception when validating 'occurs' in TC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-24 08:14:12 -07:00 |
|
Tom Eastep
|
0ed813972b
|
Auto-create ipsets used in tcfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-23 16:44:07 -07:00 |
|
Tom Eastep
|
f9cfde91e5
|
Correctly handle ipset in tcfilter DEST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-23 16:43:49 -07:00 |
|
Tom Eastep
|
3df488e710
|
Correct handling of ipsets in tcfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-23 16:28:36 -07:00 |
|
Tom Eastep
|
0efc7a4899
|
Correct restriction and chain number handling in the mangle files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-23 15:36:04 -07:00 |
|
Tom Eastep
|
e0203bca87
|
Correct nill address check in handling of 'origdest=detect'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-23 08:34:24 -07:00 |
|
Tom Eastep
|
34f2aeacea
|
Correct 'sed' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-22 09:59:30 -07:00 |
|
Tom Eastep
|
b160845713
|
Avoid compiler crash when LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-20 15:22:43 -07:00 |
|
Tom Eastep
|
b44628ddc8
|
Only specify 'counters' to ipset of IPSET_MATCH_COUNTERS is present
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-20 09:07:36 -07:00 |
|
Tom Eastep
|
31b6e9e299
|
Fix another DEST bug in mangle inline action handling :-(
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-18 10:15:43 -07:00 |
|
Tom Eastep
|
9fc56bb896
|
Correct typo in process_mangle_inline()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-17 09:29:32 -07:00 |
|
Tom Eastep
|
2c191bf595
|
Correct .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-16 15:07:34 -07:00 |
|
Tom Eastep
|
4bb942f1f9
|
Restrict hypen as range separator to use with integers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-16 13:29:00 -07:00 |
|
Tom Eastep
|
04051454bf
|
Reverse bad ECN handling patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-16 12:27:45 -07:00 |
|
Tom Eastep
|
e6f3d429a1
|
Renew timeout on matched dbl entries
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-16 09:42:45 -07:00 |
|
Tom Eastep
|
fad9dce3e6
|
Correct handling of ECN file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-16 08:33:01 -07:00 |
|
Tom Eastep
|
342f4ee0f2
|
Add the --exits option to ADD with timeout
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-15 16:43:44 -07:00 |
|
Tom Eastep
|
28849e60cf
|
Correct example in the shorewall6-masq manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-14 15:55:36 -07:00 |
|
Tom Eastep
|
b5906812a2
|
Accept '-' as the separator in a port range.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-14 10:10:03 -07:00 |
|
Tom Eastep
|
289825a76f
|
Update to logging article
- correct a typo
- recommend using NFLOG rather than ULOG
|
2016-10-12 10:02:59 -07:00 |
|
Tom Eastep
|
b80d4c2320
|
Don't allow shell meta characters in interface names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-11 17:01:45 -07:00 |
|
Tom Eastep
|
d5aaa66e0b
|
Detect bad characters in interface names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-11 10:56:41 -07:00 |
|
Tom Eastep
|
49fae96b09
|
Update the manpages for 'blacklist' verbosity
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-10 19:45:42 -07:00 |
|
Tom Eastep
|
b3e59322b6
|
Clean up the output of 'blacklist'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-10 13:26:01 -07:00 |
|
Tom Eastep
|
8c522a5c4d
|
Correct typo in lib.private
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-09 10:58:29 -07:00 |
|
Tom Eastep
|
abf57a4d1f
|
Correct indentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-09 09:29:04 -07:00 |
|
Tom Eastep
|
3058f2fb84
|
Delete code supporting old kernel/iproute2 IPv6 restrictions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-07 11:02:36 -07:00 |
|
Tom Eastep
|
0bf5ca7e0c
|
Rename lsm->foolsm in MultiISP article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-07 08:01:11 -07:00 |
|
Tom Eastep
|
b5e7e41708
|
Correct NFQUEUE! manpage description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-07 05:50:24 -07:00 |
|
Tom Eastep
|
eb6ae5e186
|
Correct handling of DYNAMIC_BLACKLIST options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-05 16:56:29 -07:00 |
|
Tom Eastep
|
941604ad01
|
Correct issue with updating DBL timeout
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-05 15:41:40 -07:00 |
|
Tom Eastep
|
14e8568d9e
|
Add the FIREWALL .conf option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-05 15:03:54 -07:00 |
|
Tom Eastep
|
ca7ca4bdfe
|
Add a 'timeout' option to DYNAMIC_BLACKLIST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-05 12:56:47 -07:00 |
|
Tom Eastep
|
c19e732e42
|
Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-04 10:00:00 -07:00 |
|
Tom Eastep
|
8d731c81e4
|
Add 'disconnect' option to ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-04 09:09:45 -07:00 |
|
Tom Eastep
|
6ad7d47eb6
|
Correct DYNAMIC_BLACKLISTING documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-03 08:19:19 -07:00 |
|
Tom Eastep
|
ed48eed0c6
|
Change order of options in .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-02 15:14:31 -07:00 |
|
Tom Eastep
|
97186e5402
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
|
2016-10-02 14:04:02 -07:00 |
|
Roberto C. Sánchez
|
64ab43f14f
|
Fix typos
|
2016-10-02 17:01:46 -04:00 |
|
Tom Eastep
|
36cd8d28a7
|
Merge branch '5.0.12'
|
2016-10-02 08:04:54 -07:00 |
|
Tom Eastep
|
1b032f7524
|
Correct permissions of files created by the 'save' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-01 13:49:35 -07:00 |
|
Tom Eastep
|
641a7146ca
|
Merge branch '5.0.12'
Conflicts:
Shorewall/Perl/lib.runtime
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-01 09:59:15 -07:00 |
|
Tom Eastep
|
72dbb4c3c3
|
Handle persistent provider enable/disable correctly
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-30 16:01:04 -07:00 |
|
Tom Eastep
|
bc591ccee4
|
Don't assume that statistically balanced providers are optional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-30 14:01:16 -07:00 |
|
Tom Eastep
|
c7e403bad0
|
Don't assume that statistical provider interfaces are optional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-30 13:37:58 -07:00 |
|
Tom Eastep
|
f989c2f5f6
|
Document 'persistent'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-30 11:34:57 -07:00 |
|
Tom Eastep
|
156313edd2
|
Correctly handle down persistent interface during 'disable'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-27 11:47:37 -07:00 |
|
Tom Eastep
|
35bd1db7fb
|
Handle Down or missing interfaces in 'delete_gateway()'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-27 11:43:26 -07:00 |
|
Tom Eastep
|
792b3b696c
|
Add ZERO_MARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-26 16:04:26 -07:00 |
|
Tom Eastep
|
3f8ddb11ab
|
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
|
2016-09-25 08:00:43 -07:00 |
|