Commit Graph

14442 Commits

Author SHA1 Message Date
Tom Eastep
46b8e2e957
Avoid exception when validating 'occurs' in TC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-24 08:14:12 -07:00
Tom Eastep
0ed813972b
Auto-create ipsets used in tcfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-23 16:44:07 -07:00
Tom Eastep
f9cfde91e5
Correctly handle ipset in tcfilter DEST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-23 16:43:49 -07:00
Tom Eastep
3df488e710
Correct handling of ipsets in tcfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-23 16:28:36 -07:00
Tom Eastep
0efc7a4899
Correct restriction and chain number handling in the mangle files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-23 15:36:04 -07:00
Tom Eastep
e0203bca87
Correct nill address check in handling of 'origdest=detect'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-23 08:34:24 -07:00
Tom Eastep
34f2aeacea
Correct 'sed' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-22 09:59:30 -07:00
Tom Eastep
b160845713
Avoid compiler crash when LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-20 15:22:43 -07:00
Tom Eastep
b44628ddc8
Only specify 'counters' to ipset of IPSET_MATCH_COUNTERS is present
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-20 09:07:36 -07:00
Tom Eastep
31b6e9e299
Fix another DEST bug in mangle inline action handling :-(
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-18 10:15:43 -07:00
Tom Eastep
9fc56bb896
Correct typo in process_mangle_inline()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-17 09:29:32 -07:00
Tom Eastep
2c191bf595
Correct .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 15:07:34 -07:00
Tom Eastep
4bb942f1f9
Restrict hypen as range separator to use with integers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 13:29:00 -07:00
Tom Eastep
04051454bf
Reverse bad ECN handling patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 12:27:45 -07:00
Tom Eastep
e6f3d429a1
Renew timeout on matched dbl entries
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 09:42:45 -07:00
Tom Eastep
fad9dce3e6
Correct handling of ECN file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 08:33:01 -07:00
Tom Eastep
342f4ee0f2
Add the --exits option to ADD with timeout
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-15 16:43:44 -07:00
Tom Eastep
28849e60cf
Correct example in the shorewall6-masq manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-14 15:55:36 -07:00
Tom Eastep
b5906812a2
Accept '-' as the separator in a port range.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-14 10:10:03 -07:00
Tom Eastep
289825a76f
Update to logging article
- correct a typo
- recommend using NFLOG rather than ULOG
2016-10-12 10:02:59 -07:00
Tom Eastep
b80d4c2320
Don't allow shell meta characters in interface names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-11 17:01:45 -07:00
Tom Eastep
d5aaa66e0b
Detect bad characters in interface names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-11 10:56:41 -07:00
Tom Eastep
49fae96b09
Update the manpages for 'blacklist' verbosity
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-10 19:45:42 -07:00
Tom Eastep
b3e59322b6
Clean up the output of 'blacklist'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-10 13:26:01 -07:00
Tom Eastep
8c522a5c4d
Correct typo in lib.private
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-09 10:58:29 -07:00
Tom Eastep
abf57a4d1f
Correct indentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-09 09:29:04 -07:00
Tom Eastep
3058f2fb84
Delete code supporting old kernel/iproute2 IPv6 restrictions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-07 11:02:36 -07:00
Tom Eastep
0bf5ca7e0c
Rename lsm->foolsm in MultiISP article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-07 08:01:11 -07:00
Tom Eastep
b5e7e41708
Correct NFQUEUE! manpage description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-07 05:50:24 -07:00
Tom Eastep
eb6ae5e186
Correct handling of DYNAMIC_BLACKLIST options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 16:56:29 -07:00
Tom Eastep
941604ad01
Correct issue with updating DBL timeout
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 15:41:40 -07:00
Tom Eastep
14e8568d9e
Add the FIREWALL .conf option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 15:03:54 -07:00
Tom Eastep
ca7ca4bdfe
Add a 'timeout' option to DYNAMIC_BLACKLIST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 12:56:47 -07:00
Tom Eastep
c19e732e42
Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-04 10:00:00 -07:00
Tom Eastep
8d731c81e4
Add 'disconnect' option to ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-04 09:09:45 -07:00
Tom Eastep
6ad7d47eb6
Correct DYNAMIC_BLACKLISTING documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-03 08:19:19 -07:00
Tom Eastep
ed48eed0c6
Change order of options in .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-02 15:14:31 -07:00
Tom Eastep
97186e5402
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-10-02 14:04:02 -07:00
Roberto C. Sánchez
64ab43f14f
Fix typos 2016-10-02 17:01:46 -04:00
Tom Eastep
36cd8d28a7
Merge branch '5.0.12' 2016-10-02 08:04:54 -07:00
Tom Eastep
1b032f7524
Correct permissions of files created by the 'save' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-01 13:49:35 -07:00
Tom Eastep
641a7146ca
Merge branch '5.0.12'
Conflicts:
	Shorewall/Perl/lib.runtime

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-01 09:59:15 -07:00
Tom Eastep
72dbb4c3c3
Handle persistent provider enable/disable correctly
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-30 16:01:04 -07:00
Tom Eastep
bc591ccee4
Don't assume that statistically balanced providers are optional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-30 14:01:16 -07:00
Tom Eastep
c7e403bad0
Don't assume that statistical provider interfaces are optional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-30 13:37:58 -07:00
Tom Eastep
f989c2f5f6
Document 'persistent'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-30 11:34:57 -07:00
Tom Eastep
156313edd2
Correctly handle down persistent interface during 'disable'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-27 11:47:37 -07:00
Tom Eastep
35bd1db7fb
Handle Down or missing interfaces in 'delete_gateway()'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-27 11:43:26 -07:00
Tom Eastep
792b3b696c
Add ZERO_MARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-26 16:04:26 -07:00
Tom Eastep
3f8ddb11ab
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2016-09-25 08:00:43 -07:00