Tom Eastep
|
cd5e9be467
|
Carefully suppress duplicate rules in all tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-02 12:20:24 -08:00 |
|
Tom Eastep
|
f358a78eca
|
Revise the description of 'noinline' to match the changed implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-01 09:33:38 -08:00 |
|
Tom Eastep
|
8cbe26e32c
|
Ignore 'inline' for certain actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-01 07:54:42 -08:00 |
|
Tom Eastep
|
15121e0743
|
Also substitute the chain name for '@0' in SWITCH names.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-29 08:05:49 -08:00 |
|
Tom Eastep
|
9c0d8a2533
|
Use '@{0}' as the chain name surrogate in SWITCH columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-29 07:17:13 -08:00 |
|
Tom Eastep
|
bff91cd325
|
Allow overriding 'inline' on some standard actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-28 15:03:08 -08:00 |
|
Tom Eastep
|
8006d150f1
|
Allow switch initialization.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-27 16:17:43 -08:00 |
|
Tom Eastep
|
d7096ae52e
|
Back out default-action macros and document in-line actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-27 10:53:18 -08:00 |
|
Tom Eastep
|
7673b1ac4b
|
Support multiple parameters in macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-26 11:04:19 -08:00 |
|
Tom Eastep
|
fc87576005
|
Back out silly change for output interfaces in the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-26 09:47:42 -08:00 |
|
Tom Eastep
|
21c2963691
|
Correct Format-3 syntax for the SOURCE column of the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-26 07:48:43 -08:00 |
|
Tom Eastep
|
e7dee420ee
|
Allow interfaces in the DEST column of the conntrack file when the chain is OUTPUT.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 18:37:23 -08:00 |
|
Tom Eastep
|
642f192b3d
|
Disallow destination interface in the OUTPUT chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 15:37:53 -08:00 |
|
Tom Eastep
|
fb3194d96b
|
Correct handling of default-action macro when specified as "macro.Name"
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 10:16:43 -08:00 |
|
Tom Eastep
|
629717f7cc
|
Correct policy manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 09:33:46 -08:00 |
|
Tom Eastep
|
8c2db40783
|
Correct errors in the conntrack manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 08:52:51 -08:00 |
|
Tom Eastep
|
dbfc805707
|
Add 'IU' state in secmarks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 08:10:53 -08:00 |
|
Tom Eastep
|
748d532175
|
Correct the explaination of ULOG and NFLOG in the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-24 09:11:28 -08:00 |
|
Tom Eastep
|
30de211bda
|
Implement format-3 conntrack files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 20:56:56 -08:00 |
|
Tom Eastep
|
8a744de906
|
Document semantic change to 'all' handling in the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 09:10:07 -08:00 |
|
Tom Eastep
|
df7ce1a7d1
|
Add the AUDIT built-in and delete the Audit action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 08:24:33 -08:00 |
|
Tom Eastep
|
3040156981
|
Add SWITCH column to the conntrack file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 14:20:56 -08:00 |
|
Tom Eastep
|
952aed225d
|
Improve handling of 'all' in the conntrack file.
- Also added 'all-' to represent all off-firewall zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 13:07:01 -08:00 |
|
Tom Eastep
|
7bfbf522bc
|
Document that parameters are allowed in default actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 11:12:55 -08:00 |
|
Tom Eastep
|
3b20c0db54
|
Allow Macros to be used as Default Actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 16:52:10 -08:00 |
|
Tom Eastep
|
60a509c926
|
Add new macros and alphabetize the ACTION list in the rules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 08:19:12 -08:00 |
|
Tom Eastep
|
9dac330756
|
Remove references to USE_ACTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:13:20 -08:00 |
|
Tom Eastep
|
c6ffdd67e2
|
Add DROP target to the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 11:35:40 -08:00 |
|
Tom Eastep
|
5265cd5bb7
|
Add UNTRACKED match to the secmarks file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 11:01:49 -08:00 |
|
Tom Eastep
|
ab381ed95e
|
Expand the description of enable/disable on optional non-provider interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 09:01:38 -08:00 |
|
Tom Eastep
|
0277d6628e
|
Correct typo in shorewall(8) and shorewall6(8).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 08:30:47 -08:00 |
|
Tom Eastep
|
a2b14c37ed
|
Treat optional interfaces as pseudo-providers.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-16 09:48:21 -08:00 |
|
Tom Eastep
|
4b6fdf8b72
|
Update masq manpage to expunge exclusion with an interface name in the SOURCE column.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-04 09:11:37 -08:00 |
|
Tom Eastep
|
86ae74005a
|
Correct invalid information in shorewall[6]-tcclasses.
- Delete part about an interface only appearing once.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-29 12:46:58 -07:00 |
|
Tom Eastep
|
e908473d29
|
Clean up description of CHECKSUM in the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-26 11:22:54 -07:00 |
|
Tom Eastep
|
e177916c12
|
Implement statistical marking in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-26 07:10:26 -07:00 |
|
Tom Eastep
|
0387b16983
|
Implement CHECKSUM action in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-22 15:42:13 -07:00 |
|
Tom Eastep
|
f24e194819
|
Don't display chains with no matched entries when -b
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-22 14:15:37 -07:00 |
|
Tom Eastep
|
5a103e8ec5
|
Make options consistent (add a '-' before 't')
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-20 07:15:44 -07:00 |
|
Paul Gear
|
cf68379c4c
|
Document brief option for show command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-20 07:11:56 -07:00 |
|
Paul Gear
|
6c06302d2a
|
Make formatting of interface options consistent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-20 07:11:48 -07:00 |
|
Tom Eastep
|
cc90a06958
|
Add RESTORE_ROUTEMARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-11 07:34:57 -07:00 |
|
Tom Eastep
|
1195661264
|
Document new Dynamic Zone implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-07 12:20:36 -07:00 |
|
Tom Eastep
|
83d3d04afb
|
Correct typos (omma -> comma) in the stoppedrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-23 06:51:56 -07:00 |
|
Tom Eastep
|
32f89fa24b
|
Don't unconditionally detect helpers when LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-22 09:27:13 -07:00 |
|
Tom Eastep
|
af5eb575c2
|
Add tcfilter example with PRIORITY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-21 07:40:33 -07:00 |
|
Tom Eastep
|
e14f5e5199
|
Swicth from postincrement to preincrement when bumping 'filterpri'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-17 10:46:31 -07:00 |
|
Tom Eastep
|
0400cedc6c
|
More TC manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-14 08:01:08 -07:00 |
|
Tom Eastep
|
a581958042
|
Document filter priority algorithm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-13 16:31:39 -07:00 |
|
Tom Eastep
|
14073e8943
|
Change TOS priority offset from 10 to 15
- Make it distinct from tcp-ack
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-13 08:25:05 -07:00 |
|