Commit Graph

154 Commits

Author SHA1 Message Date
teastep
63dc4470ca Reimplement IPSEC MSS setting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1695 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-15 20:00:48 +00:00
teastep
2caf2acd88 Add MSS field to ipsec file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1693 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-15 18:46:27 +00:00
teastep
c3d2f62460 Detect duplicate zone names
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1691 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-14 22:31:52 +00:00
teastep
717b455bce Clarify CLAMPMSS Enhancement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1682 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-13 17:05:25 +00:00
teastep
d60d81ca35 Allow CLAMPMSS to set an explicit MSS value
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1679 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-13 00:42:26 +00:00
teastep
204b949836 Misc updates
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1677 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-12 16:38:46 +00:00
teastep
3b2535619e Fix a typo and add clarification to the blacklist file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1676 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-12 14:56:15 +00:00
teastep
cbe3463629 Correct logmartians handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1675 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-11 21:16:48 +00:00
teastep
d34d2e1393 Handle traffic from IPSEC hosts before traffic from non-IPSEC zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1669 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-09 00:06:45 +00:00
teastep
acc389ff68 Add AllowICMPs action and invoke from Drop and Reject
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1668 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-08 00:17:55 +00:00
teastep
aeb3d2cea2 Add AllowICMPs action and invoke from Drop and Reject
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-07 22:56:35 +00:00
teastep
ce9fa5ae75 Add 'sourceroute' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1658 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-03 00:44:12 +00:00
teastep
7a74380f7e Fix log rule number generation and implement LOGTAGONLY
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1649 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-25 17:18:25 +00:00
teastep
d8d466530f Fix DELAYBLACKLISTLOAD=No
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-23 14:30:54 +00:00
teastep
e330130881 Avoid double-setting proxy arp flags
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1630 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-16 19:30:54 +00:00
teastep
b28d49a397 DELAYBLACKLISTLOAD
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-15 20:04:36 +00:00
teastep
0a87d4db6a Allow bang range; relax OpenVPN source port restriction
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1621 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-13 22:16:15 +00:00
teastep
ec8e01d09c Add RETAIN_ALIASES option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-11 16:16:34 +00:00
teastep
4ea801abb5 Fix complex proxy arp handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1618 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-10 21:41:10 +00:00
teastep
247b48533c Remove 'logunclean' and 'dropunclean'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1615 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-09 20:42:50 +00:00
teastep
6f48c5e030 Fixes for iprange implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1614 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-09 20:18:49 +00:00
teastep
31d3885f4e Add support for CLASSIFY
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1610 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-08 20:13:31 +00:00
teastep
876b519b1a Add iprange support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1609 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-08 18:46:57 +00:00
teastep
07bc13f983 Allow ip range in the rule SOURCE
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1608 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-07 21:51:02 +00:00
teastep
5cf57190fb Fix shorewall.spec so that Shorewall will start up at boot
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-06 23:46:26 +00:00
teastep
b86d3f03d9 Don't NAT tunnel traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1605 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-06 19:58:10 +00:00
teastep
0649e6ad70 Verify physdev match if BRIDGING=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1602 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-05 23:43:08 +00:00
teastep
3ede79187f Fix tcrules PROTO processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1593 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-02 17:12:39 +00:00
teastep
8aab6ce8c6 Apply Richard Musil's patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1589 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-29 17:21:16 +00:00
teastep
0875484d8f Update for 2.1.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1586 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-27 22:16:22 +00:00
teastep
daae61131e Add user accounting; add SNAT/MASQ port remapping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-26 20:59:39 +00:00
teastep
420c4803bd Add negative policy tests
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1570 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-21 21:47:16 +00:00
teastep
414356a535 Update for 2.1.6
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1563 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-20 18:02:59 +00:00
teastep
d282947ccf Add IN and OUT SA options
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1561 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-20 15:37:56 +00:00
teastep
83ad53d6bf Deprecate the -c option in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1560 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-19 22:22:49 +00:00
teastep
16487eb51a New IPSEC Options
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1554 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-18 22:29:09 +00:00
teastep
af8baff5cb Apply policy to interface/host option rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-16 16:28:44 +00:00
teastep
e034b345ea Update release nodes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1545 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-15 20:18:49 +00:00
teastep
bbe514b417 Add 'allowBcast' standard action
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1539 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 20:44:15 +00:00
teastep
fae7312553 Relax source port = 500 ISAKMP restriction
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1538 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 19:03:10 +00:00
teastep
24e6d1191d IPSEC 2.6 Fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1537 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 18:39:09 +00:00
teastep
7d85e8d36c Back out DNAT ONLY change; fix new IPSEC
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1536 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 16:05:28 +00:00
teastep
a193b7bbba Remove SNAT in DNAT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1532 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-11 00:17:54 +00:00
teastep
3aff092003 Add DNAT ONLY column to /etc/shorewall/nat
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1531 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-10 20:18:15 +00:00
teastep
c8cc0c0212 Add note about the renaming of the LEAF/Bering file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1527 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-09 14:52:35 +00:00
teastep
11c1e325ef Update for Shorewall 2.1.3
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1525 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-07 15:27:52 +00:00
teastep
84cb8c445d First Cut at Kernel 2.6 IPSEC Support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1522 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-06 15:35:05 +00:00
teastep
d8a733aac0 Bring forward some changes from 2.0.8; Improve error messages; Implement STARTUP_ENABLED
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1519 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-02 21:48:40 +00:00
teastep
f82055bca8 More cleanup of action logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1502 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-28 19:22:00 +00:00
teastep
bd6192dc18 First cut of new action logging implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1500 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-28 02:36:40 +00:00