Commit Graph

3271 Commits

Author SHA1 Message Date
Tom Eastep
15a2fd14f9 Implement TARPIT target
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-28 15:23:30 -08:00
Tom Eastep
f96baca780 Use the readable representation of the SHA1 digest in the chain table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 11:13:10 -08:00
Tom Eastep
1b5f439609 Rewrite 'process_actions'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 09:28:02 -08:00
Tom Eastep
1655054de2 Rename 'externalize' to 'external_name'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 09:19:00 -08:00
Tom Eastep
89877ed3f7 Rename 'policy_rules' to 'add_policy_rules'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:58:13 -08:00
Tom Eastep
9649107a8e Rename 'apply_policy_rules' to 'complete_policy_chains'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:53:50 -08:00
Tom Eastep
33eb47a48a Reorder parameters and change identifiers in set_policy_chain()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:47:50 -08:00
Tom Eastep
6a15cead52 Cosmetic/commentary changes to the Config Module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 15:25:20 -08:00
Tom Eastep
f925358872 Minor Compiler Reorganization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 12:27:37 -08:00
Tom Eastep
35fc7b34b8 Minor code tweak
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-20 15:09:21 -08:00
Tom Eastep
79430673b8 Correct handling of duplicate states in the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-16 19:08:25 -08:00
Tom Eastep
695db284c0 Improve Mark Range Implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-15 11:19:23 -08:00
Tom Eastep
807b9ca627 Revert "Improve handling of mark ranges"
This reverts commit 62f480897e.
2014-12-15 09:39:24 -08:00
Tom Eastep
62f480897e Improve handling of mark ranges
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-14 09:13:41 -08:00
Tom Eastep
2d7025dcc3 Correct mark range handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-13 08:31:31 -08:00
Tom Eastep
a833815b31 Correct IPv6 handling of LOG_BACKEND=LOG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 08:56:42 -08:00
Tom Eastep
9241552c52 Make emacs sh-mode work better with lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 16:28:44 -08:00
Tom Eastep
16c1809ef2 Apply Alan Barrett's dhclient patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 13:39:23 -08:00
Tom Eastep
9a6047b3c4 Correct reversed naming of SHA chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-06 08:18:52 -08:00
Tom Eastep
5b4e3bc07c Accomodate new module names for LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 12:51:24 -08:00
Tom Eastep
dc3f163e71 Change the names of the sha1 chains for uniqueness
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-04 17:54:38 -08:00
Tom Eastep
8c0c1bd1e0 Omit the 'shorewall' chain from .ip[6]tables-restore-input
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 08:16:47 -08:00
Tom Eastep
8b825c4c4c Avoid failure of ip[6]tables-restore.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 07:56:05 -08:00
Tom Eastep
9598ac6fad Correct a couple of problems with -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 10:09:04 -07:00
Tom Eastep
8fb73026c8 Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
4546cbaff7 Use chains with names derived from a digest to identify ruleset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-31 11:36:53 -07:00
Tom Eastep
a83c146636 Cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 20:27:06 -07:00
Tom Eastep
2ffc97867c Correct syntax error in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 19:59:20 -07:00
Tom Eastep
f08803e293 Preserve counts on 'restart' without compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 18:38:45 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
edc30fcc8d Process the params file with SHOREWALL_SHELL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-29 12:22:00 -07:00
Tom Eastep
85e5669fc7 Rename function interface_up() to interface_enabled()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-27 18:38:22 -07:00
Tom Eastep
f5bdc9e7f4 Allow two limits in the RATE LIMIT columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 11:21:43 -07:00
Tom Eastep
3bae6e61cf Eliminate syntax errors in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:53:26 -07:00
Tom Eastep
5204cbc95f Suppress 'No ipsets were saved' warning when SAVE_IPSETS=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:50:12 -07:00
Tom Eastep
ea1b8ac63a Correct handling of empty LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:34:55 -07:00
Tom Eastep
820c769499 Correct silly bug in last change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-29 07:08:39 -07:00
Tom Eastep
e6b0666ac9 Save ipsets during normal stop (duh)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 18:43:11 -07:00
Tom Eastep
3174454300 Correct SAVE_IPSETS logic in Config.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 14:38:01 -07:00
Tom Eastep
ce1c367d1d Re-commit the fix that saves only the appropriate family
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 14:09:20 -07:00
Tom Eastep
3e2c903a41 Revert "Only save ipsets of the proper family"
This reverts commit b053cab630.
2014-09-28 13:32:32 -07:00
Tom Eastep
b053cab630 Only save ipsets of the proper family
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 12:58:52 -07:00
Tom Eastep
6f7d063921 Remove the target file before saving ipsets in the savesets command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:53:52 -07:00
Tom Eastep
3858683e94 Allow saving a specified list of ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:19:41 -07:00
Tom Eastep
38a18ac9ac Allow indefinite alternative to 'yes' and 'no'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-27 15:06:18 -07:00
Tom Eastep
a09484356c Support 'yes', 'no, <other> values for simple config options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-27 07:57:46 -07:00
Tom Eastep
bc8588a68e Fix rule numbers in trace output
- Don't increment $number needlessly when not tracing

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-27 07:57:09 -07:00
Tom Eastep
4989f694cd Correct trace output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 14:47:00 -07:00
Tom Eastep
053df2a5fb Go back to original insert_irule() fix.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 09:21:20 -07:00
Tom Eastep
976a1f3deb Merge branch '4.6.3'
Conflicts:
	Shorewall/Perl/Shorewall/Misc.pm
2014-09-25 08:06:16 -07:00
Tom Eastep
ea40068c10 Fix ADMINISABSENTMINDED=No used with stoppedrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 08:03:35 -07:00
Tom Eastep
56649e2183 Don't compile routestopped during check if there is stoppedrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 19:24:13 -07:00
Tom Eastep
520d21c056 Another tweak to LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 17:12:05 -07:00
Tom Eastep
540eff24aa Correctons to LOG_BACKEND implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 16:35:41 -07:00
Tom Eastep
580e00dabd Implement LOG_BACKEND option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 15:26:13 -07:00
Tom Eastep
4815f7eba3 Correct warning message in stoppedrules processing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 11:05:15 -07:00
Tom Eastep
7481514a97 Implement the 'terminating' action option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-23 09:29:13 -07:00
Tom Eastep
1f5439257a Revert "Implement the 'terminating' action option"
This reverts commit 6851744cb7.
2014-09-23 07:39:25 -07:00
Tom Eastep
d97d45f4ad Merge branch '4.6.3' 2014-09-23 07:10:17 -07:00
Tom Eastep
f9d98b74a2 Merge branch '4.6.2' into 4.6.3
Conflicts:
	Shorewall/Perl/Shorewall/Providers.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-16 08:09:20 -07:00
Tom Eastep
0d23b9c542 Don't verify required interfaces during 'stop' or 'clear'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-14 09:29:04 -07:00
Tom Eastep
a7bdfcc47b Refine the rule reduction fix
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-11 20:58:01 -07:00
Tom Eastep
988ee64621 Eliminate Redundant Rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-11 10:17:01 -07:00
Tom Eastep
9947f4d968 Re-enable SECTION PREROUTING in the accounting file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-10 12:53:08 -07:00
Tom Eastep
9e039e30e5 Issue warning message when /etc/iproute2/rt_tables is not writeable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-02 08:11:33 -07:00
Tom Eastep
6851744cb7 Implement the 'terminating' action option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:16:42 -07:00
Tom Eastep
f963adccf5 Correct silly typo in Chains.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-31 16:57:24 -07:00
Tom Eastep
fa8c3b3b6c Correct typo in error messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 08:34:33 -07:00
Tom Eastep
602ecad712 Cleaner code in expand_variables()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-20 11:25:49 -07:00
Tom Eastep
6f777098d7 Add 'wildcard' member to the interface table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 06:51:17 -07:00
Tom Eastep
e545329eb9 Modify the preceding fix to work with wildcard interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 06:50:59 -07:00
Tom Eastep
aedd9b5a76 Add 'wildcard' member to the interface table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-11 08:30:44 -07:00
Tom Eastep
427f38109e Some cosmetic cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-10 07:20:23 -07:00
Tom Eastep
0e1a1a3f44 Modify the preceding fix to work with wildcard interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-08 10:34:29 -07:00
Tom Eastep
b6161b8be7 Merge branch '4.6.2' 2014-08-08 08:30:04 -07:00
Tom Eastep
d3209ca624 Correct handling of a physical name in the provider INTERFACE column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-08 08:15:26 -07:00
Tom Eastep
5ef5aa8cdb Allow inline matches in an action file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-05 07:34:24 -07:00
Tom Eastep
0ca12bd86f Correct syntax error caused by replacing '%%' with '??'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-03 15:29:58 -07:00
Tom Eastep
a2f1c57246 Add DNSAmp action
- Allow escaping '@' allowing u32 in action body
- Allow inline matches in actions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-03 15:11:25 -07:00
Tom Eastep
fd42fa9f74 Make 'detect_configuration' work in the 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-01 07:34:40 -07:00
Tom Eastep
e49832f4b5 Run the 'init' script in the 'run' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-30 10:25:00 -07:00
Tom Eastep
0bf80c15d8 Detect missing <commmand> in the generated scrip
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 11:35:32 -07:00
Tom Eastep
31e5aeeaea Refine the 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
a7b18ca875 Implement 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
ad6c91bcbd Allow optimize level 8 to work with Perl 5.20.0.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-25 21:03:48 -07:00
Tom Eastep
461f7b10ba Detect Arptables JF capability when LOAD_HELPERS_ONLY = No.
- Move detection of Header Match to its proper ordinal.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-20 07:19:02 -07:00
Tom Eastep
2c9eda9cee Add some white space for readability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 18:33:02 -07:00
Tom Eastep
64fc3d2e43 Correct a typo that caused iset couter match to be mis-detected
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 10:27:29 -07:00
Tom Eastep
d0aed87546 Correct IPV6 ipset capabilities checking on 3.14 kernels
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 10:25:46 -07:00
Tom Eastep
56fa6bd78a Revert "Correct ipset detection on later kernels."
This reverts commit b207f64a85.
2014-07-19 10:22:12 -07:00
Tom Eastep
b207f64a85 Correct ipset detection on later kernels.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 08:55:02 -07:00
Tom Eastep
9f381209d5 Detect HEADER_MATCH when LOAD_MODULES_ONLY=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 07:20:28 -07:00
Tom Eastep
6771dc54ad Streamline some code from the last commit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-18 12:58:49 -07:00
Tom Eastep
417bd0138e Correct two problems with tcrules processing:
- SAVE and RESTORE didn't work
- '|' and '&' were ignored


Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-18 08:32:22 -07:00
Tom Eastep
2ed523101c Allow specification of the MAC address of a gateway
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-06 09:54:53 -07:00
Tom Eastep
c663a14c4d Correct TIME column handling in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-04 08:17:19 -07:00
Tom Eastep
8bfff55ed2 Add a TIME column to the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-04 08:01:14 -07:00
Tom Eastep
b1a6ec7f03 Merge branch '4.6.1' 2014-07-02 21:41:27 -07:00
Tom Eastep
cad8443e01 Allow SAVE/RESTORE rules in the OUTPUT chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-02 12:38:02 -07:00
Tom Eastep
2ad81f1a81 Apply Thibaut Chèze's patch for DSCP names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-02 12:37:50 -07:00
Tom Eastep
166e1a3df9 Allow SAVE/RESTORE rules in the OUTPUT chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-01 06:54:54 -07:00
Tom Eastep
84437ea689 Apply Thibaut Chèze's patch for DSCP names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-01 06:52:58 -07:00
Tom Eastep
7fdc398a5e Revert "Revert "Revert "Add a TIME column to the mangle file"""
This reverts commit 1165b2689c.
2014-06-27 08:23:04 -07:00
Tom Eastep
1165b2689c Revert "Revert "Add a TIME column to the mangle file""
This reverts commit 9c7fcd09fd.
2014-06-27 08:14:28 -07:00
Tom Eastep
2701b0a756 Correct number of columns in split_line2() calls.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-25 08:22:09 -07:00
Tom Eastep
9c7fcd09fd Revert "Add a TIME column to the mangle file"
This reverts commit 824b14b714.
2014-06-25 07:33:42 -07:00
Tom Eastep
824b14b714 Add a TIME column to the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-25 07:05:12 -07:00
Tom Eastep
122d58b122 Clear inline matches in perl_action_tcp_helper
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-21 07:58:27 -07:00
Tom Eastep
61bb73fd8c Correct handling of matches in action_tcp_helper()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-20 14:28:17 -07:00
Tom Eastep
36e31ed839 Correct typo in error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-08 09:40:50 -07:00
Tom Eastep
b55b6a913c Insert the server address list into the error message in DNAT/REDIRECT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-08 09:36:18 -07:00
Tom Eastep
9c9ae04c86 Raise an error when a server list is specified in a DNAT or REDIRECT rule
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-08 08:52:41 -07:00
Tom Eastep
c898129ad6 Correct pi-rho's patch to not deal with the loopback interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-06 13:12:02 -07:00
Tom Eastep
2cd5c41ec0 Clean up white space in pi-rho's patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-06 10:44:33 -07:00
Tom Eastep
bea5434de6 Merge branch '4.5.21' 2014-06-06 10:05:02 -07:00
Tom Eastep
8657dd97f7 Apply pi-rho's patch for rpfilter.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-06 10:04:42 -07:00
Tom Eastep
954cddc37a Enable 1:1 NAT in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 12:50:00 -07:00
Tom Eastep
5a22b14947 Enable 1:1 NAT in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 08:57:01 -07:00
Tom Eastep
6d3b1d80d4 Make 'update -A' convert the tcrules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 14:46:15 -07:00
Tom Eastep
c6565f051e Clean up checking for chain designators with SOURCE $FW.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 07:18:35 -07:00
Tom Eastep
c9b6d4a670 Correct CHECKSUM handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 07:18:06 -07:00
Tom Eastep
d15956feea Deprecate FORMAT-1 actions and macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-08 14:30:33 -07:00
Tom Eastep
f717d097d7 Apply Tuomo Soini's Macro format patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-07 12:19:24 -07:00
Tom Eastep
ba3a7d0621 Do not deprecate USE_DEFAULT_RT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-19 07:53:18 -07:00
Tom Eastep
4d4e8b3df4 Do nothing when a rules file section is empty.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 14:13:34 -07:00
Tom Eastep
240d3d8cab Improve interface option inheritence
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 13:36:06 -07:00
Tom Eastep
acda5482c4 If USE_DEFAULT_RT isn't specified, make it 'No'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 13:22:58 -07:00
Tom Eastep
e731ea1ca8 Revert "Always inherit interface options"
This reverts commit 65cde3475f.
2014-04-15 11:54:58 -07:00
Tom Eastep
65cde3475f Always inherit interface options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-15 11:37:51 -07:00
Tom Eastep
b3cd9ab15a Default to LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-12 11:05:28 -07:00
Tom Eastep
58700b2301 Correct the behavior of rpfilter when FASTACCEPT=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-31 07:29:29 -07:00
Tom Eastep
a9ac9c274e Correct the behavior of rpfilter when FASTACCEPT=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-31 07:28:30 -07:00
Tom Eastep
72869adcd6 Correct missing comment in trace entry.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:55 -07:00
Tom Eastep
0c8365001d Avoid spurious comments on jumps to section chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:48 -07:00
Tom Eastep
6274f8444f Correct missing comment in trace entry.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:23 -07:00
Tom Eastep
05816e94ee Avoid spurious comments on jumps to section chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:00 -07:00
Tom Eastep
0561b10adb Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2014-03-22 08:58:20 -07:00
Tom Eastep
db1b25b4d7 Restore small mark verification.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-22 08:38:57 -07:00
Tom Eastep
4de651ff55 Add a comment line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-19 10:38:41 -07:00
Tom Eastep
5981ce59e3 Include -t <table> in debug_restore_input() error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-19 10:25:37 -07:00
Tom Eastep
54a5e4af52 A couple of minor tweaks to the Chains module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-19 10:24:30 -07:00
Tom Eastep
4bd8d9791c Include -t <table> in debug_restore_input() error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-18 07:28:14 -07:00
Tom Eastep
39b7527cb6 Include rule priority in delete of generated address route rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-10 08:25:59 -07:00
Tom Eastep
08d29edf1a Include rule priority in delete of generated address route rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-10 08:24:38 -07:00
Tom Eastep
093ff580b5 Deprecate USE_DEFAULT_RT=No.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-09 07:48:05 -07:00
Tom Eastep
cea237620a Change USE_DEFAULT_RT default to 'Yes'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-09 07:42:22 -07:00
Tom Eastep
c9d7370fb4 Merge branch '4.5.21'
Conflicts:
	Shorewall/manpages/shorewall.conf.xml
	Shorewall6/manpages/shorewall6.conf.xml

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-05 09:00:34 -08:00
Tom Eastep
8b4d8bfa16 Finish ADMINISABSENDMINDED change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-05 08:57:03 -08:00
Tom Eastep
4eadec234a Revert "Correct the behavior of ADMINISABSENTMINDED"
This reverts commit ded747a51a.
2014-03-02 08:25:05 -08:00
Tom Eastep
2b489993ca Revert "Correct the behavior of ADMINISABSENTMINDED"
This reverts commit df09e0ccc5.
2014-03-02 08:23:23 -08:00