Commit Graph

576 Commits

Author SHA1 Message Date
teastep
f3ea3c7edb Avoid annoying 'ipset:not found' message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-22 22:24:28 +00:00
teastep
fbabd7d6ef Obviate the need for 'loose'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2389 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-21 19:48:33 +00:00
teastep
ca8e5631d3 Make \!<address> work in the SUBNET column of the masq file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2374 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-20 01:10:28 +00:00
teastep
687704eff2 Add 'loose' provider option; add COPY column to providers file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-18 22:40:26 +00:00
teastep
318e204358 Re-implement MACLIST_TTL
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 22:08:15 +00:00
teastep
c6e3e84352 Disable MACLIST_TTL
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 16:52:21 +00:00
teastep
1b5ac5c7d3 Make /sbin/shorewall issue a warning whenever startup is disabled
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2348 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-15 20:50:01 +00:00
teastep
379b58f628 A better patch to avoid blocking DHCP broadcasts during MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2330 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-13 15:26:51 +00:00
teastep
ef9d22b647 Avoid blocking DHCP broadcasts during MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2327 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-13 14:29:52 +00:00
teastep
d050552a36 Make TCPFLAGS_LOG_LEVEL=ULOG work with iptables-1.3.2.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2322 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-12 00:42:08 +00:00
teastep
7d924c3b82 A couple of little buglets. 1) detect duplicate tracked interface in providers file; 2) don't permit destination interface in PREROUTING marking rule
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2315 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 23:23:45 +00:00
teastep
d11dc2b58a Apply Cristian's patch for default route after reboot
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 20:12:49 +00:00
paulgear
4f8bbb5866 Copy latest development version from Shorewall2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2269 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 06:13:05 +00:00
paulgear
2a19eb8a5a Copy latest 2.4 version from Shorewall2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:55:29 +00:00
paulgear
90dd62e89e Copy latest 2.2 version from STABLE2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:45:05 +00:00
paulgear
921a7223d4 Copy latest 2.0 code from STABLE2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 04:45:32 +00:00
teastep
ccd528ec8c Shorewall 1.4.10d +
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1216 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-03-20 15:40:06 +00:00
teastep
d711731678 Fix multiple excluded zone handling in DNAT/REDIRECT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1181 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-03-04 15:24:59 +00:00
teastep
7f19ec0c73 Fix another masq file bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-09 20:46:22 +00:00
teastep
76c135e123 Shorewall-1.4.10a
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1129 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-08 20:36:46 +00:00
teastep
6ae5a4eb93 Fix problem in masq file parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1124 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-05 20:19:29 +00:00
teastep
97ea8c60d7 Fix problem in masq file parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-05 20:13:24 +00:00
teastep
f67cb1eab8 Fix PROTO fix fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1098 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 23:29:50 +00:00
teastep
304a502d38 Fix PROTO fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1097 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 23:24:30 +00:00
teastep
76b5918a13 Fix handling of 'all' or '-' in the PROTO column of an action file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1096 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 19:11:51 +00:00
teastep
d116d04fb8 Don't add broadcasts to /0 groups
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1095 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-28 00:52:03 +00:00
teastep
b4d0cbd1b1 Don't feed the smurfs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1093 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 22:33:32 +00:00
teastep
3a82d46762 1.4.10 RC2 and fixes for broadcast rejects, ratelimiting and CONTINUE rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1092 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 21:16:07 +00:00
teastep
2e80e459bb RC1 and 'detectnets' option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1089 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-23 23:48:30 +00:00
teastep
22df211052 Applied Fr�d�ric LESPEZ's patch for packet marking by user/group id
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1088 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 20:24:56 +00:00
teastep
58ac5fd852 Correct messages generated out of setup_masq()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1087 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 16:59:40 +00:00
teastep
c07e450d5a Refine masq destination list code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1086 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 03:27:03 +00:00
teastep
d362f734d9 Destination exclude list in masq file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1085 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 02:06:56 +00:00
teastep
0c6299465d Fix SNAT handling in DNAT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@869 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-16 21:52:37 +00:00
teastep
9763f0caf3 Allow actions to be used in other actions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@809 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-07 18:15:55 +00:00
teastep
7a7597466d Clean up Action Change
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@806 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-05 20:34:01 +00:00
teastep
90263f43af Add user-defined Actions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-04 02:01:08 +00:00
teastep
380b8e2ce8 Add MODULE_SUFFIX option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@797 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-01 16:10:08 +00:00
teastep
9fde389c31 Log 'norfc1918'
packets out of 'rfc1918' chains


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-27 18:39:11 +00:00
teastep
a3eaa7f9af Rework ip_forward handling; update release file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@791 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-27 18:24:57 +00:00
teastep
80981e802e Fix NONE policy validation and 'routeback' for wildcard interfaces
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@786 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-08 02:38:30 +00:00
teastep
306ca3718f Correct handling of broadcast addresses in MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@784 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-31 15:30:07 +00:00
teastep
f046ea3ab1 Fix route filtering
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-30 15:42:45 +00:00
teastep
0f72f92c48 Another fix for <zone>_frwd chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@780 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-26 16:22:01 +00:00
teastep
5448a9cc38 Expand chain naming
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-25 00:54:01 +00:00
teastep
20a23dc925 Re-add optimization for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@771 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-19 14:57:48 +00:00
teastep
1fd0345510 Re-add optimization for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@769 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-15 18:34:05 +00:00
teastep
ff2b9ce193 Remove 'complex zone' optimization
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@768 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-15 18:17:23 +00:00
teastep
67ad01a56f Added BLACKLISTNEWONLY
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@765 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-11 16:06:00 +00:00
teastep
55ddfb8c78 Fix error handling after 'Unable to determine the routes...'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@764 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-10 03:00:26 +00:00
teastep
97825f937c Clean up QUEUE target code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@763 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-09 22:33:44 +00:00
teastep
c80dacd86a p2pwall integration
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@762 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-09 21:26:08 +00:00
teastep
3d7df0dd62 Correct icmp fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@761 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-08 18:45:26 +00:00
teastep
5b54d21d07 Don't use multiport match on ICMP
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@760 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-08 15:07:18 +00:00
teastep
9a51cb0b60 Merge Tuomo Soini's fix for /bin/ash
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@758 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-08 14:53:26 +00:00
teastep
f30faa416f Fix user/group name and qualified destination
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@752 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-03 14:39:34 +00:00
teastep
5d489f01f9 Change 'logunclean' messages to reflect LOG disposition
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@750 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-02 04:48:30 +00:00
teastep
45e63c15ac Blacklist before DHCP
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-01 00:07:14 +00:00
teastep
2e4f97175d Correct handling of missing common.def file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@748 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-27 14:54:16 +00:00
teastep
f88241a6f1 Fix rules file processing with missing policy
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@747 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-26 21:34:16 +00:00
teastep
ddb925c133 Reword error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@745 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-22 21:44:22 +00:00
teastep
9f14855704 Allow user:group in USER SET column of rules file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@744 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-19 19:42:05 +00:00
teastep
a18c573868 Beta 2 plus fix proxy ARP routes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@738 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-16 19:44:49 +00:00
teastep
bb20363bb2 Fix for IPV6 addresses and the 'ip' utility
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@735 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-28 18:02:59 +00:00
teastep
5e8a20b455 Fix adding range of aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@733 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-27 19:37:53 +00:00
teastep
47b75c3c87 Correct backout of Smart Blacklisting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@729 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-25 02:02:44 +00:00
teastep
29ae535021 Correct backout of Smart Blacklisting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@728 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-25 01:49:34 +00:00
teastep
41de5afd06 Decommit per-interface dynamic blacklisting; warnings on 'unclean' dependencies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@726 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-24 01:24:23 +00:00
teastep
54569f4782 Userset fix and logging fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@724 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-23 18:14:59 +00:00
teastep
3ee26da51c Henry Yang's patch plus fix LOGRATE/ratelimit conflict on rules file logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-22 15:27:08 +00:00
teastep
90b5b607a6 Allow chains with IP addresses as names
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@721 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-21 13:18:51 +00:00
teastep
e58b08c4b7 Redesign Accounting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@720 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-20 16:54:27 +00:00
teastep
b5c9917c79 Add RATE LIMIT column; allow multiple chains in a 'show' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@718 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-15 15:54:13 +00:00
teastep
b68171cc23 Better fix for generic firewall parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@714 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-14 13:57:09 +00:00
teastep
3458f3e0f4 Fix generic firewall parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@713 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-14 02:08:51 +00:00
teastep
d55bcfca0b Rate Limiting in Rules - Part 7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@711 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 21:31:02 +00:00
teastep
8d9ec49a6b Rate Limiting in Rules - Part 4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@708 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 18:51:18 +00:00
teastep
e454c7fe73 Rate Limiting in Rules - Part 3
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@707 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 18:48:28 +00:00
teastep
88dbd252af Rate Limiting in Rules - Part 1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@705 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 17:07:05 +00:00
teastep
552d738579 Allow bridge devices in /etc/shorewall/maclist
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@704 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 00:19:24 +00:00
teastep
a1c1785048 Allow degenerate rules; replace 'chain_exists' with 'havechain' in accounting code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@701 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-11 17:44:23 +00:00
teastep
ab073a41a4 Added CHAIN declarations
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@698 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-11 01:36:32 +00:00
teastep
24ed025834 Conditionally create accounting chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@697 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:22:19 +00:00
teastep
347ed2f629 Conditionally create accounting chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@696 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:19:36 +00:00
teastep
7cb2d841aa Conditionally create accounting chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@695 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:12:30 +00:00
teastep
ac8585b68a Complete accounting support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@694 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:01:21 +00:00
teastep
1144d736bf Correct bug in accounting file processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@693 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 15:06:23 +00:00
teastep
3c24144487 Add IP accounting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@692 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 01:11:50 +00:00
teastep
b235cd19e1 Add arp_filter interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@690 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-08 20:55:06 +00:00
teastep
4192870cb2 Add support for range lists in /etc/shorewall/masq
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@687 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-06 23:50:33 +00:00
teastep
c8b9cbfd35 Generic tunnels
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@686 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-06 00:06:44 +00:00
teastep
b2729de062 Fix adding addresses to P-T-P devices
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@683 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-05 15:05:45 +00:00
teastep
4c08cc4780 ADMINISABSENTMINDED Option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@681 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-29 23:04:04 +00:00
teastep
617c0d311e Remove braindead code; prevent 'stop' when 'start' is disabled
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@680 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-28 17:32:41 +00:00
teastep
f7ea7cdd41 Snapshot 1.4.6_20030726
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@678 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-26 16:44:38 +00:00
teastep
a63d259b40 Move call to determine_capabilities so that MANGLE_ENABLED is set before it is tested
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@674 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-22 14:25:36 +00:00
teastep
9188253bd4 {
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@670 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-21 22:02:34 +00:00
teastep
afd7840558 Suppress DHCP message when there are no DHCP rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-18 23:12:34 +00:00
teastep
c89d302114 Streamline module loading
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@663 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-16 03:22:45 +00:00
teastep
0c8365f7bb Support 2.6 compressed modules; add chain name to policy display in 'check' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@662 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-16 03:07:38 +00:00
teastep
defe814ca5 More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@659 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 20:25:03 +00:00
teastep
8dce6e9522 More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@658 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 20:16:24 +00:00
teastep
528c7b549a More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@657 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 19:51:25 +00:00
teastep
31f6e580e4 More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@656 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 19:43:32 +00:00
teastep
94ceb711b7 Fix exclude zone processing in DNAT and REDIRECT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@655 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 16:44:35 +00:00
teastep
5b03f63961 Fix exclude zone processing in DNAT and REDIRECT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 16:20:45 +00:00
teastep
cf62edd5ca Add local variable to find_hosts_by_option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@648 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 16:27:40 +00:00
teastep
ed899188f8 Allow address lists in /etc/shorewall/hosts entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@647 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 16:10:23 +00:00
teastep
c615aa868a Allow address lists in /etc/shorewall/hosts entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@646 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 15:31:26 +00:00
teastep
045318946f Reword error message to use terminaolgy from documentation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@640 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 20:49:23 +00:00
teastep
3c5dd9167f Remove duplicate pattern in case statement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@639 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 20:36:03 +00:00
teastep
a4183f21fe Add empty variable for 'call' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@638 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 19:52:34 +00:00
teastep
24d864d427 Fix my application of Simon Matter's Patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 18:17:40 +00:00
teastep
678e23918b Add undocumented 'call' commands to /sbin/shorewall and /usr/share/shorewall/firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@635 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:55:43 +00:00
teastep
17a7a0492d Take care of some ipcalc anomalies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@634 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:41:28 +00:00
teastep
b1b3d09473 Move IP Address Manipulation Functions to /usr/share/shorewall/functions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@631 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 16:24:41 +00:00
teastep
9a6c36c146 Remove requirement for XOR
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@626 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-04 15:08:29 +00:00
teastep
807e808318 Clear original dest when it is 0.0.0.0/0
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@625 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-03 16:12:28 +00:00
teastep
5b9d1f7460 Cleanup of code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@624 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-02 23:12:14 +00:00
teastep
6a1c9df7c9 Fix DNAT[-] destination list handling; add shell validation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-01 20:29:01 +00:00
teastep
fc1cc9b0eb Fix capability report -- Simon Matter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@622 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-30 14:21:42 +00:00
teastep
06e38b587d SHOREWALL_SHELL parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@621 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-28 15:22:22 +00:00
teastep
52bc8bca5e Add MULTIPORT to the list of detected capabilities
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-28 01:09:12 +00:00
teastep
7a2cad4d07 Add Conntrack Match Capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@618 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-27 21:02:52 +00:00
teastep
f562fa4836 Correct ip_range handling of CIDR
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@617 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-26 14:29:24 +00:00
teastep
753cf160e4 Replace multiplication by bit shift in decodeaddr()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@616 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-25 19:20:23 +00:00
teastep
08c45deb2e Make new code work on lesser shells
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@613 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 23:04:50 +00:00
teastep
8683295810 More tweaking of address manipulation code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@611 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 17:51:33 +00:00
teastep
c3eab43a3b Fix addition of IP addresses
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@610 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 00:44:53 +00:00
teastep
0b075e78b6 Fix addition of IP addresses
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@609 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 00:42:28 +00:00
teastep
9aaef4d05a Add load-balancing support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@607 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-22 22:56:25 +00:00
teastep
b33ffddc7b Fix label creation for IP address ranges
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-22 21:22:57 +00:00
teastep
debf41d707 Allow IP ranges with ADD_SNAT_ALIASES=Yes; Fix add_ip_aliases to match proper subnet to add to
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@605 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-22 16:58:33 +00:00
teastep
d6262099c6 Add FIN to accepted flags for NEWNOTSYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@604 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-19 20:19:41 +00:00
teastep
ea38e5f72b Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@602 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:55:16 +00:00
teastep
cc9fd2b4ef Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@601 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:49:54 +00:00
teastep
88595aec4f Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@600 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:40:35 +00:00
teastep
045263c704 Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@599 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:24:16 +00:00
teastep
027e5fcd0f Implemented 'newnotsyn' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@596 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 18:37:37 +00:00
teastep
170c3df6c4 Work around RH7.3 'service' anomaly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@595 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 18:26:05 +00:00
teastep
4e26bb4ba4 Back out changes for reject processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@589 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 23:57:35 +00:00
teastep
3bb2d171ae Fix REJECT processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@588 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 19:46:50 +00:00
teastep
275a8ca33f Don't whine about LOG policy rule; Accept RELATED connections during [re]start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@587 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 01:01:48 +00:00
teastep
1c2f75656d More cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@585 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 22:01:50 +00:00
teastep
70d8293d88 Re-add logging code that was mistakenly deleted
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@584 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 19:26:56 +00:00
teastep
2bdcada874 Fix routestopped; minor fix in rules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@583 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 18:08:35 +00:00
teastep
184d7aac40 More cleanup of rules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@581 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 18:14:57 +00:00
teastep
18cfd011c3 A small cleanup of the rules parsing code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@580 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 16:51:34 +00:00
teastep
89bb721da4 More ORIGINAL DEST fixes; restore last 'Hits' report
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 03:14:20 +00:00
teastep
e3bafeecaa Make excludehosts work for OUTPUT; correct destination in DNAT rule
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@578 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-31 16:34:17 +00:00
teastep
d9268be1c4 List on original dest; debugging try
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@577 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-31 15:29:14 +00:00
teastep
df6a59cf68 Shorewall-1.4.4b
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@575 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-29 14:43:47 +00:00
teastep
e70a63f267 Shorewall-1.4.4a
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@573 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-28 19:20:23 +00:00
teastep
59660f2576 Restore 5-character zone name capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@572 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-27 17:49:13 +00:00
teastep
66337f3cda Restore 5-character zone name capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@570 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-27 17:42:12 +00:00
teastep
09392c88d3 Move DNAT and REDIRECT logging to the nat table
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@567 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-22 20:37:24 +00:00
teastep
e33573eff9 Change LOGMARKER/LOGFORMAT Implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@566 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-21 21:36:05 +00:00
teastep
c15c93c7d1 Implement REDIRECT-
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@564 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-20 23:27:11 +00:00
teastep
019fc32d26 Enable loopback interface earlier in startup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@550 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-16 15:19:57 +00:00
teastep
bbcbbca6b8 Implement LOGMARKER variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-25 16:22:18 +00:00
teastep
554970dcc4 Correct Syntax Error
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@544 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-21 23:04:52 +00:00
teastep
f404c75b2f Add 6to4 tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@543 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-21 15:12:59 +00:00
teastep
99cb231761 Remove temporary directory at completion of 'add' and 'delete' commands
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@541 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-18 03:09:51 +00:00
teastep
8b5cadbdff Add a catchall rule for old REJECT handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@539 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-16 16:54:46 +00:00
teastep
a7cd930b96 Add comments to REJECT improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@538 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-14 01:01:01 +00:00
teastep
d44564fab8 Improve REJECT processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@537 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-14 00:47:47 +00:00
teastep
850f18bea6 Make a more conservative patch to fix the 'traceroute -I' problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@531 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-01 14:58:47 +00:00
teastep
e16e47893d Add 'routeback' option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@530 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-01 02:00:37 +00:00
teastep
02a42e2fb0 INCLUDE directive; make 'traceroute -I' work again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-29 14:37:50 +00:00
teastep
b49e944321 Remove trailing white space
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@526 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:56:31 +00:00
teastep
777202cb11 Remove superfluous -s specification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@525 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:55:16 +00:00
teastep
b5d3078fa6 Add intermediate input chain for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@524 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:02:29 +00:00
teastep
886ad1e547 Add intermediate input chain for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@523 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:01:53 +00:00
teastep
1a36e13f8c Fix 'check' command shell message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@522 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-23 23:53:10 +00:00
teastep
04d78dc49f Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@517 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:49:40 +00:00
teastep
526f0f9eb8 Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:47:19 +00:00
teastep
cb5d9460b8 Cleanup new policy code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@514 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:25:17 +00:00
teastep
e6d9dda852 Cleanup new policy code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@513 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:23:03 +00:00
teastep
5be79ecde7 NONE Policy; Allow Intrazone connections; no bounce rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@510 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 04:14:20 +00:00
teastep
8556250875 Only check 'ipchains' module on start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-11 15:45:29 +00:00
teastep
8918a72c13 Ignore default route when detecting masq networks; refuse to start with ipchains module loaded
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@497 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-11 14:55:01 +00:00
teastep
0d7c31371a Restore the 'check' command to the comments in the 'firewall' script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@496 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-10 00:47:12 +00:00
teastep
7fab125525 Drop INVALID state packets; rate limit NEWNOTSYN logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@495 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-10 00:41:39 +00:00
teastep
e2748d3245 More SHARED_DIR changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@489 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 18:01:32 +00:00
teastep
6a478754ac Remove SHARED_DIR from shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@488 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 17:55:34 +00:00
teastep
4a173940b2 Add log limiting to 'logdrop' chain and optimize code that deletes temporary rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 15:48:07 +00:00
teastep
c67ef5582c Remove two superfluous calls to determine_zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@484 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-07 00:30:39 +00:00
teastep
09fc5e317a Process params file before shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@482 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-06 23:21:25 +00:00
teastep
4c2b1406de Remove unused function
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@478 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-28 15:33:40 +00:00
teastep
2894700fcf Re-add 'check' -- delete trailing white space
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@475 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-27 22:28:06 +00:00
teastep
a9d201f4f6 Print the name of the ECN file during processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-25 23:35:22 +00:00
teastep
5f0d26d1b9 Remove 'check' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@470 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-25 16:21:41 +00:00
teastep
99bcc9cc39 Alloc null second column in ecn file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@469 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-24 15:35:50 +00:00
teastep
08ec9ac4e0 Validate interface names in ecn file; confirm additions to ECN control chain; update to Beta2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@468 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-24 15:24:55 +00:00
teastep
5a778540da Tweak the comma-separated list parsing fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@466 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 14:22:14 +00:00
teastep
21cb22303f 1) Remove trailing white space.
2) Improve detection of white space in comma-separated lists.
3) Fix a typo in the INSTALL file.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@464 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 14:10:37 +00:00
teastep
9b98ecbff5 final 1.4.0 Beta1 Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@461 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-21 22:55:36 +00:00
teastep
fe9b56090c Remove call to undefined function 'validate_bounce_file'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-21 17:00:10 +00:00
teastep
6cabdfae5d More 1.3.14 Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-19 23:52:03 +00:00
teastep
5fe2bef29e Remove icmp.def; change versions to 1.4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-15 00:09:44 +00:00
teastep
b5c7f91e5a Run user init script before stripping files; improve comment in hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@445 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-13 14:59:34 +00:00
teastep
92fc84ac14 Outbound ICMP no longer unconditionally accepted
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@444 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-11 01:34:52 +00:00
teastep
ef51c04d1d Shorewall 2.0.0 Alpha1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-08 20:58:44 +00:00
teastep
f9918b0da8 Correct rule number calculation in 'shorewall add' code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-08 20:44:00 +00:00
teastep
5b9a57d49e Changes for 1.3.14 RC1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-04 16:59:49 +00:00
teastep
5aeecee8ab Add openvpn tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@426 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-31 19:10:22 +00:00
teastep
4cf3600e5c Update copyrights
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@425 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-31 18:04:57 +00:00
teastep
45879f20f3 Beta 2 update
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@423 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-29 02:56:39 +00:00
teastep
fd37bd4c59 Fix VLAN Broadcast detection
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@422 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-28 14:44:40 +00:00
teastep
bf4ccb8d7a Restore support for VLAN devices
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@420 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-27 02:54:43 +00:00
teastep
cd1417ec17 Clean up release notes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-26 01:00:22 +00:00
teastep
4964497aa3 Allow labels for aliases added under ADD_SNAT_ALIASES; improve masquerade algorithm
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@417 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 23:43:22 +00:00
teastep
5b101f3a81 Use the routing table rather than the ip configuration to determine masquerading
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@416 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:59:49 +00:00
teastep
94c5455c9e Masquerade from all primary subnets when an interface name is in the second column of masq file entry
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@415 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:47:22 +00:00
teastep
43cc73ef47 Allow creation of an alias label when ADD_IP_ALIASE=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 19:42:23 +00:00
teastep
0bd0a3672e Allow specification of marking chain in TC rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 23:18:40 +00:00
teastep
a0cb5de22c Make FORWARDPING=Yes verboten under OLD_PING_HANDLING=No; make 'list' a synonym for 'show' in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@410 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 01:13:36 +00:00
teastep
7fe133fe4a Add OLD_PING_HANDLING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@406 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-21 00:34:00 +00:00
teastep
3b29150cb2 Fix bug in 'shorewall add' re 'find_interfaces_by_maclist'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@405 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-20 23:06:55 +00:00
teastep
bdcf22b4f8 Add NAT support with remote IPSEC zone; add UDP 4500 to ipsecnat support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@398 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-07 16:26:41 +00:00
teastep
feb0752113 Allow shared files to be moved easily
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@397 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 23:01:23 +00:00
teastep
a28dac71ec Update release notes comment -- allow '-' in ORIGINAL DEST column for consistency
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 14:12:59 +00:00
teastep
305c43fea2 Fix RFC1918_LOG_LEVEL
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@394 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-03 17:48:11 +00:00
teastep
b1fb6bd72c Add CLEAR_TC option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 16:04:31 +00:00
teastep
9ebd6ceaae Exit status 255 from tcclear indicates that Shorewall should not clear tc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@391 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 03:50:05 +00:00
teastep
144c9ab576 Add DNAT- action; 'shorewall check' prints policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@390 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 01:10:28 +00:00
teastep
6ec62fd189 Fix bug in blacklist logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@381 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-22 05:26:20 +00:00
teastep
ba05611498 Fix bad bug in find_hosts_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@376 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 21:10:53 +00:00
teastep
43b6a8acc8 Change comment on SPT=0 trap
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@375 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 01:13:41 +00:00
teastep
ad6a24aa3f a) fix a silly bug and b) avoid calling separate_list on an already separated list
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 21:30:58 +00:00
teastep
97c6eae79e Release 1.3.12-Beta1 Changes; bug fix from Tuomo Soini
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 20:14:10 +00:00
teastep
c9a1bff975 More Cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 23:56:34 +00:00
teastep
efb857df9d Fix a couple of bugs in recent changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:58:21 +00:00
teastep
852217c510 Break 'run_iptables' into two functions - only run_iptables2 checks for \!
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@369 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:26:03 +00:00
teastep
fa843d4139 Allow marking packets in the FORWARD chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@368 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-16 19:25:20 +00:00
teastep
ede456adf6 Restore fw->fw redirection; Check for SPT=0 in SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@367 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-14 15:44:26 +00:00
teastep
b9891e08e2 Add ULOG Support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@362 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-13 03:23:46 +00:00
teastep
faa859e84a Added error message for MAC address in rule destination
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 22:48:04 +00:00
teastep
39da3ef60f Remove redundent function - add some comments
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 16:03:26 +00:00
teastep
1fa9316550 Yet another speed improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@357 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-09 02:42:28 +00:00
teastep
46e306eba9 Correct wording of an error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 23:33:26 +00:00
teastep
14b0682723 More [re]start speedups
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@355 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 03:21:32 +00:00
teastep
2528043867 Speed up 'separate_list'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@354 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-06 00:31:49 +00:00
teastep
992cc301a7 Generate error if 'lo' is defined in the interfaces file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@353 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 17:29:56 +00:00
teastep
7a1aa39f95 Speed up running of iptables
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@351 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 00:18:47 +00:00
teastep
14a20ece71 a) Rewrote 'list_count' to not require 'wc'
b) Turn off trace after error
c) Allow output ICMP unconditionally again


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@350 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 23:53:03 +00:00
teastep
0f33d5af0d Refresh also refreshes traffic control/shaping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@349 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 21:17:14 +00:00
teastep
94cc75b63a Fix bug in NAT exclusion -- Roger Aich
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@344 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-27 19:16:06 +00:00
teastep
9a8d39bdd5 Add reverse GRE rules for PPTP server and clients
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@337 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-24 18:40:51 +00:00
teastep
dc0c17f075 Minor firewall cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@334 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-13 00:57:48 +00:00