Commit Graph

1398 Commits

Author SHA1 Message Date
Tom Eastep
50b4bd8dfe More Blacklist and Secmark documentation updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 17:26:49 -07:00
Tom Eastep
c6f58ba924 Enhance SELinux support:
- Add state match
- Add user/group match
- Add examples to the man pages
2010-09-06 09:06:40 -07:00
Tom Eastep
f93413b2a7 Update Multi-ISP doc for variable name change in 4.4.8.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-31 15:33:22 -07:00
Tom Eastep
8077c9e1c3 Add FAQ 91 2010-08-30 11:07:37 -07:00
Tom Eastep
c2558af9c8 Document and correct implementation of EXCLUSION_MASK
1. Require KLUDGEFREE if existing rule uses mark match
2. Pretty up the code
3. Use MASK_BITS rather than TC_BITS when calculating the offset of EXCLUSION_MASK

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-28 08:29:47 -07:00
Tom Eastep
6b0fa8b4e2 Change note about MARK_IN_FORWARD_CHAIN 2010-08-19 15:33:12 -07:00
Tom Eastep
baf8e21a80 Add reference to manual chains article for the compile extension 2010-08-17 09:23:43 -07:00
Tom Eastep
bc19a80ac4 Correct FAQ 2 for Shorewall-lite 2010-08-14 07:14:52 -07:00
Tom Eastep
1510e111c4 Fix typo in conf basics doc 2010-08-13 20:27:14 -07:00
Tom Eastep
000873575e Update Shorewall Lite Doc 2010-08-11 15:59:24 -07:00
Tom Eastep
965ad7ced1 Minor tweaks to the IPAddrs module 2010-08-11 11:46:26 -07:00
Tom Eastep
0234564a1b Add destination IP blacklisting 2010-08-10 17:33:50 -07:00
Tom Eastep
3ce8ff5741 Bump version to Beta 4 2010-08-01 16:10:32 -07:00
Tom Eastep
f75c5809b5 Advocate use of 'ip' to examine routing tables 2010-08-01 11:56:06 -07:00
Tom Eastep
967629569b Taylor Universal config to work with Shorewall-init and streamline ruleset
- Make interface 'all' optional and set REQUIRE_INTERFACE=Yes
- Add COMPLETE option
- Set FASTACCEPT in Universal samples
- Reset SUBSYSLOCK in Universal samples

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-01 08:36:56 -07:00
Tom Eastep
a88e2afa69 Tweak the Universal documentation 2010-07-31 18:43:54 -07:00
Tom Eastep
c6404f1a74 Reword last title in Universal ruleset doc 2010-07-31 14:51:52 -07:00
Tom Eastep
ee5d2a56da Add Universal doc 2010-07-31 13:52:09 -07:00
Tom Eastep
bebeba8cae Document Universal Configuration and allow for empty LOGFILE 2010-07-31 12:45:43 -07:00
Tom Eastep
d483725474 Update Accounting doc 2010-07-29 16:49:40 -07:00
Tom Eastep
6a1fea3a40 Add 'user marks' 2010-07-27 11:02:36 -07:00
Tom Eastep
aac343b476 Document mark geometry capability 2010-07-27 08:05:54 -07:00
Tom Eastep
7f4a7372ef Remove nic registration requirement for IRC channel 2010-07-24 16:04:21 -07:00
Tom Eastep
a9a19c4da6 Remove another link to a Russian-language page 2010-07-24 11:08:06 -07:00
Tom Eastep
242f13f6bd Delete foreign language links -- docs are very out of date 2010-07-24 09:33:47 -07:00
Tom Eastep
9ab66c3b07 More config basic doc tweaks 2010-07-24 07:09:02 -07:00
Tom Eastep
039ac17fe6 Correct SOURCE/DEST section 2010-07-23 14:32:11 -07:00
Tom Eastep
93e5fc2deb Correct SOURCE/DEST section 2010-07-23 14:19:05 -07:00
Tom Eastep
c2717b9eec Correct SOURCE/DEST section 2010-07-23 14:17:38 -07:00
Tom Eastep
00352baba7 Add warning about Upstart 2010-07-23 07:38:28 -07:00
Tom Eastep
c536680bd6 Add FAQ 90 2010-07-21 13:31:43 -07:00
Tom Eastep
eb2dcb46cd Remove mention of 4.5 from Manpages6 index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-21 12:36:18 -07:00
Tom Eastep
46644a0336 Add instructions for disabling existing firewalls 2010-07-21 11:49:37 -07:00
Tom Eastep
d897635af5 Allow bizarre overriding of SOURCE/DEST with ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-20 16:03:12 -07:00
Tom Eastep
c9423491f2 Don't mention 4.5 on Manpages page 2010-07-19 15:11:55 -07:00
Tom Eastep
8eeb71dc1b Fix inconsistencies in manpages 2010-07-19 14:45:05 -07:00
Tom Eastep
cbb524b067 Implement ADD/DEL commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-18 08:46:38 -07:00
Tom Eastep
d2bb96be88 Emphasize that you must have a Nic to post on the Shorewall channel 2010-07-18 07:34:03 -07:00
Tom Eastep
9977f778ad Link to a better Netfilter Diagram 2010-07-15 11:07:14 -07:00
Tom Eastep
35a4b8e7f4 Update Vserver FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:12:06 -07:00
Tom Eastep
c8274f0538 Minor vserver doc update 2010-07-02 13:34:21 -07:00
Tom Eastep
ba535b8937 Correct IPv6 zones file in Vserver doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-01 15:56:34 -07:00
Tom Eastep
f538aecd82 Update the Vserver article with IPv6 and a graphic 2010-07-01 15:13:29 -07:00
Tom Eastep
7dbf829e9b Clean up Vserver doc 2010-07-01 07:22:54 -07:00
Tom Eastep
e4afc15370 Finish Vserver Implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-30 20:35:46 -07:00
Tom Eastep
ac4349e930 Add more IPv6 configuration info 2010-06-27 17:46:12 -07:00
Tom Eastep
236269eafc Add IPv6 example to the OpenVPN doc 2010-06-27 16:26:40 -07:00
Tom Eastep
ed72afd8a0 Add comment about the unfortunate name of the tcrules file 2010-06-25 06:33:14 -07:00
Tom Eastep
40f57bf926 Update Squid Document 2010-06-16 09:24:01 -07:00
Tom Eastep
625f254d02 Add tcfilters to manpage index 2010-06-10 06:15:15 -07:00
Tom Eastep
f50a609d1d Update the UPnP document with the 4.4.10 changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-08 11:34:37 -07:00
Tom Eastep
e061d15baf Update blacklisting doc with 4.4.10 behavior.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-08 11:32:39 -07:00
Tom Eastep
f412f96153 Add introduction to config file basics document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-06 08:24:28 -07:00
Tom Eastep
5e74427332 Update the Build document with the current release model
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-02 16:23:09 -07:00
Tom Eastep
91840acb18 Remove unused RUNLEVELS variable from the install scripts.
Add some documentation

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-01 07:12:19 -07:00
Tom Eastep
0553f232b5 Remove apparent restriction on files where shell variables can be used
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-31 10:25:53 -07:00
Tom Eastep
78aaea749e Mention Shorewall-init in the beginner HOWTOs 2010-05-31 09:40:20 -07:00
Tom Eastep
47c4cbd85a Remove extra step in DSL modem access 2010-05-30 11:31:41 -07:00
Tom Eastep
07366ac819 Enhance FAQ 89 -- DSL modem access 2010-05-30 09:30:56 -07:00
Tom Eastep
97d8fd1588 Add FAQ 89 -- DSL modem access 2010-05-30 08:59:38 -07:00
Tom Eastep
ff5f2ab15a Emphasize 'routeback' in the OpenVZ doc 2010-05-28 17:14:31 -07:00
Tom Eastep
98dff075ca Mention SAFESTOP in the start/stop document 2010-05-27 13:55:07 -07:00
Tom Eastep
e1c04f5ad6 Add Shorewall Init Documentation 2010-05-27 13:36:00 -07:00
Tom Eastep
eaad566978 Update documents for Shorewall-lite 2010-05-20 17:06:53 -07:00
Tom Eastep
5bab407da2 Remove mention of 4.5 from the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-13 16:40:07 -07:00
Tom Eastep
46b3a2a81a Remove dire threats about installing remotely
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-13 16:40:01 -07:00
Tom Eastep
a0a08c918d Apply patch from Fog_Watch 2010-05-13 16:39:39 -07:00
Tom Eastep
74c515016e Add back stuff merged earlier: 2010-05-08 16:32:03 -07:00
Tom Eastep
e9b836bbad Document OS X as an Administrative system
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-06 09:07:33 -07:00
Tom Eastep
5456c9fba3 Add instructions for proxying firewall-local connections
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-01 08:26:22 -07:00
Tom Eastep
83d8d497d7 Correct typos in IPSEC article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-28 08:12:41 -07:00
Tom Eastep
4b6bff7693 Add link from the netmap article to the OpenVPN doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-27 07:04:33 -07:00
Tom Eastep
eab6387817 Add solution for handling duplicate networks in an OpenVPN environment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-27 07:04:06 -07:00
Tom Eastep
40bc2cc4a2 Update Link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-26 18:06:16 -07:00
Tom Eastep
6e04c7eec8 Mention 6in4 Tunnels in the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-26 11:11:12 -07:00
Tom Eastep
33801bb8a9 Add 6in4 information to 6to4 article 2010-04-24 19:53:15 -07:00
Tom Eastep
f2f8bcd804 Add link to 2010 Linuxfest presentation 2010-04-24 08:06:07 -07:00
Tom Eastep
32d3e50c05 Remove extra <emphasis> <\emphasis>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-17 08:54:37 -07:00
Tom Eastep
66a07c3ce6 Update copyright in UPnP Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-17 08:51:57 -07:00
Tom Eastep
a620aa22f9 Remove outdated information from the UPnP doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-17 08:51:11 -07:00
Tom Eastep
0a9b7c75d0 Delete misleading wording in the explaination of rate limiting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-16 06:24:35 -07:00
Tom Eastep
704eb1ee8e Fix lib.private in the Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-14 19:05:42 -07:00
Tom Eastep
3b6b7a4099 Add simple tc files to basics doc 2010-04-11 17:00:19 -07:00
Tom Eastep
b3f57ae5dc Add 'preview' to Perl doc 2010-04-11 14:31:32 -07:00
Tom Eastep
eb0abb3dd7 Remove 'Beta' status from 4.4 2010-04-11 12:49:30 -07:00
Tom Eastep
7ab3c6a612 Add /etc/shorewall/interfaces to the IFB instructions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 16:14:58 -07:00
Tom Eastep
450f2787ba Cover 1:1 NAT in FAQ 2d.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 08:06:06 -07:00
Tom Eastep
9bf87bc5e1 Add FAQ 2d.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 08:02:20 -07:00
Tom Eastep
a670c05043 Reword reference to RFC 4787.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 07:48:35 -07:00
Tom Eastep
5e30c5683c Tone down response to Shorewall FAQ 2 and provide RFC reference.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 07:44:43 -07:00
Tom Eastep
430cbf310f Revise FAQ 73 to match reality.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-31 08:38:29 -07:00
Tom Eastep
ee8270aadf Correct typo in the FAQ.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-30 11:35:33 -07:00
Tom Eastep
ad08d2195e Add a short section about bridged OpenVPN configurations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-25 15:30:46 -07:00
Tom Eastep
8fc1a08766 Expand Split DNS Article 2010-03-22 19:57:23 -07:00
Tom Eastep
a01fa345b7 Add support for UDP Lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-16 09:42:50 -07:00
Tom Eastep
472425cc62 Add FAQ 6c re: dmesg 2010-03-12 12:22:39 -08:00
Tom Eastep
0fb9333346 Update release model doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-08 13:50:24 -08:00
Tom Eastep
696f7d6b2b Update copyright on basics doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-07 09:34:27 -08:00
Tom Eastep
7ee96c41e0 Tweak OpenVZ doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-07 07:26:12 -08:00
Tom Eastep
1c293d17dc Formatting improvements in OpenVZ doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 12:46:42 -08:00