Tom Eastep
724115bcbf
Add macro.ActiveDir
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-15 13:21:37 -08:00
Tom Eastep
89a09f0256
Implement DEFER_DNS_RESOLUTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-13 17:00:14 -08:00
Tom Eastep
54dbbaaa2d
Don't resolve DNS names at compile time.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-13 10:34:31 -08:00
Tom Eastep
90bd19feb9
Convert DNS names into ip addresses in validate_net().
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-13 07:39:27 -08:00
Tom Eastep
853b9ce916
Enable DNS names without an interface name.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-12 14:38:26 -08:00
Tom Eastep
c61d51363d
Correct generation of rules in the ESTABLISHED section of the rules file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-12 06:49:32 -08:00
Tom Eastep
af83989465
Update copyright dates.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-11 16:01:10 -08:00
Tom Eastep
b53fd39b49
Avoid a fatal Perl error in Config::cleanup when an fatal error occurs
...
while compiling a default action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-11 15:50:23 -08:00
Tom Eastep
38097bef5d
Correct an optimizer bug.
...
- delete_chain_and_references() was only deleting the downward references
and not the upward ones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-11 14:55:43 -08:00
Tom Eastep
76a63fb7e8
Don't flush 'noarp' ARP entries
...
= doing so kills the loopback interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-10 17:14:40 -08:00
Tom Eastep
f41b2fbffc
Clarify the LENGTH column of the tcrules file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-09 16:22:38 -08:00
Tom Eastep
15ca9edf8a
Allow delete_tc1() to work on devices which an @ suffix in their reported names.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-09 14:09:07 -08:00
Tom Eastep
199bce925f
Don't add chains with RETURNs to %terminating.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-09 12:54:29 -08:00
Tom Eastep
1fd3a6a522
Detect terminating chains
...
- no RETURN Rules
- last rule is terminating
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-08 16:32:24 -08:00
Tom Eastep
011dd2c901
Add a RETURNS flag to optflags indicating that there is RETURN in the chain.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-08 15:25:53 -08:00
Tom Eastep
e54563d9c1
Don't append rules that can't be matched.
...
Also, delete chains whose only rule is a -j RETURN
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-08 13:53:03 -08:00
Tom Eastep
f8c1b02dba
Correct test for optimization in 'check -r'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-08 09:51:32 -08:00
Tom Eastep
dece73f7b6
Another fix for *C actions in arprules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 18:59:24 -08:00
Tom Eastep
5883bc3f50
Correct typo (DNAC -> DNATC) in shorewall-arptables(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 18:33:27 -08:00
Tom Eastep
eb3b47ae24
Correctly handle *C actions in arprules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 18:29:41 -08:00
Tom Eastep
c157228f7d
Correct handling of unknown ACTION in arprules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 18:21:58 -08:00
Tom Eastep
a7af052d91
Correct issue with generating ESTABLISHED rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 16:07:24 -08:00
Tom Eastep
414a74d23c
Support protocol lists in most files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 16:06:54 -08:00
Tom Eastep
0526863e66
Make $section numeric
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 13:39:49 -08:00
Tom Eastep
5dbe2aa9ec
Optimize a test in finish_chain_section().
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-07 07:00:15 -08:00
Tom Eastep
ca202ca10b
Flush the arp cache after applying the arprules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-06 17:46:40 -08:00
Tom Eastep
de4e0898b5
Catch protocol lists in contexts that don't allow them.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-06 17:23:14 -08:00
Tom Eastep
edc0a84e5d
Optimize RELATED rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-06 16:48:37 -08:00
Tom Eastep
d4c9885c09
Change interpretation of the log tag when LOGTAGONLY=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-06 13:10:18 -08:00
Tom Eastep
c41b9e596d
Don't add --cstate to dropInvalid rule.
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-06 09:42:55 -08:00
Tom Eastep
9fd7933b5d
Make inline actions work in sections other than NEW.
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-06 09:32:50 -08:00
Tom Eastep
f223e3584c
Make '+' optional in the ADD and DEL statements.
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-06 07:37:11 -08:00
Tom Eastep
3f24416f37
Add a warning for opcode inversion when not arptables_jf.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-05 13:14:32 -08:00
Tom Eastep
38aa7f3857
Correct opcode inversion when not ARPTABLES_JF
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-05 08:26:46 -08:00
Tom Eastep
7f6430a383
Correct address inversion in match_arp_net()
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-05 08:20:51 -08:00
Tom Eastep
4fc0dba26d
Correct two-interface check in process_arprule.
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-05 08:17:53 -08:00
Tom Eastep
0c7e10dbfa
Add a comment to the Zones file
...
- define the {bridge} member.
2013-01-05 08:15:56 -08:00
Tom Eastep
97009bad79
Correct arptables_jf MAC handling.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-04 17:27:16 -08:00
Tom Eastep
af7b7195d2
Fix MAC handling in the ARP module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-04 15:55:52 -08:00
Tom Eastep
a732f6e538
Add some comments to the ARP module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-04 15:07:51 -08:00
Tom Eastep
38657d9f98
Support for arptables.
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
90e0c8b717
Don't update mtime on shorewall.conf during update that doesn't change the file
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-02 15:03:07 -08:00
Tom Eastep
f955abe18b
Unify IPv4 and IPv6 modules.xtables files
...
- only difference now is xt_ipp2p
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-01 08:44:36 -08:00
Tom Eastep
25b2341ecf
Add sch_fq_codel to modules.tc
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-01 08:29:41 -08:00
Tom Eastep
aca3ce3c21
Delete blank line
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-01 08:29:02 -08:00
Tom Eastep
34f8125416
Correct a couple of issues with update -D
...
- shorewall.conf.bak is no longer unlinked
- The mtime of all unaltered files is no longer updated
2012-12-31 12:43:02 -08:00
Tom Eastep
87715e5f0b
Correct Typo
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2012-12-31 10:36:27 -08:00
Tom Eastep
4590e25052
Correct modules.xtables
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2012-12-31 08:54:32 -08:00
Tom Eastep
5848d7cab7
Correct helper validation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-30 13:20:56 -08:00
Tom Eastep
5dfc27355e
Correct a comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 11:34:12 -08:00
Tom Eastep
115081dda5
Tweak fq_codel documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 11:20:16 -08:00
Tom Eastep
6d9cca1cff
fq_codel
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 10:58:11 -08:00
Tom Eastep
51deec115b
Correct handling of wildcard interfaces
...
- chain_base[1] renamed var_base[1]
- $chain replaced by $var in renamed functions
- replace trailing '+' by '_plus' to provide uniqueness
- add sub chain_base() to the Chains module as an identity mapper
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-28 10:39:19 -08:00
Tom Eastep
643f419264
Merge branch '4.5.11'
...
Conflicts:
Shorewall/Perl/Shorewall/Rules.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-28 09:02:33 -08:00
Tom Eastep
2009a66bb5
Avoid invalid function name for starting an optional interface
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-28 08:04:06 -08:00
Tom Eastep
ebe4267c49
Rename IGNOREOLDCAPVERSIONS to WARNOLDCAPVERSION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 09:58:45 -08:00
Tom Eastep
8b92a59821
Ignore '-m comment' when detecting duplicate rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 09:51:33 -08:00
Tom Eastep
f96bc7cc2d
Cosmetic cleanup of the .conf manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 09:01:37 -08:00
Tom Eastep
8bb6f81dc5
Rename IGNOREOLDCAPS to IGNOREOLDCAPVERSIONS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 08:54:22 -08:00
Tom Eastep
01a8ff20d4
Add the xtables modules to modules.xtables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 16:06:54 -08:00
Tom Eastep
ef0102e9f1
Add the 'IGNOREOLDCAPS' option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 15:48:08 -08:00
Tom Eastep
14bbda14a2
Add some comments describing Config.pm globals
...
- Also changed $shell from 'my' to 'our'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 10:55:13 -08:00
Tom Eastep
62406e261d
Correct typo in shorewall-masq(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 07:43:06 -08:00
Tom Eastep
bfeea76cf2
Disallow ?FORMAT when $max_format == 1
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Config.pm
2012-12-26 07:37:23 -08:00
Tom Eastep
100e03cf93
Don't set $nocomment in in-line action
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 07:06:29 -08:00
Tom Eastep
84cc78c58e
Eliminate @comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-25 17:00:24 -08:00
Tom Eastep
3f28af80d2
Disallow ?FORMAT when $max_format == 1
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-25 08:10:48 -08:00
Tom Eastep
6126ae67e6
Don't apply AUTOCOMMENT or comment continuation to inline actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 13:50:26 -08:00
Tom Eastep
575020c851
More comment handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 13:35:42 -08:00
Tom Eastep
1c212e878f
Restore SECTION handling in Accounting File
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 13:33:44 -08:00
Tom Eastep
4393a6c603
Eliminate redundant calls to clear_comment.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 12:35:08 -08:00
Tom Eastep
fca5b75c5b
Merge branch '4.5.11'
2012-12-24 10:30:43 -08:00
Tom Eastep
c942a95d3c
Allow ?COMMENT in accounting.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 10:15:23 -08:00
Tom Eastep
89ea37e088
Correct nested comments.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 10:11:53 -08:00
Tom Eastep
14f8947012
Remove old COMMENT/FORMAT handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 09:31:20 -08:00
Tom Eastep
15817078b8
Use 'our' for globals to aid debugging.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 13:16:54 -08:00
Tom Eastep
0acd93a032
Ensure that action and macro files always allow comment directives.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 12:19:30 -08:00
Tom Eastep
4d2379f542
Implement update -D
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:50:31 -08:00
Tom Eastep
c9eccaf3b8
Implement ?COMMENT directive
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:49:32 -08:00
Tom Eastep
44a4f6d77d
Move COMMENT handling to the Config module.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 13:51:24 -08:00
Tom Eastep
e4e61c4193
A more uniform way of handling $max_format
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 11:57:25 -08:00
Tom Eastep
0cd0675c98
Always push $file_format and $max_format onto the include stack.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 08:15:46 -08:00
Tom Eastep
bc230c00a3
Optimizations in process_compiler_directive()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 08:14:46 -08:00
Tom Eastep
96b61ea05c
Update documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 16:13:23 -08:00
Tom Eastep
dbd55acba2
Update samples, standard Actions and Macros to use ?FORMAT
2012-12-21 15:51:14 -08:00
Tom Eastep
10108b2d6a
Convert file processors to use ?FORMAT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:49:28 -08:00
Tom Eastep
35aeaf340f
Implement ?FORMAT directive
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:31:42 -08:00
Tom Eastep
0eb041d2d1
Correct ?SET error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:23:26 -08:00
Tom Eastep
a5debe793f
Add $file_format exported variable and handle in the include stack.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:14:23 -08:00
Tom Eastep
eb20283a55
Replace $1-$5 with @1-@5 in the standard actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 14:00:05 -08:00
Tom Eastep
df7785f2e9
Implement user-defined address variables.
...
- Also correct handling of ${0} & ${chain} in a SWITCH column.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-18 17:58:20 -08:00
Tom Eastep
2869a9a94d
Rename add_quotes to join_parts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-15 16:12:03 -08:00
Tom Eastep
3fbe3aad09
Merge branch '4.5.10'
2012-12-14 06:34:45 -08:00
Tom Eastep
7c6fcfccd5
Fix typo on line 21 on the conntrack file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-14 06:33:54 -08:00
Tom Eastep
1cbeaa6a9f
Apply Tuomo Soini's tabs patches for the rules files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-13 09:26:09 -08:00
Tom Eastep
b6e699ca5c
Factor some common code into a function.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-13 06:46:57 -08:00
Tom Eastep
743478614b
Make @0 work correctly again.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 13:13:17 -08:00
Tom Eastep
5944b4fc7b
Make @chain (@{chain}) a synonym for @0 (@{0})
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 11:55:04 -08:00
Tom Eastep
8a0abab4cc
Rename 'ALLOWUNKNOWNVARIABLES' to 'IGNOREUNKNOWNVARIABLES'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 11:51:31 -08:00
Tom Eastep
5da7db3d5f
Implement @-variables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 11:46:38 -08:00
Tom Eastep
14cdaf21fc
Handle nested params in push_action_params()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-09 10:45:29 -08:00
Tom Eastep
88d4814209
Merge branch '4.5.10'
...
Conflicts:
Shorewall/Perl/Shorewall/Config.pm
2012-12-08 20:54:33 -08:00
Tom Eastep
4d064d6713
Replace spaces with tabs in rules files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-07 16:48:55 -08:00
Tom Eastep
6ab5cfd63a
Use split_list2 in isolate_basic_target()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 19:12:44 -08:00
Tom Eastep
7190cd1265
Handle nested parens when pushing action parameters.
...
- Add an optional argument to split_list1 that causes parens to be retained.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Config.pm
2012-12-06 15:20:10 -08:00
Tom Eastep
61d67a4741
Remove extraneous comment from the rule generated by action.RST
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 15:13:46 -08:00
Tom Eastep
5f48e4e531
Handle nested parens when pushing action parameters.
...
- Add an optional argument to split_list1 that causes parens to be retained.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 15:13:14 -08:00
Tom Eastep
0a31d9ba41
Remove extraneous comment from the rule generated by action.RST
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 15:10:53 -08:00
Tom Eastep
fdadb57e82
Minor readability improvement
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 19:41:18 -08:00
Tom Eastep
56d7b6248b
Begin Action Documentaiton Update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 19:07:42 -08:00
Tom Eastep
8139f2ad91
Rename process_conditional() to process_compiler_directive()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 14:53:03 -08:00
Tom Eastep
189cd59650
Improve expression evaluation
...
- Only quote values when there is not an odd number of preceding quotes
- Make address family test return a numeric value
- Unconditionally trace the generated expression if debugging is set.
- Convert an empty expression into '' rather than generate an error.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 08:37:50 -08:00
Tom Eastep
4ec47783f1
Detect missing target in merge_levels()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 07:52:07 -08:00
Tom Eastep
2875fbb521
Cosmetic change (add a blank line).
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 07:51:41 -08:00
Tom Eastep
25c53f5a60
Detect missing target in merge_levels()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 07:51:21 -08:00
Tom Eastep
c61c9ba7eb
Make expression evaluation more deterministic.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 18:10:19 -08:00
Tom Eastep
2fbbc70e83
Only do SET and RESET when we aren't omitting.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 16:27:18 -08:00
Tom Eastep
c18996b6f5
Implement ?set and ?reset directives
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 14:28:03 -08:00
Tom Eastep
02cbd72a91
Merge branch '4.5.10'
2012-12-04 10:56:09 -08:00
Tom Eastep
60012d1208
Add additional space for the OPTIONS column
...
- actions and actions.std problem
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:54:32 -08:00
Tom Eastep
903e25a91a
Add ALLOWUNKNOWNVARIABLES to the sample configurations.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 09:04:34 -08:00
Tom Eastep
8f1e8bf475
Add 'ALLOWUNKNOWNVARIABLES' to the manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 08:50:23 -08:00
Tom Eastep
fb2d876683
Rename $loglevel and $logtag to $_loglevel and $_logtag respectively.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 08:49:59 -08:00
Tom Eastep
a25b3c68ee
Rename %symbols to %variables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 08:49:25 -08:00
Tom Eastep
314632f1f4
Unified symbol table for shell variables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 17:18:21 -08:00
Tom Eastep
409f5f2aab
Expand variables from the shorewallrc1 then shorewallrc hashes
2012-12-03 15:33:33 -08:00
Tom Eastep
fb0035bdf3
Add ALLOWUNKNOWNVARIABLES option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 14:43:35 -08:00
Tom Eastep
72aabef0fa
Add $logaction and $logtag as variables usable within actions
...
- Also make action variables usable in ?if and ?elsif expressions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 12:31:47 -08:00
Tom Eastep
fc3606a489
Prepare for multiple options in actions files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 08:17:55 -08:00
Tom Eastep
ad4709cb6d
Small effeciency improvement
...
- Don't check for 'bad match' until it is known that the matches are the same.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 06:54:44 -08:00
Tom Eastep
c0abdc1fe8
Add some comments in and around delete_duplicates()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 17:31:13 -08:00
Tom Eastep
cd5e9be467
Carefully suppress duplicate rules in all tables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 12:20:24 -08:00
Tom Eastep
c05c928c6c
Delete adjacent duplicate rules in tables other than 'raw'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 09:21:04 -08:00
Tom Eastep
a33cf5cc91
Fix AUTOCOMMENT=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 08:26:54 -08:00
Tom Eastep
9da507ae98
Remove error messages from 6 actions regarding in-line.
...
- The compiler now ignores 'inline' for these actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 07:13:09 -08:00
Tom Eastep
e0e7b2a9f2
Correct action.DropSmurfs
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 07:11:58 -08:00
Tom Eastep
65676cb865
Support passing log levels inside parameters.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 15:06:51 -08:00
Tom Eastep
8ebbdee20f
Only look for numerics if a shell variable begins with a number.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 12:52:26 -08:00
Tom Eastep
6c1a5b8051
Be more agressive about detecting action recursion.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 12:10:06 -08:00
Tom Eastep
cc657e571d
Update action templates with new columns.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 10:25:10 -08:00
Tom Eastep
f358a78eca
Revise the description of 'noinline' to match the changed implementation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 09:33:38 -08:00
Tom Eastep
b9adc2ebec
Remove another vestage of CONDITION_INIT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 09:33:01 -08:00
Tom Eastep
44f00cd0aa
Restore original $actionfile logic in process_actions()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 08:09:20 -08:00
Tom Eastep
ae5680401f
Remove questionable autocreate of an action in createlogactionchain()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 08:04:29 -08:00
Tom Eastep
8cbe26e32c
Ignore 'inline' for certain actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 07:54:42 -08:00
Tom Eastep
146402d9be
Yet another correction to the same line :-(
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 09:55:24 -08:00
Tom Eastep
70f26d8bb2
Correct line in prior commit.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 09:30:27 -08:00
Tom Eastep
893d054cb8
Reduce the block levels in define_firewall()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 08:46:49 -08:00
Tom Eastep
53fd0e7c8c
Don't require functions called from Shorewall::Compiler::compiler to know the current indentation.
...
Also, add an optional 'times' parameter to push_indent() and pop_indent().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 07:49:42 -08:00
Tom Eastep
6702bb1989
Revert condition initialization patch.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 07:31:29 -08:00