Tom Eastep
|
61f6cacc30
|
Infrastructure required by Docker
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 14:01:48 -08:00 |
|
Tom Eastep
|
caba1cd770
|
DOCKER=Yes requires IPTABLES_S
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 10:03:06 -08:00 |
|
Tom Eastep
|
4306ff1029
|
Correct 'save_dynamic_chains'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 09:57:11 -08:00 |
|
Tom Eastep
|
663f82c158
|
Move nat POSTROUTING rules to SHOREWALL if DOCKER=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 09:24:06 -08:00 |
|
Tom Eastep
|
e66d9f6547
|
Add DOCKER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-19 17:42:54 -08:00 |
|
Tom Eastep
|
f33f333937
|
Make 'default' and 'none' case insensitive in the GATEWAY column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-17 15:25:46 -08:00 |
|
Tom Eastep
|
94cfe54f92
|
Allow routing tables with no default route
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-17 11:49:09 -08:00 |
|
Tom Eastep
|
8ac0f96029
|
Delete blank line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-09 18:20:00 -08:00 |
|
Tom Eastep
|
894a98f24e
|
Improve optimizer handling of origin during rule merge
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-04 12:00:05 -08:00 |
|
Tom Eastep
|
bd9e8142b9
|
Ensure that the chain origin is used when there is no rule origin
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-03 10:43:10 -08:00 |
|
Tom Eastep
|
916a392fb0
|
Improve chain-completion rule tracking
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-02 14:57:47 -08:00 |
|
Tom Eastep
|
28983a0194
|
Add comment describing the origin member of a rule
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-31 09:29:24 -08:00 |
|
Tom Eastep
|
2cd098ba31
|
Update heading versions and copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 13:46:34 -08:00 |
|
Tom Eastep
|
9188f7efa3
|
Don't export shortlineinfo2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 13:38:26 -08:00 |
|
Tom Eastep
|
95a029316a
|
Improve get_keys*()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 12:51:23 -08:00 |
|
Tom Eastep
|
d4bea3d3ec
|
Optimize TRACK_RULES handling in the Chains module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 11:38:48 -08:00 |
|
Tom Eastep
|
6085c6092f
|
Add origin comments to command-mode rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 10:58:09 -08:00 |
|
Tom Eastep
|
48df3d9627
|
Add origin member to the providers table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 10:34:36 -08:00 |
|
Tom Eastep
|
94442abfcf
|
Correct check for duplicate interface in providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 10:34:16 -08:00 |
|
Tom Eastep
|
86f2e23f33
|
Invoke add_irule_extended rather than a hack that predated that function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 19:01:23 -08:00 |
|
Tom Eastep
|
6e9d5f45ec
|
Avoid spurious comment in jump to interface option chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 16:50:03 -08:00 |
|
Tom Eastep
|
039fd6ddd8
|
Move origin handling into log_[i]rule_limit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 14:24:56 -08:00 |
|
Tom Eastep
|
57288086bf
|
Unify TRACK_RULES handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 12:55:21 -08:00 |
|
Tom Eastep
|
f999acda63
|
Eliminate shortlineinfo1()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 10:21:08 -08:00 |
|
Tom Eastep
|
b4723da07c
|
Eliminate $globals{TRACK_GLOBALS}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-26 16:45:47 -08:00 |
|
Tom Eastep
|
3860a1dc72
|
Ensure that %origin is populated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-26 16:31:04 -08:00 |
|
Tom Eastep
|
e756820ca1
|
Revert "Unify TRACK_RULES settings implementation"
This reverts commit 866cb04cbb .
|
2016-01-26 11:49:26 -08:00 |
|
Tom Eastep
|
866cb04cbb
|
Unify TRACK_RULES settings implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-25 18:07:46 -08:00 |
|
Tom Eastep
|
6ef136a546
|
Add origin information for entries in shorewall[6].conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-25 15:49:18 -08:00 |
|
Tom Eastep
|
9b3b4579a2
|
Change TRACK_RULES setting from Internal to File
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-24 16:15:36 -08:00 |
|
Tom Eastep
|
3e404b765f
|
Make .ip[6]tables-restore-input comments conditional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 17:04:52 -08:00 |
|
Tom Eastep
|
2235641c9f
|
Add origin to the ip[6]tables input.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 15:13:12 -08:00 |
|
Tom Eastep
|
3fe4619f66
|
Fix origin in interfaces and hosts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 13:49:52 -08:00 |
|
Tom Eastep
|
247698a14d
|
Add origin in some rules from the Misc module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 12:31:53 -08:00 |
|
Tom Eastep
|
73b20c832c
|
Add 'origin' member to rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 10:45:26 -08:00 |
|
Tom Eastep
|
8ac754caed
|
Add 'origin' member to the interface and hosts tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-21 17:08:19 -08:00 |
|
Tom Eastep
|
1abb77d66d
|
Remove restrictions on -m geoip
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-18 22:30:15 -08:00 |
|
Tom Eastep
|
a28f3012d5
|
Correct $VERSION setting in Raw.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-18 09:38:35 -08:00 |
|
Tom Eastep
|
7d443b5e2e
|
Eliminate return value from process_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-18 09:08:35 -08:00 |
|
Tom Eastep
|
a945b3e0dd
|
Tweak the process_action() changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 17:03:46 -08:00 |
|
Tom Eastep
|
ec6c233666
|
Centralize Rules module handling of @CALLER in actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 16:29:35 -08:00 |
|
Tom Eastep
|
4059e9de95
|
Clean up use_policy_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 12:35:12 -08:00 |
|
Tom Eastep
|
1ee645cd79
|
Another determinism fix -- red and codel options are now sorted
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 09:50:34 -08:00 |
|
Tom Eastep
|
1fedb26f1d
|
Handle @CALLER in policy chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 09:42:01 -08:00 |
|
Tom Eastep
|
031371f259
|
Improve maintainability of action-tuple code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-16 17:26:16 -08:00 |
|
Tom Eastep
|
742c15b289
|
Improve @CALLER fix to create unique chains per caller
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-16 17:12:03 -08:00 |
|
Tom Eastep
|
726d1492cd
|
Correct error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 17:08:57 -08:00 |
|
Tom Eastep
|
12513e24a3
|
Revert "Implement dynamic actions"
This reverts commit 8075ba719a .
|
2016-01-13 11:04:41 -08:00 |
|
Tom Eastep
|
21765d618d
|
Create unique chains when @caller is used
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 11:04:23 -08:00 |
|
Tom Eastep
|
de21c59885
|
Correct hashlimit in logging rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 09:49:22 -08:00 |
|