Tom Eastep
73c8b563a1
Add -s option to update to convert the routestopped file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-07 13:46:16 -07:00
Tom Eastep
0f61bd34e6
Drop support for the 'blacklist' zone option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 14:45:52 -07:00
Tom Eastep
f4620606b3
Drop support for the 'blacklist' file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 14:35:51 -07:00
Tom Eastep
65baa7e3b8
Drop support for the tcrules file
...
- The upgrade -t option is still available
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 12:34:22 -07:00
Tom Eastep
e5c7ded951
Drop support for the 'notrack' file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 11:36:54 -07:00
Tom Eastep
8bed5c9d65
Drop support for the IPSECFILE option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 10:11:52 -07:00
Tom Eastep
85648bded1
Deimplement several .conf options
...
- LOGRATE/LOGBURST
- EXPORTPARAMS
- LEGACY_FASTSTART
2015-08-01 11:11:35 -07:00
Tom Eastep
67589cab69
More version changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:59:11 -07:00
Tom Eastep
fa7248c58c
Add the LEGACY_RESTART option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-27 09:19:52 -07:00
Tom Eastep
0a7c65ae0d
Allow connlimit by destination
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 14:26:58 -07:00
Tom Eastep
6e0fb1ab88
Correct syntax error
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 14:16:12 -07:00
Tom Eastep
a00bf196a3
Remove all workarounds
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 10:27:30 -07:00
Tom Eastep
f9ec0c6930
New 'reload' and 'restart' semantics
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 09:59:49 -07:00
Tom Eastep
d0fc7f6547
Add some comments to the Zones module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-13 12:57:00 -07:00
Tom Eastep
5704438a44
Second Wave of changes to make script output reproducable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-12 15:00:41 -07:00
Tom Eastep
014ec1af1d
First phase of producing consistent scripts with Perl >= 5.18.0
...
Beginning with Perl 5.18.0, the order of elements returned by the 'keys'
and 'each' iterators is no longer deterministic. This is the first wave
of Shorewall changes to compensate for this irrational behavior.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-12 10:54:48 -07:00
Tom Eastep
4995456563
Clean up compiler PATH fix
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-03 14:33:20 -07:00
Tom Eastep
c6f48a77e0
Only add dhcp rule if one rpfilter interface has the 'dhcp' option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-03 12:21:04 -07:00
Tom Eastep
e7792fc868
Exempt IPv4 DHCP broadcasts from rpfilter
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-03 10:03:03 -07:00
Tom Eastep
c47abe416a
Add default PATH to current PATH in the compiler
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-03 09:38:06 -07:00
Tom Eastep
9f08726794
Eliminate running the script twice is some cases
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 14:32:43 -07:00
Tom Eastep
116e85e040
Cosmetic cleanup of the Compiler module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-08 11:27:37 -07:00
Tom Eastep
2956698298
Corrections to WORKAROUNDS implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-06 12:15:03 -07:00
Tom Eastep
eb6be0e84d
Remove old comment that now makes no sense
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-01 15:55:06 -07:00
Tom Eastep
019e49b481
Implement WORKAROUNDS option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-01 12:59:25 -07:00
Tom Eastep
9a3c43b6d3
Make NFQUEUE parsing more robust
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-30 07:01:30 -07:00
Tom Eastep
0a45c7a646
Another Tweak to the NFQUEUE parser
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-30 06:38:21 -07:00
Tom Eastep
f227250959
Fix NFQUEUE parsing and documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-29 18:19:35 -07:00
Tom Eastep
29a0c92918
Fix ancient bug in old parameter syntax
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-29 14:39:48 -07:00
Tuomo Soini
4edd6026f0
prog.footer: disabling already disabled inteface is not an error.
...
Neither is enabling already enabled interface
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-05-29 22:15:55 +03:00
Tom Eastep
18348ef6f1
Clean up distribute_load()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-27 06:58:10 -07:00
Tom Eastep
93c7e2c2f7
Change the way in which a warning message is suppressed
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-26 15:54:41 -07:00
Tom Eastep
602315938c
Correct the load distribution algorithm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-26 14:59:20 -07:00
Tom Eastep
ca35f565e0
Return success exit status when no ipsets are saved by the script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-25 07:36:00 -07:00
Tom Eastep
631ebdecb8
load= enhancements
...
- Normalize loads to 0.nnnnnnnn
- Issue warning if the loads don't sum to 1.000000
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-23 08:05:58 -07:00
Tom Eastep
c851e03313
Don't try to use a probibility >= 1.00000000
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-23 07:06:31 -07:00
Tom Eastep
c7ca3119ef
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2015-05-22 07:20:51 -07:00
Tom Eastep
ba7afcaeae
Make 'call' a supported command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-21 10:38:35 -07:00
Tom Eastep
809e56cef6
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2015-05-21 09:04:35 -07:00
Tom Eastep
e3805b0ada
Implement 'call' in the compiled script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-21 09:00:11 -07:00
Tom Eastep
f1b6e71e56
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2015-05-20 10:59:06 -07:00
Tom Eastep
f77d649ac7
Make policy descriptions match what the user entered rather than what was generated by the compiler
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-20 10:58:57 -07:00
Tom Eastep
267637f139
NFQUEUE enhancements
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-20 10:55:21 -07:00
Tom Eastep
acd921cd08
Don't require a helper for ctevents and expevents
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-16 13:40:40 -07:00
Tom Eastep
9329e7c36c
Don't require a helper in the CT action.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-16 09:08:32 -07:00
Tom Eastep
50d1a719f9
Delete superfluous test
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-08 09:48:58 -07:00
Tom Eastep
3bb1f74283
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code into 4.6.9
2015-05-05 11:28:13 -07:00
Tuomo Soini
87eca92b10
lib.core: use consisten indenting
2015-05-05 20:40:17 +03:00
Tom Eastep
b58aadad01
Correct Syntax error in the generated code.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-04 08:23:42 -07:00
Tom Eastep
6dcd8174ee
Don't require interfaces on stop, clear, etc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-04 08:23:10 -07:00