Tom Eastep
cdc2d52208
Implement ADD and DEL in the mangle file.
...
- Also document the parameter to SAME
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-18 12:04:01 -08:00
Tom Eastep
18c8f1f835
Remove blank line
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-17 20:10:25 -08:00
Tom Eastep
aff8623a44
Allow TTL to be specified in the SAME action.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-17 19:11:28 -08:00
Tom Eastep
b14e7c54f9
Merge branch '4.6.6'
2015-02-07 08:29:44 -08:00
Orion Poplawski
9ad0b297e2
Supporting xz compressed kernel modules
...
- I've attached a patch that adds xz support to the default MODULE_SUFFIX.
- I'm wondering it wouldn't be better to not have MODULE_SUFFX=ko in various
sample configs so that the default value is used instead:
./Shorewall/configfiles/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/Universal/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/three-interfaces/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/two-interfaces/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/one-interface/shorewall.conf:MODULE_SUFFIX=ko
./docs/MultiISP.xml:MODULE_SUFFIX=ko
./docs/MyNetwork.xml:MODULE_SUFFIX=ko
./Shorewall6/configfiles/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/Universal/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/three-interfaces/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/two-interfaces/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/one-interface/shorewall6.conf:MODULE_SUFFIX=ko
- Is:
MODULE_SUFFIX=
sufficient to use the default value or does it need to be commented out?
Thanks,
Orion
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion@nwra.com
Boulder, CO 80301 http://www.nwra.com
>From f13edf8fc07c7b62825408b8665b10d6014d368d Mon Sep 17 00:00:00 2001
From: Orion Poplawski <orion@cora.nwra.com>
Date: Mon, 26 Jan 2015 09:48:48 -0700
Subject: [PATCH] Support xz compressed modules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-06 12:51:00 -08:00
Tom Eastep
40104d0c86
Correct handling of +set[n]
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-26 07:53:41 -08:00
Tom Eastep
c7cd0060f0
Merge branch '4.6.6'
2015-01-23 09:07:28 -08:00
Tom Eastep
e3b96862ef
Propagate the LOCKFILE setting to the generated script.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-23 08:18:30 -08:00
Tom Eastep
a060f683cc
Correct file name in mangle 'split_line' error messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-22 08:34:47 -08:00
Tom Eastep
c2b6d974e7
Protect 'enable' and 'disable' with mutex
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-22 08:34:28 -08:00
Tom Eastep
7ab055e61e
Correct file name in mangle 'split_line' error messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-22 08:31:51 -08:00
Tom Eastep
08a184d95b
Protect 'enable' and 'disable' with mutex
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-22 08:30:05 -08:00
Tom Eastep
50a0103e89
Merge branch '4.6.6'
2015-01-20 08:11:07 -08:00
Tom Eastep
a7cacdfee3
Allow SAVE and RESTORE in the INPUT chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-20 08:09:09 -08:00
Tom Eastep
28ac76bde4
Add tinc tunnel support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-13 13:28:37 -08:00
Tom Eastep
111c454193
Make leading SHELL case-sensitive
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-13 07:04:20 -08:00
Tom Eastep
97846e14de
Correct handling of ipsets in one of the PORTS columns
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-09 09:28:08 -08:00
Tom Eastep
07c21b8968
Add 'primary' provider option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-06 09:06:27 -08:00
Tom Eastep
668759edad
Catch parameter problems with TARPIT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 11:09:39 -08:00
Tom Eastep
0f1f54b57b
Tweak loopback change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 11:00:02 -08:00
Tom Eastep
60d5a177a3
Use the 'Iface Match' capability for loopback traffic.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 09:46:39 -08:00
Tom Eastep
3ed5ced581
Correct syntax error introduced in Beta 2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 08:35:33 -08:00
Tom Eastep
7dd9ccd06b
Add the 'loopback' interface option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-03 09:22:40 -08:00
Tom Eastep
4a4bfe77ce
Implement IFACE_MATCH capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 09:05:06 -08:00
Tom Eastep
3890b8a884
Infrastructure for detecting loopback interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 08:49:38 -08:00
Tom Eastep
551a16d18f
Document TARPIT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-01 09:14:00 -08:00
Tom Eastep
d1b597394f
Correct typo (TARPIT_MATCH -> TARPIT_TARGET)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-30 10:22:33 -08:00
Tom Eastep
15a2fd14f9
Implement TARPIT target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-28 15:23:30 -08:00
Tom Eastep
f96baca780
Use the readable representation of the SHA1 digest in the chain table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 11:13:10 -08:00
Tom Eastep
1b5f439609
Rewrite 'process_actions'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 09:28:02 -08:00
Tom Eastep
1655054de2
Rename 'externalize' to 'external_name'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 09:19:00 -08:00
Tom Eastep
89877ed3f7
Rename 'policy_rules' to 'add_policy_rules'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:58:13 -08:00
Tom Eastep
9649107a8e
Rename 'apply_policy_rules' to 'complete_policy_chains'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:53:50 -08:00
Tom Eastep
33eb47a48a
Reorder parameters and change identifiers in set_policy_chain()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:47:50 -08:00
Tom Eastep
6a15cead52
Cosmetic/commentary changes to the Config Module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 15:25:20 -08:00
Tom Eastep
f925358872
Minor Compiler Reorganization
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 12:27:37 -08:00
Tom Eastep
35fc7b34b8
Minor code tweak
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-20 15:09:21 -08:00
Tom Eastep
79430673b8
Correct handling of duplicate states in the mangle file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-16 19:08:25 -08:00
Tom Eastep
695db284c0
Improve Mark Range Implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-15 11:19:23 -08:00
Tom Eastep
807b9ca627
Revert "Improve handling of mark ranges"
...
This reverts commit 62f480897e
.
2014-12-15 09:39:24 -08:00
Tom Eastep
62f480897e
Improve handling of mark ranges
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-14 09:13:41 -08:00
Tom Eastep
2d7025dcc3
Correct mark range handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-13 08:31:31 -08:00
Tom Eastep
a833815b31
Correct IPv6 handling of LOG_BACKEND=LOG
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 08:56:42 -08:00
Tom Eastep
9241552c52
Make emacs sh-mode work better with lib.core
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 16:28:44 -08:00
Tom Eastep
16c1809ef2
Apply Alan Barrett's dhclient patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 13:39:23 -08:00
Tom Eastep
9a6047b3c4
Correct reversed naming of SHA chains
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-06 08:18:52 -08:00
Tom Eastep
5b4e3bc07c
Accomodate new module names for LOG_BACKEND
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 12:51:24 -08:00
Tom Eastep
dc3f163e71
Change the names of the sha1 chains for uniqueness
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-04 17:54:38 -08:00
Tom Eastep
8c0c1bd1e0
Omit the 'shorewall' chain from .ip[6]tables-restore-input
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 08:16:47 -08:00
Tom Eastep
8b825c4c4c
Avoid failure of ip[6]tables-restore.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 07:56:05 -08:00