Commit Graph

9564 Commits

Author SHA1 Message Date
Tom Eastep
a8c9fc1859 Implement new Blacklisting Scheme 2010-09-16 09:40:28 -07:00
Tom Eastep
3c1cff0794 First steps toward zone-based blacklisting 2010-09-16 06:55:48 -07:00
Tom Eastep
1d650b41cd Remove blacklisting by destination IP address support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 15:24:58 -07:00
Tom Eastep
bea4ce4ca6 Add tc-tbf link to tcinterfaces manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 14:07:42 -07:00
Tom Eastep
3ad3f0d9e0 Allow floating point numbers in tcinterfaces fields other than <rate>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 14:07:21 -07:00
Tom Eastep
ba89ec39b5 Add :<burst> to /etc/shorewall/tcdevices 2010-09-15 11:56:14 -07:00
Tom Eastep
69a2fa1907 Replace to/from with dst/src 2010-09-15 11:25:46 -07:00
Tom Eastep
8147671eb2 Document JUMP 2010-09-15 09:49:37 -07:00
Tom Eastep
f925b335ef Ignore the 'blacklist' host option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 08:10:57 -07:00
Tom Eastep
373fc87165 More blacklisting wrapup
- Deprecate 'blacklist' in the hosts file
- Base blacklisting on interfaces alone

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 07:38:20 -07:00
Tom Eastep
4d0e8d129b Add dup blacklist message 2010-09-14 18:04:27 -07:00
Tom Eastep
10a9ae496a More manpage updates for 4.4.13 2010-09-14 16:47:45 -07:00
Tom Eastep
94cdc73ec2 Restore setpolicy() to prog.header*
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-14 13:50:22 -07:00
Tom Eastep
c4a40d8c7b Set version to RC1 (again) 2010-09-14 13:09:50 -07:00
Tom Eastep
2ff06f5f0a Update simple TC doc 2010-09-14 07:59:01 -07:00
Tom Eastep
c6960f1ac2 Edit release notes 2010-09-14 07:36:29 -07:00
Tom Eastep
1f2691b052 Another fix for blacklisting; correct composition of $hosts1 2010-09-14 06:47:29 -07:00
Tom Eastep
0f913fca2f Don't create blackout unnecessarily 2010-09-13 18:15:50 -07:00
Tom Eastep
82bccf16b5 Avoid internal error when there are no 'to' entries 2010-09-13 17:55:20 -07:00
Tom Eastep
bb38ed16b0 Document ipset creation fix 2010-09-13 15:54:44 -07:00
Tom Eastep
b1e9bff382 Create new ipsets on 'start' 2010-09-13 15:46:04 -07:00
Tom Eastep
a6194fabd2 Delete blank line 2010-09-13 14:15:47 -07:00
Tom Eastep
33adbe7a27 Update documentation for net TC features 2010-09-13 13:51:25 -07:00
Tom Eastep
3f93ebdda8 Update blacklist manpages 2010-09-13 13:23:32 -07:00
Tom Eastep
1729da87f1 Allow both 'to' and 'from' in blacklist 2010-09-13 12:51:10 -07:00
Tom Eastep
9b4c3e22dd Allow floating point numbers in TC rates 2010-09-13 12:50:50 -07:00
Tom Eastep
cb1f7adea3 Add :<burst> to IN-BANDWIDTH 2010-09-13 11:23:37 -07:00
Tom Eastep
283eda2fa5 Cosmetic change to OUT-BANDWIDTH code 2010-09-12 16:33:19 -07:00
Tom Eastep
bd9041306c Add undocumented OUT-BANDWIDTH column to tcinterfaces 2010-09-12 16:25:45 -07:00
Tom Eastep
a3b7b9c11b Delete unused functions from prog.header*
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 10:07:26 -07:00
Tom Eastep
52592b4cfb Remove prog.*6 during installation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 10:07:07 -07:00
Tom Eastep
47ad42659c Mention ipsets in the secmarks manpage 2010-09-12 08:12:41 -07:00
Tom Eastep
9f786b7c59 Delete mention of triggers in ipset doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 08:01:54 -07:00
Tom Eastep
b937290740 Add version cautions to blacklisting doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 07:58:13 -07:00
Tom Eastep
931c5a8d0a Add an assertion 2010-09-11 16:24:27 -07:00
Tom Eastep
50fc972d2a Fix another SAME defect :-( 2010-09-11 16:15:09 -07:00
Tom Eastep
512cd7b08e Bump version to 4.4.13 RC 1 2010-09-11 15:46:14 -07:00
Tom Eastep
aad7b70e18 Rename constant 2010-09-11 15:31:43 -07:00
Tom Eastep
c6c6503d83 Clean up a remaining issue with SAME 2010-09-11 15:24:01 -07:00
Tom Eastep
f004916055 Disallow a DEST interface in mangle OUTPUT rules 2010-09-11 14:10:05 -07:00
Tom Eastep
3ea7808b38 Disallow a DEST interface in mangle PREROUTING rules 2010-09-11 14:02:09 -07:00
Tom Eastep
37a5a01185 Correct INPUT marking documentation 2010-09-11 12:47:32 -07:00
Tom Eastep
e93a7fe9df Avoid recent problems by not padding $target in process_tc_rule() 2010-09-11 11:03:28 -07:00
Tom Eastep
d9ced1051a One more fix for SAME 2010-09-11 10:35:45 -07:00
Tom Eastep
367fc041b8 Correct handling of SAME -- Take 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-11 09:36:19 -07:00
Tom Eastep
83ae6d6eba Document fix for 'SAME'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-11 09:04:42 -07:00
Tom Eastep
dbc9f6ac8f Correct handling of SAME
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-11 08:56:22 -07:00
Tom Eastep
05b6947aac Document fix for ipset invocation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-11 08:55:35 -07:00
Tom Eastep
8dd42c9e19 Correct handling of dst/src list in ipset invocation 2010-09-11 07:41:01 -07:00
Tom Eastep
99f8f84024 Fix name of F chain in secmarks 2010-09-10 16:45:22 -07:00