Commit Graph

904 Commits

Author SHA1 Message Date
teastep
a141478319 Resolve RFC 1918 Mess
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-28 00:05:25 +00:00
teastep
df41b69a04 Deprecate 'norfc1918' in favor of built-in actions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8367 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-27 19:45:23 +00:00
teastep
bbc8577a30 Yet another ':' parsing issue
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8364 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-26 16:16:56 +00:00
teastep
5288b1d64d Another ':' parsing issue
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8362 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-26 15:56:50 +00:00
teastep
c0dd4f3911 Better fix for policy parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-26 15:36:23 +00:00
teastep
b2d2ee253a Fix policy parsing problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-26 15:15:34 +00:00
teastep
eadad9a363 Fix priority mingling in tc filters
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-25 15:45:26 +00:00
teastep
a59c0db7f0 Update version
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8353 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-24 22:50:40 +00:00
teastep
b2e603c3c8 Add MANGLE_ENABLED option -- sample configs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8352 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-24 22:49:53 +00:00
teastep
2a6b894bd4 Add MANGLE_ENABLED option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8351 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-24 22:36:48 +00:00
teastep
a91bca8e9e Fix perl run-time error
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8347 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-24 17:35:52 +00:00
teastep
507d58ea0c Add 'avgpkt' to CONNBYTES code (it was already documented)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8346 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-24 14:56:37 +00:00
teastep
3d55331074 Finish CONNBYTES
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8345 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-23 22:23:12 +00:00
teastep
148415f23a Avoid unnecessary calls to getprotobynumber()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8344 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-23 20:56:29 +00:00
teastep
5986d4db32 Default gateway detection in /etc/shorewall/init
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8342 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-23 16:08:34 +00:00
teastep
680788433d Rename a variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8341 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-23 15:18:32 +00:00
teastep
5ea18e3624 Fix number of columns detection -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8340 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-22 17:41:12 +00:00
teastep
bd5f8195e9 Fix number of columns detection
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8339 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-22 17:35:46 +00:00
teastep
942d6bf6f5 Fix service validation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8332 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-22 14:54:10 +00:00
teastep
3bf59ff03a Add error when ICMP specifies SOURCE PORT(S) in tcfilters file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8331 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-22 03:01:01 +00:00
teastep
6c0d7d055d More tinkering with expand_port_range()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8330 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-21 21:03:46 +00:00
teastep
a672e03a82 Clean up range expansion
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8325 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-21 17:42:15 +00:00
teastep
d33f6583ad Fix bug in range expansion
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8324 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-21 17:32:22 +00:00
teastep
9b048e836e Allow port ranges in /etc/shorewall/tcfilters
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8323 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-21 17:08:55 +00:00
teastep
dc17a6976d Support port lists in tcfilters file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8321 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-21 14:59:14 +00:00
teastep
0dce5fd379 Last change was a bit too optimized (omitted certain rules)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8319 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-20 22:18:35 +00:00
teastep
63e7eb6147 Combine u32 tables for same protocol
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8318 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-20 21:54:27 +00:00
teastep
c3df5ed89e Remove BROKEN_ROUTING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8316 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-20 18:59:46 +00:00
teastep
e4878466f7 Add Tuomo's patch for adding 'src' to default route
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8315 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-20 18:54:40 +00:00
teastep
4756d4ef13 Eliminate vlsm_to_mask table
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8311 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-19 22:40:03 +00:00
teastep
88b3d01914 Start u32 table numbers at 1 rather than 64
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8310 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-19 22:25:41 +00:00
teastep
93d87dd01b More u32 tweaks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8307 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-19 16:32:08 +00:00
teastep
f7e5b3124b Clean up of u32 filter code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8306 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-19 16:15:03 +00:00
teastep
affa4684b8 First truly working u32 filters
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-19 16:02:16 +00:00
teastep
2daa5705d9 More tcfilters pretty-up
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8304 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-17 23:54:41 +00:00
teastep
3bc1c7f188 Fix bug with < 3 zones, one or more of them complex
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-17 22:49:43 +00:00
teastep
aead0c60e5 Add BROKEN_NEXTHDR configuration option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8302 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-17 22:10:11 +00:00
teastep
d3e94d44c3 Add some progress messages; suppress output from 'tc add....mirred'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8301 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-17 16:46:30 +00:00
teastep
c0836b8df2 Fix for new Macro syntax when macro name contains non-word characters
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8299 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-17 15:44:15 +00:00
teastep
a6354f9748 More IFB changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8297 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-16 23:57:58 +00:00
teastep
693dc4ae37 More IFB stuff
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8296 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-16 20:31:50 +00:00
teastep
6e3469ee89 Initial working version of IFB support with tc filters
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8295 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-16 16:51:53 +00:00
teastep
1fd17db3ca Finish phase 1 support for IFBs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8294 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-14 19:26:09 +00:00
teastep
5c530522f8 Correct defect in last large patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8291 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-14 02:33:23 +00:00
teastep
da18254d2a Update version
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8290 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-14 02:18:59 +00:00
el_cubano
bbe6dfb5fd "Fix" bashisms (at least they are bashims according to the Debian people)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8289 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-14 02:07:28 +00:00
teastep
b0a5c577f4 Support for IFB (but don't document it yet)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8288 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-13 23:27:29 +00:00
teastep
9f37f6a4ca Improve behavior of 'norfc1918' in the absense of CONNTRACK_MATCH
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8287 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-13 02:11:18 +00:00
teastep
10e2cb3751 Fix rule generation for '- <interface>' entries in /etc/shorewall/interfaces
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8282 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-12 22:34:21 +00:00
teastep
846f251825 Avoid generating 'non-existant variable' errors on the SCP and RSH commands in shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8280 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-11 23:04:11 +00:00
teastep
fcea8abc60 Add L2TP Tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8273 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-08 20:49:41 +00:00
teastep
1e7c0d0947 Bring 4.0 changes to trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8271 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-07 00:36:16 +00:00
teastep
77be234a24 Add experimental support for IFBs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8267 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-05 16:16:04 +00:00
teastep
392b6eb8d1 Handle empty action properly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8261 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-02 17:14:03 +00:00
teastep
4c5f9378fb Add KLUDGEFREE fix to trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8260 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-02 17:13:39 +00:00
teastep
aec4134aa1 Fix bug reported by Steven Springl
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8231 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-24 17:05:27 +00:00
teastep
131acd8e1f Remove warning but keep new default value
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8230 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-24 16:48:49 +00:00
teastep
e0a9add260 Deprecate IMPLICIT_CONTINUE=Yes with warning message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8229 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-24 16:33:46 +00:00
teastep
a81ce26230 Add AUTO_COMMENT option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8214 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-23 01:46:50 +00:00
teastep
d39cb6c1c1 Make macros auto-commenting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8213 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-22 23:15:39 +00:00
teastep
bcb7c8e9fa Add BROKEN_ROUTING hack
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8211 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-22 19:58:54 +00:00
teastep
4e67f4206e Some tunnel changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8207 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-19 23:30:26 +00:00
teastep
d1c9d21074 Fix 'Yes' in 'ALL INTERFACES' nat column
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8204 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-18 18:26:35 +00:00
teastep
433e4a6f51 Generate error on a MAC address in the OUTPUT or POSTROUTING chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8203 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-18 17:38:25 +00:00
teastep
dd56d6c85c Fix designator table
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8196 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-15 17:53:08 +00:00
teastep
c0be049f3d Add restriction handling to tcrules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8194 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-14 17:40:38 +00:00
teastep
1c8a0e0eb0 Change default value of LOG_MARTIANS to 'On'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8186 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-13 20:05:18 +00:00
teastep
667e76f8bf Documentation update
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8185 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-13 19:11:02 +00:00
teastep
7067a3d53d Improve check for shared-interface provider
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8183 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-11 18:52:49 +00:00
teastep
5c922eb2af Don't allow non-shared provider in masq file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8182 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-11 18:40:58 +00:00
teastep
00a72b0dec Add 'src=' and 'mtu=' OPTIONS in providers file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8181 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-11 18:30:45 +00:00
teastep
dec8b5d308 Eliminate dummy interface names for built-in providers
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8172 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-09 23:51:28 +00:00
teastep
a4a400eba1 Use a more sensible variable name for keeping track of optional interfaces
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8171 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-09 22:39:23 +00:00
teastep
a40697d21e Don't generate 'track' mark rules for absent providers
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8170 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-09 20:59:42 +00:00
teastep
e7203344d9 Fix compiler.pl help
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8169 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-09 18:19:06 +00:00
teastep
60080486ec Fix handling of zone exclusion
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8168 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-09 17:36:33 +00:00
teastep
3574d2b099 Use function rather than generating name manually
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8167 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-08 19:34:28 +00:00
teastep
94c4b5bd81 Finish optimization changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8166 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 23:47:02 +00:00
teastep
44c9717a67 Add back 'complex' zone attribute but don't use it yet
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8165 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 22:34:27 +00:00
teastep
f229aaf5dc Trivial optimization
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8164 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 20:47:14 +00:00
teastep
c819e1fea7 Beef up check in do_user()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8162 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 19:16:25 +00:00
teastep
6d421fc49e Move fix for !user to trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8161 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 19:05:45 +00:00
teastep
736f4f17bb Make gunk patch a bit safer (allow non-ASCII characters in COMMENT lines)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8152 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-06 18:01:24 +00:00
teastep
7a82ff8bba Catch unprintable junk in config files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8150 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-06 17:45:03 +00:00
teastep
52f29cad4b Correct some module versions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8149 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-05 23:50:00 +00:00
teastep
bed37c1965 Update versions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-05 23:35:53 +00:00
teastep
0edd543098 Only import what's needed
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8147 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-05 16:45:33 +00:00
teastep
5aeef8b231 Move prototol/port validation to the IPAddrs module
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8146 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-05 16:43:11 +00:00
teastep
5e8f0c120a Update trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8142 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 18:52:06 +00:00
teastep
8225910d63 Remove superfluous call from generate_matrix()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8141 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 18:47:33 +00:00
teastep
9ce89bd6f0 Fix typo in macro processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8137 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 16:00:02 +00:00
teastep
8a6e2f1712 A little optimization in macro handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8136 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 00:07:58 +00:00
teastep
d0fd40ae0b More cleanup of validate_interface_file()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8135 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-02 16:59:59 +00:00
teastep
2d6e206a5f Long overdue cleanup of validate_interface_file()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8134 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-02 01:27:39 +00:00
teastep
82e525d0f5 Disallow move_rules() calls when source chain has embedded commands
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8132 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-01 22:53:05 +00:00
teastep
cf99cd78bd Fix typo
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8127 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-31 21:17:24 +00:00
teastep
2cd7e2b2fb More sorting by interface number
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8126 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-31 02:33:16 +00:00
teastep
06d3269f7e Order interfaces within zone when generating top-level rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8125 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 21:57:39 +00:00
teastep
8ef198b3a6 More optimization
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8124 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 18:47:27 +00:00
teastep
b81ae53477 Correct handling of IPSEC; re-order rules slightly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 16:39:40 +00:00
teastep
2a2a7530c2 Add optimizations in basic chain handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8122 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 00:03:25 +00:00
teastep
e75be13ff4 Fix exclusion in zone definition
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8121 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-28 21:38:18 +00:00
teastep
ed709b56c7 Place zone name in error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8118 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-28 20:29:27 +00:00
teastep
4be347d1cc Move 'dynamic' jumps to the INPUT and FORWARD chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8117 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-28 19:41:23 +00:00
teastep
3cad33ea20 More defense against silly lists
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8116 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-26 22:15:07 +00:00
teastep
7b4abdba94 Validate comma-separated lists
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8109 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-26 01:07:57 +00:00
teastep
f960345b51 Catch invalid lists in nat/masq entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8107 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-25 23:52:33 +00:00
teastep
65df4d9f73 Ruleset optimization -- phase I
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8100 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-24 16:22:03 +00:00
teastep
746a00994d Create 'sourceonly' hosts option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8093 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-22 23:48:03 +00:00
teastep
03091be09a Allow loose interface matching in more places
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8091 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-22 23:21:44 +00:00
teastep
e2e827cdbc Allow loose match for interfaces names in masq, nat and netmap
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8079 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-19 23:36:27 +00:00
teastep
3f4d773489 Allow DNS names in DEST column of a DNAT rule
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8076 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-17 19:02:40 +00:00
teastep
99a5eba368 Remove delayed insertion of RETURN rules in dnat chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8074 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-16 23:24:41 +00:00
teastep
6b564e0eb3 Factor out invariant parts of a loop
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8071 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-15 19:02:00 +00:00
teastep
545dd7dbc3 Interface lists in masq and nat files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8068 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-15 02:39:21 +00:00
teastep
2f96bc5181 More work on DNAT/REDIRECT mess
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8065 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-14 16:34:26 +00:00
teastep
318b4f002d Consult policies when constructing dnat chains; warning when zone specified on NAT-only rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8061 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-13 18:47:06 +00:00
teastep
55a25721e6 More tweaks to DNAT/REDIRECT thingy
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8052 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-13 00:41:10 +00:00
teastep
88a74e40f3 Another look at DNAT/REDIRECT and nested zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8051 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-12 21:11:39 +00:00
teastep
755983b38c Make DNAT/MASQ short-circuit dependent on z->fw policy
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8050 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-12 17:39:14 +00:00
teastep
3d84cec3a3 Fix for DNAT/REDIRECT nested-zone mess
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8048 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-12 01:32:18 +00:00
teastep
2583fc3f93 Fix initialization problem in Rules module
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8047 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-12 00:35:07 +00:00
teastep
8a22a4e05a Simplify fix to accounting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8040 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-10 21:07:07 +00:00
teastep
e68ab78eda Fix a couple of minor problems in Accounting.pm
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8038 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-10 20:55:27 +00:00
teastep
384e88df43 First step in adding structure to NAT table ruleset
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8037 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-10 19:56:44 +00:00
teastep
f959d54cea Fix mangled date in firewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8020 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-04 23:20:09 +00:00
teastep
f36c1ccd18 Revert fix for broken 'tc'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8016 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-04 18:50:33 +00:00
teastep
687c9c1a88 Update version to 4.1.4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8015 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-04 17:51:45 +00:00
teastep
6a2f313246 tweak a comment
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8005 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-03 22:18:24 +00:00
teastep
ea3d2ca638 Add comment to prog.header
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8004 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-03 02:35:49 +00:00
teastep
0588e9f576 Final fix for police fiasco
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7991 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-02 04:25:47 +00:00
teastep
1e6140a59c Work around the 'flowid' vs 'classid' fiasco in 'tc'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7990 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-02 02:54:26 +00:00
teastep
2fa119b30a More do_test() tweaks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7988 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-01 21:53:29 +00:00
teastep
36096dfff7 Express mark test mask in Hex
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7984 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-01 17:47:58 +00:00
teastep
1a24a6fe78 Final fix for wrong mask in mark tests
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7981 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-01 00:27:52 +00:00
teastep
89ad1b807e Another hack to work around BusyBox ash on OpenWRT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7976 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-30 18:31:41 +00:00
teastep
d5073f0b3f Move do_test() fixes to trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7966 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-29 16:31:49 +00:00
teastep
44545e71fe Release document update; cosmetic change to Shorewall::Tc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7936 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-21 22:56:36 +00:00
teastep
d8a0db63bd Always use filters for classifying marked packets
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7934 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-21 19:14:53 +00:00
teastep
17e75e230f Fix problem with optional interfaces and DETECT_IP_ADDRS
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7933 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-21 19:14:27 +00:00
teastep
c58f3c7eca Generate error if no ipv4 zones or no interfaces
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7931 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-18 23:55:20 +00:00
teastep
b030624c68 Fix typo in ADMINISABSENTMINDED=No code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7925 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-18 00:00:59 +00:00
teastep
0e6472a272 Eliminate mark_referenced()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7920 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-17 20:53:27 +00:00
teastep
4c81d94097 Undo damage done by RPM expermintation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7910 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-12 19:43:42 +00:00
teastep
7d6e67ace9 More rpm expermentation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7908 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-12 19:23:46 +00:00
teastep
438f25c1bd Fix setversion for RC/Beta and fix .spec files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7907 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-12 19:18:43 +00:00
teastep
0dd64cab77 Experiment with RPM versions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7906 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-12 19:08:11 +00:00
teastep
587ca5148f Fix rpm versioning
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7899 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-12 00:25:51 +00:00
teastep
9016e08942 A couple of tweaks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7896 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-11 23:45:31 +00:00
teastep
954c1f00ba Documentation and error message tweaks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7894 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-12-10 22:53:20 +00:00