Commit Graph

170 Commits

Author SHA1 Message Date
Tom Eastep
14e8568d9e
Add the FIREWALL .conf option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 15:03:54 -07:00
Tom Eastep
8d731c81e4
Add 'disconnect' option to ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-04 09:09:45 -07:00
Tom Eastep
e81a4788c6
Implement DEFAULT_PAGER in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-21 10:20:48 -07:00
Tom Eastep
f16bb887f3 Report versions as Shorewall's rather than Shorewall6's
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-05 15:41:46 -07:00
Tom Eastep
47edfaf093 Create standard error messages in the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-27 10:13:24 -07:00
Tom Eastep
f9bbca8b05 Expand the list of commands that write to STARTUP_LOG
- add the safe-* commands

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-18 14:16:13 -07:00
Tom Eastep
62a14aab28 Enable compiler logging on reload and restart
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-16 09:37:42 -07:00
Tom Eastep
524838ae47 Implement $SW_LOGGERTAG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-15 14:29:51 -07:00
Tom Eastep
074655d1bd Fix AUTOMAKE and the start command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-14 09:43:21 -07:00
Tom Eastep
05e4049174 Ipset-based blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:07:56 -07:00
Tom Eastep
d179615fca 'trace' and 'check -r' uses $PAGER
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-11 13:26:23 -08:00
Tom Eastep
90bc894200 More PAGER fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 08:58:26 -08:00
Tom Eastep
90d254f0c3 Add PAGER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 08:32:49 -08:00
Tom Eastep
2b733b610c Return proper exit status from the remote-* commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-01 07:53:31 -08:00
Tom Eastep
f90567abf1 Add support for OpenWRT BB and later
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 08:08:17 -07:00
Tom Eastep
6209616766 Add lib.cli-user support to the full products
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-30 08:47:16 -07:00
Tom Eastep
38049fd0df Correct "remote-" commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 20:06:10 -07:00
Tom Eastep
ed90360b4c Remove all of the update-specific options from the update command
Leave -i and -A

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 14:21:41 -07:00
Tom Eastep
9a6f16903b Use NYTProf for profiling.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 09:21:47 -07:00
Tom Eastep
0d635632e3 Add conversion of notrack to conntrack
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-08 16:46:58 -07:00
Tom Eastep
73c8b563a1 Add -s option to update to convert the routestopped file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-07 13:46:16 -07:00
Tom Eastep
85648bded1 Deimplement several .conf options
- LOGRATE/LOGBURST
- EXPORTPARAMS
- LEGACY_FASTSTART
2015-08-01 11:11:35 -07:00
Tom Eastep
67589cab69 More version changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:59:11 -07:00
Tom Eastep
f9ec0c6930 New 'reload' and 'restart' semantics
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 09:59:49 -07:00
Tom Eastep
bc8156b503 Include Compiler version in the compiler progress commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-08 12:53:42 -07:00
Tom Eastep
5ca68477d5 Corrections to last commit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 15:18:07 -07:00
Tom Eastep
9f08726794 Eliminate running the script twice is some cases
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 14:32:43 -07:00
Tom Eastep
846d629c47 Eliminate the usage() function in lib.cli-std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 12:55:34 -07:00
Tom Eastep
273a42b068 Correct the check for ordinary user attempting to access the default config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 11:35:11 -07:00
Tom Eastep
9bf65ab9ab Don't run the postcompile script when compilation is bypassed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-22 16:41:21 -07:00
Tom Eastep
b35c214c70 Defer 'Compiling...' message until after AUTOMAKE is checked
- Avoid an export statement in compiler()

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-22 10:56:17 -07:00
Tuomo Soini
f8d95d1ee9 rename not_configured() to not_configured_error()
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-06-09 20:29:45 +03:00
Tuomo Soini
15276b1f89 Set exit code to 6 when startup is disabled
Handles cases missed by 4b27c72c79

Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-06-08 22:23:38 +03:00
Tom Eastep
019e49b481 Implement WORKAROUNDS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-01 12:59:25 -07:00
Tom Eastep
4b27c72c79 Set exit code to 6 when startup is disabled
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-07 14:12:41 -07:00
Tom Eastep
e248c0a3d7 Update Shorewall/Shorewall6 help text for 'reenable'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-28 13:29:42 -07:00
Tom Eastep
0c11870e46 Implement the 'savesets' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-17 10:03:12 -07:00
Tom Eastep
095e523c9f Add 'show opens' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-06 13:10:23 -08:00
Tom Eastep
a85fdc45ac Implement 'open' and 'close' commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-05 16:20:54 -08:00
Tom Eastep
33e2e19193 Always set IP
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 09:28:50 -08:00
Tom Eastep
3890b8a884 Infrastructure for detecting loopback interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 08:49:38 -08:00
Tom Eastep
c4171a92f6 Change spacing in shorewall[6] usage output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-10 07:38:58 -08:00
Tom Eastep
c97226c46c Correct behavior of 'start -fC'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 09:25:23 -08:00
Tom Eastep
8fb73026c8 Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
b7ab82dba4 Implement -f option in the -lite products' start command
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
4e9a0b989d Update 'run' help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:46:28 -07:00
Tom Eastep
31e5aeeaea Refine the 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
a7b18ca875 Implement 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
7b0cf2b665 Add 'show bl' to the usage output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:16:07 -07:00
Tom Eastep
ac4bf15606 Implement 'status -i'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 11:07:37 -07:00
Tom Eastep
669d15e2cf Implement the -t update option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-15 09:36:13 -08:00
Tom Eastep
033a1a0367 Correct 'dump' help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-02 13:00:41 -08:00
Tom Eastep
42dd8dfee9 Change license to GPLv2+ and update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-04 09:48:27 -08:00
Tom Eastep
4e4e7cac1d Redefine the -i option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 11:23:20 -08:00
Tom Eastep
9abe60bc27 Implement the -i option of upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 17:54:10 -08:00
Tom Eastep
a389aa01a8 Fix for litedir
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-18 21:05:35 -07:00
Tom Eastep
a10aea280b Add some abbreviations for common commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
b639a18eb9 Simplify fix for -q
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 08:16:27 -07:00
Tom Eastep
3e1ed30f4e Make initial progress message obey VERBOSITY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 14:23:27 -07:00
Tom Eastep
3923092468 Take 2 on conditional compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-08 19:01:39 -07:00
Tom Eastep
577db69719 Support conditional compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-07 09:36:02 -07:00
Tom Eastep
8ed6642387 Modify reload_command() and export_command() to directly call compiler()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-22 16:15:41 -08:00
Tom Eastep
0afcf3c40c Merge branch '4.5.13' 2013-02-22 13:39:42 -08:00
Tom Eastep
64a52356e3 Replace g_directory with g_shorewalldir
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-22 13:37:31 -08:00
Tom Eastep
e14fe242bd Merge branch '4.5.13'
Conflicts:
	Shorewall/lib.cli-std
2013-02-20 14:41:30 -08:00
Tom Eastep
d2a221a9cd Correct handling of capbilities file in load/reload.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-20 14:40:23 -08:00
Tom Eastep
01fdfc4375 Merge branch '4.5.13' 2013-02-20 14:34:57 -08:00
Tom Eastep
0f0a66c2ab Correct handling of capbilities file in load/reload.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-20 14:34:32 -08:00
Tom Eastep
bb5b6e42d6 Replace death sequences with calls to fatal_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-16 07:32:47 -08:00
Tom Eastep
acb72e7213 Give address-family specific help text for 'iptrace'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 08:21:51 -08:00
Tom Eastep
5cc6894425 Defer reading .conf when processing the 'update' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 08:21:35 -08:00
Tom Eastep
4865e2c3af Save/use local SHAREDIR in reload_command
- Remove SHAREDIR may differ from the local one

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 08:21:19 -08:00
Tom Eastep
a6d6cc9da7 Fix load, reload and export WRT shorewallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 08:19:30 -08:00
Tom Eastep
9eba41669e Give address-family specific help text for 'iptrace'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 06:58:26 -08:00
Tom Eastep
7e2265dd23 Defer reading .conf when processing the 'update' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 06:51:37 -08:00
Tom Eastep
ab4dd54523 Save/use local SHAREDIR in reload_command
- Remove SHAREDIR may differ from the local one

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 06:46:14 -08:00
Tom Eastep
f44e035a47 Fix load, reload and export WRT shorewallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 10:21:26 -08:00
Tom Eastep
1ae6ed9c10 Use 'fatal_error' to report issues with params and .conf.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 06:52:43 -08:00
Tom Eastep
0461e5de20 Standardize the 'Ordinary Users' error messages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 12:45:28 -08:00
Tom Eastep
138638cb1a Effectively use the specified directory as the CONFIG_PATH til .conf is read
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 07:45:24 -08:00
Tom Eastep
9f9220f854 Only look in the specified directory for params when compiling as non-root.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-11 06:36:32 -08:00
Tom Eastep
4d2379f542 Implement update -D
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:50:31 -08:00
Tom Eastep
75c148a2dd Enable 'debug' on the try, stop and clear commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-23 11:46:14 -08:00
Tom Eastep
5fcdfd779c Don't default IPSET to 'ipset'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-09 08:54:54 -08:00
Tom Eastep
92d39dc56d Expunge the g_perllib variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:59:39 -07:00
Tom Eastep
749e239d15 Expunge the g_libexec variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:51:36 -07:00
Tom Eastep
5e07ad8caa Allow a directory to be specified with -e.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 14:05:52 -07:00
Tom Eastep
188f05e130 Make ./firewall the default file when compile -e
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 07:35:03 -07:00
Tom Eastep
55e3b11a28 Pass both shorewallrc files to the compiler from lib.cli-std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 15:07:50 -07:00
Tom Eastep
b8e6a812bd Specify the cwd when compiling or checking for export
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 11:33:58 -07:00
Tom Eastep
5b953cc1dd Handle different layouts on the admin system and remote firewall(s)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 09:50:07 -07:00
Tom Eastep
88ab423b2a Correct 'postcompile' patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 14:55:56 -07:00
Tom Eastep
4f54cb34df Add a postcompile script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 08:28:02 -07:00
Tom Eastep
092c2ef8f7 No longer process the local shorewall.conf when compiling from a directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 08:21:45 -07:00
Tom Eastep
c8ea03bf8c Update help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-30 07:23:53 -07:00
Tom Eastep
18f947eb2f Apply patch from Daniel Meißner
- Corrects STARTUP_ENABLED=No error message

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-06 07:28:29 -07:00
Tom Eastep
182a4c3080 Correct 'compile' usage text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-21 07:10:38 -07:00
Tom Eastep
15aa1dae62 Enhancements to the 'refresh' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-02 13:48:18 -07:00
Tom Eastep
d904a2de86 Search and destroy trailing whitespace
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 14:52:57 -07:00