Commit Graph

2127 Commits

Author SHA1 Message Date
Tom Eastep
9345219c11 Another tweak to the network diagram
- Show the SMC zone nested in the Net zone
2013-10-14 06:59:31 -07:00
Tom Eastep
589e048086 Update Multi-ISP example
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-13 14:03:45 -07:00
Tom Eastep
b45c9bd0d2 Add SeaGL2013 Link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-13 14:03:21 -07:00
Tom Eastep
9f80ad8fb3 Document push_/pop_/set_comment().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-26 07:09:23 -07:00
Tom Eastep
56cb029ef4 Fix broken links
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-19 08:14:26 -07:00
Tom Eastep
eb634fa769 Document SERVICEFILE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-18 16:02:14 -07:00
Tom Eastep
e0a222938a Merge branch '4.5.19' 2013-07-27 08:14:35 -07:00
Tom Eastep
36a4ef1676 Correct typo in action.IfEvent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-25 06:10:11 -07:00
Tom Eastep
4edbad6849 Describe the need for LSM to provide failover.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-24 09:55:38 -07:00
Tom Eastep
765b748283 Documentation updates
- Add meaningful IDs to some sections in Events.xml
- Correct typos in the accounting manpages

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-22 07:54:45 -07:00
Tom Eastep
7aa33c140d Add an AutoBL action with helper AutoBLL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-17 10:19:18 -07:00
Tom Eastep
04c2a88d74 Add caution to the Events example on blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-15 14:30:31 -07:00
Tom Eastep
8c27b027fc Break <command> into <command>[<optionlist>]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-14 08:44:01 -07:00
Tom Eastep
5ba8df81fb Further improve readability of the show event[s] commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-13 09:08:50 -07:00
Tom Eastep
3625d9eae7 Mention /proc/net/xt_recent/* in the Events document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 17:08:58 -07:00
Tom Eastep
51d5ec6b2b Make the output of 'show event[2] understandable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 16:07:22 -07:00
Tom Eastep
c7ad12177a Enhance description of events by mentioning xt_recent options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 14:47:22 -07:00
Tom Eastep
d68b581f3b Update the packet marking document for the Event mark bit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:42:09 -07:00
Tom Eastep
501007d0ac Correct the Events article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:14:42 -07:00
Tom Eastep
9535a7d7df Rename 'Trigger' to 'Event' and document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 10:39:21 -07:00
Tom Eastep
43d4a8dcf8 Correct a FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-08 14:19:47 -07:00
Tom Eastep
afd66157a5 Discontinue support for 4.4.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 10:27:59 -07:00
Tom Eastep
2f8c4e6ddc Clarify conditional variables in multi-ISP example.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 08:52:26 -07:00
Tom Eastep
52eb29d01e Remove incorrect statement from the Macro document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-15 06:51:59 -07:00
Tom Eastep
e405ab80bf Update Common Action doc for 'Auth' change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-29 08:40:43 -07:00
Tom Eastep
9b0b3d4b70 Correct ICMPV6 type name translation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-28 08:03:19 -07:00
Tom Eastep
1e6578c759 Correct example in the TPROXY documentaiton.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-17 13:36:09 -07:00
Tom Eastep
ea71f15b3d Delete SWPING from MultiISP doc. 2013-05-06 09:09:24 -07:00
Tom Eastep
82bfb5ac50 Document @caller.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-30 16:32:25 -07:00
Tom Eastep
b57fd9f2a9 Update TPROXY article to explain exclusion.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-26 08:42:23 -07:00
Tom Eastep
b6ceb96ebe Add 'initdone' to the config file list in the conf basics article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-22 07:57:18 -07:00
Tom Eastep
0d39d7542e Update the Actions document re: CHAIN_SCRIPTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-21 08:49:22 -07:00
Tom Eastep
c5d4a63afe Describe a more complex dmz squid solution
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-19 14:15:40 -07:00
Tom Eastep
a9ce4c20f0 Add routefilter=0,logmartians=0 to Squid routing solution
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-19 13:52:01 -07:00
Tom Eastep
64e7675f45 Add note about rate-estimators in FAQ 97a
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-03 07:28:23 -07:00
Tom Eastep
ee66a45e2e Correct comments in the Chains module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-02 12:52:10 -07:00
Tom Eastep
190e43ff51 Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-02 10:55:09 -07:00
Tom Eastep
2381b0fd8f Correct typo in FAQ 97a
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-30 08:41:57 -07:00
Tom Eastep
6e5f00062c Revert "Use 'replace' rather than 'add' for routes defined in the routes file."
This reverts commit 215fd9e234.

Conflicts:

	Shorewall/Perl/Shorewall/Providers.pm
2013-03-24 14:19:31 -07:00
Tom Eastep
1dfbc11cfa More cleanup of the Multi-ISP null routing section.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-24 09:24:57 -07:00
Tom Eastep
1701bd46fc Correct table entry in the Shorewall-init article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:54:18 -07:00
Tom Eastep
6ebe28040b Add Four to the list of authors
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-17 07:42:45 -07:00
Tom Eastep
1e866eac28 Implement the other forms of NULL routing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-16 08:20:52 -07:00
Tom Eastep
d005ffa766 Update action tables in Shorewall-init article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-13 11:17:10 -07:00
Tom Eastep
a990ceecba Clarify ipsets WRT xtables-addons.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 08:18:00 -08:00
Tom Eastep
ec5e1b54c1 Correct COPY description in the multi-ISP document.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 08:28:18 -08:00
Tom Eastep
c271d6753c Update FAQ copyright.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-20 09:12:55 -08:00
Tom Eastep
0c11a8e0aa Fix broken link.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 10:33:44 -08:00
Tom Eastep
f44e035a47 Fix load, reload and export WRT shorewallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 10:21:26 -08:00
Tom Eastep
2845ffb4bb Document perl_action_tcp_helper
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 09:35:31 -08:00
Tom Eastep
c68513672d Comments and documentation.
- Removes the Actions-4.5 article

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 08:48:45 -08:00
Tom Eastep
394850e68e Document updates for IPv6 and Shorewall Lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 06:58:22 -08:00
Tom Eastep
8d0a80a7e2 Merge branch '4.5.13' 2013-02-11 06:40:11 -08:00
Tom Eastep
bda1e05d9a Mention the requirement for a params file in the Shorewall Lite article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-11 05:58:01 -08:00
Tom Eastep
83111a1126 Clarify the requirement for accessing $n in an action body
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 20:24:26 -08:00
Tom Eastep
eaa6d72a4f Allow parameters to be omitted in action invocations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 07:07:01 -08:00
Tom Eastep
ca5a70aa6f Clarify the <variable> forms allowed in a ?SET directive.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-02 11:08:29 -08:00
Tom Eastep
a5d3b1f470 Remove requirement that matches and proto end with a space in perl helper API.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-01 12:29:30 -08:00
Tom Eastep
221f4909b5 Document perl_action_helper
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-29 09:12:04 -08:00
Tom Eastep
f403420926 Allow setting chain variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-19 10:52:11 -08:00
Tom Eastep
e76c0c8187 Correct IPV6 document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-17 15:58:52 -08:00
Tom Eastep
ed40415458 Add FAQ 101 (speed up start/restart)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-13 08:19:26 -08:00
Tom Eastep
af83989465 Update copyright dates.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-11 16:01:10 -08:00
Tom Eastep
975fb8992e Add warnings about line continuation vs. comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-09 08:00:59 -08:00
Tom Eastep
38657d9f98 Support for arptables.
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
769125903d Update Traffic Shaping Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 12:17:26 -08:00
Tom Eastep
115081dda5 Tweak fq_codel documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 11:20:16 -08:00
Tom Eastep
bd563ae9b7 Merge branch '4.5.11'
Conflicts:
	Shorewall/Perl/Shorewall/Config.pm
	Shorewall/Perl/Shorewall/Rules.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 13:10:37 -08:00
Tom Eastep
4d2379f542 Implement update -D
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:50:31 -08:00
Tom Eastep
c9eccaf3b8 Implement ?COMMENT directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:49:32 -08:00
Tom Eastep
41b4485310 Implement ?COMMENT directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 15:47:03 -08:00
Tom Eastep
6c1369a5a8 Minor tweaks to the documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 09:51:51 -08:00
Tom Eastep
82f8b0295f Update the upgrade issues
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 09:05:24 -08:00
Tom Eastep
96b61ea05c Update documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 16:13:23 -08:00
Tom Eastep
7abebb72e4 Document Shorewall::Config::set_action_param().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:13:51 -08:00
Tom Eastep
da0261cb91 Document @1, @2,...@n
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-20 09:46:24 -08:00
Tom Eastep
df7785f2e9 Implement user-defined address variables.
- Also correct handling of ${0} & ${chain} in a SWITCH column.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-18 17:58:20 -08:00
Tom Eastep
2b9af94c59 Clean up the Embedded Perl section in the Actions documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-17 15:59:52 -08:00
Tom Eastep
e8720e9f78 Add a section Id to the Shorewall Variables section
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-16 09:48:33 -08:00
Tom Eastep
6b758fd588 Describe use of BEGIN PERL .... END PERL in action bodies.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-16 09:06:29 -08:00
Tom Eastep
1dc0f8b170 Split the Shell Variables section into multiple sections.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-16 08:45:46 -08:00
Tom Eastep
10237e01b2 Document ?set and ?reset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-09 11:46:51 -08:00
Tom Eastep
56d7b6248b Begin Action Documentaiton Update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 19:07:42 -08:00
Tom Eastep
22aa06f497 Small change to the Actions document.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:39:29 -08:00
Tom Eastep
172c1a5b44 Update the alternative column specification table.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-29 07:43:48 -08:00
Tom Eastep
d7096ae52e Back out default-action macros and document in-line actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-27 10:53:18 -08:00
Tom Eastep
7673b1ac4b Support multiple parameters in macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-26 11:04:19 -08:00
Tom Eastep
dd0f42c462 Mention Macros as default actions in the Actions and Macros docs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-25 12:09:41 -08:00
Tom Eastep
9a8cf60857 Recomment disabling route filtering on fallback interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-20 12:45:19 -08:00
Tom Eastep
a484cb848f Document TPROXY IPv6 gotcha.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-14 11:51:30 -08:00
Tom Eastep
0e7a4d56fd Mention IMPLICIT_CONTINUE in the bridge doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-04 07:07:19 -08:00
Tom Eastep
e11dac3fe2 Replace wireless router image in the 2012 Network diagram.
- Correct a typo in the 4.4 upgrade issues

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-29 07:18:28 -07:00
Tom Eastep
d3c63a2d97 Merge branch '4.5.9'
Conflicts:
	docs/MultiISP.xml
	docs/images/Network2012a.dia
	docs/images/Network2012a.png
2012-10-28 12:45:51 -07:00
Tom Eastep
39c0991940 More updates to the Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-28 12:34:27 -07:00
Tom Eastep
9e984b10f6 More updates to the Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-28 12:10:06 -07:00
Tom Eastep
19048b6a18 Recover Network Diagram
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-28 09:06:48 -07:00
Tom Eastep
2fcbeb9ddf Update Multi-ISP doc with my current config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-27 20:43:13 -07:00
Tom Eastep
8397244fd6 Update Multi-ISP doc with my current config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-27 20:28:52 -07:00
Tom Eastep
ef3652fc98 Update migration issues document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-27 08:01:16 -07:00
Tom Eastep
b9139a4ec8 Add additional steps to creating a dump file.
- Ubuntu Precise with 4.4.26.1 -- use bash
- ipsec-tools required if IPSEC-related issue

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 12:42:35 -07:00
Tom Eastep
1e7a196b3d correct a typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 12:41:29 -07:00
Tom Eastep
e177916c12 Implement statistical marking in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 07:10:26 -07:00
Paul Gear
b082ca2331 Spelling fix
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-12 16:50:55 -07:00
Tom Eastep
18f981d7cc Update formatting in Dynamic Zones doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-09 07:08:35 -07:00
Tom Eastep
1195661264 Document new Dynamic Zone implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 12:20:36 -07:00
Tom Eastep
e2eba9468d Update IPv6 doc with new syntax.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-27 14:30:26 -07:00
Tom Eastep
32f89fa24b Don't unconditionally detect helpers when LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-22 09:27:13 -07:00
Tom Eastep
97cdc390c3 Continue work on Internals document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-21 15:06:29 -07:00
Tom Eastep
4c906dc3d1 Add UDP conntrack FAQ 1j.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-21 07:28:37 -07:00
Tom Eastep
483374d356 Continue development of the Internals document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-17 07:52:18 -07:00
Tom Eastep
f8c2e129c9 Additional content in the Internals document.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-16 15:47:29 -07:00
Tom Eastep
92ed56bbbc More content in the Internals doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-16 07:29:53 -07:00
Tom Eastep
0dd7ad7920 Re-organize Squid document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-08 08:08:16 -07:00
Tom Eastep
7235d4da11 Update manpage indexes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 20:25:15 -07:00
Tom Eastep
55e3b11a28 Pass both shorewallrc files to the compiler from lib.cli-std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 15:07:50 -07:00
Tom Eastep
c16dfc609d Documentation updates for VARLIB
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 15:43:52 -07:00
Tom Eastep
f5e1a42ac9 Update the Shorewall-Lite article
- Mention shorewallrc
- Mention that /etc/shorewall/shorewall.conf is no longer read when the
  configuration directory has a shorewall.conf file.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 09:10:19 -07:00
Tom Eastep
9b05146a85 New documents (WIP)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-30 10:06:58 -07:00
Tom Eastep
899bce13c3 Some doc updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-27 13:22:05 -07:00
Tom Eastep
15fd345545 FAQ update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-25 09:06:37 -07:00
Tom Eastep
0423769f59 Update docs for info added/changed in 4.5.7
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-20 11:36:32 -07:00
Tom Eastep
1b7a7d0fdf Remove some more hard-coded directory names from the installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-17 14:24:52 -07:00
Tom Eastep
fdc45a990d Arrange for HELPER to match in the RELATED section.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 15:44:19 -07:00
Tom Eastep
f1fbb95d48 Update documentation for content merged from the 4.5.8 (master) path
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 08:16:36 -07:00
Tom Eastep
8f71797a48 Update upgrade doc to mention both SHA and SHA1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-08 10:51:06 -07:00
Tom Eastep
88dabde9c9 Update upgrade-issues doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-07 09:10:21 -07:00
Tom Eastep
c007f847a0 Handle disabled helpers in pre-3.5 kernels.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-06 15:54:45 -07:00
Tom Eastep
6c97e13107 Use -j CT for helper detection, when available
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-04 11:36:03 -07:00
Tom Eastep
6fbb578ce6 Add Helpers Document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-04 07:28:13 -07:00
Tom Eastep
c2cd031285 Mention the conntrack file in the config basics doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 11:31:25 -07:00
Tom Eastep
735b7c2cf5 Add support for nfacct
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-28 11:21:16 -07:00
Tom Eastep
55519bd9ac Revise instructions for disabling iptables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-17 16:48:15 -07:00
Tom Eastep
620d8f1cd0 Add an Anti-spoofing document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-15 11:26:16 -07:00
Tom Eastep
aa652fda1b Add FAQ 99
- Empty ruleset after boot even though Shorewall runs.
2012-07-07 07:55:17 -07:00
Tom Eastep
66f3df4570 Correct typo in ISO 366O doc.
- changed tcrules to rules

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-07 07:38:27 -07:00
Tom Eastep
74f831a73e Improve the readability of the ?ELSIF example
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-02 11:51:14 -07:00
Tom Eastep
f0b5ee4cdb Correct a typo in NewRelease.xml
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-02 11:50:38 -07:00
Tom Eastep
0bf2753472 Re-implement conditional inclusion
- Correct defects
- Add ?ELSIF support
- Allow Perl-compatible expressions in ?IF
2012-06-27 15:15:44 -07:00
Tom Eastep
640d34cecd Remove old advice from the Aliased Interface Article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-20 16:39:12 -07:00
Tom Eastep
d1627efe5a Add a complex QOS Example
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-17 09:57:31 -07:00
Tom Eastep
6c47349689 Support 'red' queuing discipline
- Also added 'ls' support for HFSC

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-13 14:29:13 -07:00
Tom Eastep
f92a9fa0d6 Update traffic shaping doc with linklayer options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-12 09:40:33 -07:00
Tom Eastep
4a51241c40 Merge branch '4.5.5' 2012-06-12 08:12:26 -07:00
Tom Eastep
b2c96970ee Add cls_basic to recommended TC modules in FAQ 67
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-12 08:11:17 -07:00
Tom Eastep
2e05b81443 Apply patch from Ronan Amicel
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-11 11:26:49 -07:00
Tom Eastep
5f051fc61b Unify document indexes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 15:31:31 -07:00
Tom Eastep
61d4363865 Update Netfilter overview with Raw and Rawpost tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 15:30:39 -07:00
Tom Eastep
705744fd8c Convert Frequently-used Articles section into a table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 07:36:32 -07:00
Tom Eastep
724f3cbd76 Unify documentation indexes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 07:22:14 -07:00
Tom Eastep
f86476a43c Remove SYSCONFDIR aliasing from Install.xml
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-09 07:18:53 -07:00
Tom Eastep
1ed6769b14 Fix broken URL in logging doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-09 07:18:17 -07:00
Tom Eastep
5c7a4b579c Clarify CONFIG_PATH setting using -lite products
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-05 17:23:13 -07:00
Tom Eastep
ee467a4877 Allow embedded shell/Perl directives to have leading '?'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-05 07:32:43 -07:00
Tom Eastep
fc97f6d00e Implement LOG target option control.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-24 13:54:59 -07:00
Tom Eastep
ab2376d61d Document 15-cc limit.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-21 07:03:53 -07:00
Tom Eastep
73e5bb0374 Expand the GEOIP documentation to describe GEOIPDIR option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-20 09:40:00 -07:00
Tom Eastep
d8ec051114 Load the geoip cc's dynamically.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-20 08:59:59 -07:00
Tom Eastep
f0a3e1652a Bracket non-trivial cc lists with [...]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-19 09:39:49 -07:00
Tom Eastep
cb72948739 Add Geoip match to config basics doc. Clarify variable search algorithm.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 07:27:33 -07:00
Tom Eastep
55c88e8e81 Replace curly brace enclosure with a preceding caret to avoid ambiguity.
- {...} is used to enclose a set of column/value pairs and it is certain
  that the two will become confused.
2012-05-17 15:26:16 -07:00
Tom Eastep
d1519345c4 Add TOC Link to ISO-3661.html; Correct typo in ISO-3661 page.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 12:26:02 -07:00
Tom Eastep
d220d3d9d5 Abandon action.GeoIP in favor of extended syntax in the SOURCE and DEST columns.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:44:02 -07:00
Tom Eastep
cc07e74532 Correct typo in TPROXY documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-16 15:56:19 -07:00
Tom Eastep
3d541f50c8 Use "(S)" consistently in column headings.
- add synonyms so both the singular and plural forms are accepted.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
bad8b9bddb Improve TPROXY documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 11:39:15 -07:00
Tom Eastep
69d735ea0a Make TPROXY actually work!
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
582d025f58 Add DIVERT action to tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
089d980dae Document the --shorewallrc parameter to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 07:59:22 -07:00
Tom Eastep
2cbf1e86ad Allow synonyms for column names in alternate specification formats
- gateway and gateways in the tunnels file
- mark and action in the tcrules file

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:59:47 -07:00
Tom Eastep
7453b70666 Add emphasis to the 'required' option in the config basics doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:14:56 -07:00
Tom Eastep
53d66833b2 Document how to avoid dhcp client setting default route
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 08:28:06 -07:00
Tom Eastep
2dd82a9898 Update Multi-ISP documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-01 10:28:12 -07:00
Tom Eastep
3a362a7004 Update FAQ 17
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-25 09:44:24 -07:00
Tom Eastep
25125c47e4 Document configure.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 11:57:08 -07:00
Tom Eastep
55cd81747d Add emphasis in some examples; correct a typo.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 07:38:38 -07:00
Tom Eastep
97cc4930cf Deimplement option leading ? in embedded directives
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 16:26:05 -07:00
Tom Eastep
f85321e201 Clean up conditional include documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 11:50:22 -07:00
Tom Eastep
85fce606dc Give all config files access to shorewallrc variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 13:19:38 -07:00
Tom Eastep
c26f6d45dd Document install changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-31 20:02:03 -07:00
Tom Eastep
0063de1564 Add capabilities to conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 11:57:33 -07:00
Tom Eastep
72e6330ff4 Revert "Add capabilities to ?IF conditionals"
This reverts commit 0d71c590e4.
2012-03-19 07:20:31 -07:00
Tom Eastep
c51e387e79 Document MANDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 12:09:22 -07:00
Tom Eastep
0fac1d182f Add an Id to the default location section of the Install doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 11:20:24 -07:00
Tom Eastep
0d71c590e4 Add capabilities to ?IF conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 08:48:26 -07:00
Tom Eastep
81714ee81f Document '!' in ?IF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 16:58:25 -07:00
Tom Eastep
b7465262ca Rename MARK/CLASSIFY column to ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 10:09:13 -07:00
Tom Eastep
ab13fbe95e Allow conditional compilation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 08:16:12 -07:00
Tom Eastep
a3219f71c9 Add a restriction to the SHELL and PERL directives.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 12:27:04 -07:00
Tom Eastep
fd5b7b20cf Remove trailing white-space
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-08 13:05:56 -08:00
Tom Eastep
05f025e422 Don't install isusable script by default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-07 07:46:53 -08:00
Tom Eastep
1d249567ed Add unsubscribe instructions to the FAQ.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-05 13:32:12 -08:00
Tom Eastep
9493bda0cc Mention Shorewall-core in the 4.5.0 upgrade issues.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-01 07:28:16 -08:00
Tom Eastep
bd9a3e5a3e Update the release model web page
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-25 08:24:48 -08:00
Tom Eastep
47453a20f7 Tweak to Run-time gateway variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-24 09:02:04 -08:00
Tom Eastep
7273f4d8d4 Implement run-time gateway variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 13:36:00 -08:00
Tom Eastep
09ad6bba1a Fix Shorewall-core installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 15:59:28 -08:00
Tom Eastep
c751a0ada3 Documentation updates suggested by Jeffrey Spain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 11:30:06 -08:00
Tom Eastep
8c981e0464 Cleanup of install scripts based on feedback from Mr. Dash4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 10:08:42 -08:00
Tom Eastep
76f8a9e171 Update the Install article for 4.5.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 09:02:04 -08:00
Tom Eastep
30cf344be0 Unify 4.4/4.5 documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-12 11:47:08 -08:00
Tom Eastep
892f4417b3 Update build doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-05 08:06:02 -08:00
Tom Eastep
8d9b1d50d1 Change zone ordering in the IPSEC doc.
- Place net before vpn so that pppoe users who blindly copy examples won't
  get mis-ordered nested zones.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-21 05:51:28 -08:00
Tom Eastep
4f90736601 Update multi-ISP doc for automatic .status file generation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-17 07:30:13 -08:00
Tom Eastep
5c596ed715 Update Shorewall Perl doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-17 07:24:29 -08:00
Tom Eastep
7060c1350f Add 'ttl' to Debian tunnel configurations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-16 10:31:05 -08:00
Tom Eastep
58bf562747 Generate load rules at runtime rather than at compile time.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-15 19:23:44 -08:00
Tom Eastep
7316a2c51a Implement 'load=<load-factor>' in providers file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-13 16:37:05 -08:00
Tom Eastep
23c4ebf2a0 Correct FAQ 2a
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-12 16:49:32 -08:00
Tom Eastep
aff1e4ef0a Correct ethtool commands in the FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-10 17:28:56 -08:00
Tom Eastep
58a0b9b5c1 Rename route_rules to rtrules -- phase 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 07:19:10 -08:00
Tom Eastep
4c2df6fea7 Rename route_rules to rtrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 06:38:55 -08:00
Tom Eastep
123db94b71 Remove empty cell in documentation index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-04 12:25:13 -08:00
Tom Eastep
4912199396 Shorewall 4.5 Documentation Updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-02 10:19:07 -08:00
Tom Eastep
b367fb46af Add a caution to the Getting Started Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-29 07:49:40 -08:00
Tom Eastep
1f051314b3 Update network diagram 2011-12-17 14:11:56 -08:00
Tom Eastep
57d0550311 Document use of .conf options as variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 07:40:43 -08:00
Tom Eastep
4abd626b32 New IPv6 network diagram
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-12 10:35:03 -08:00
Tom Eastep
6bb487bb68 Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 07:36:23 -08:00
Tom Eastep
1a968ec734 Add routefilter to one-armed router section
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-21 05:54:51 -08:00
Tom Eastep
4a7d4d6abc Bring the upgrade issues doc up to date
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:46:02 -08:00
Tom Eastep
88a883da71 Update references to WIDE_TC_MARKS and HIGH_ROUTE_MARKS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:45:47 -08:00
Tom Eastep
5097d36a33 Update Packing Marking doc for this release
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 07:41:17 -08:00
Tom Eastep
83d7cfa76a Update documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:18:43 -08:00
Tom Eastep
d053faadde Allow convertion of a legacy blacklist configuration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
0a605c63f2 Add note about separate blacklist file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-31 08:46:11 -07:00
Tom Eastep
e997b7e662 Update Build doc to reflect change to 'setversion'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-30 05:26:23 -07:00
Tom Eastep
5e97dc1954 Fold long lines in the FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-25 14:28:18 -07:00
Tom Eastep
3ce5449257 Change the Caution at the top of the FAQs to refer to 4.4 rather than 4.3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-24 06:23:33 -07:00
Tom Eastep
54ba4ed879 Add MARK column to route_rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-23 07:56:53 -07:00
Tom Eastep
2316162d86 Fix last section of two-interface doc 2011-10-22 16:22:44 -07:00
Tom Eastep
cb13c02731 Fix last section of two-interface doc 2011-10-22 16:15:36 -07:00
Tom Eastep
18161b54e8 Update network graphics 2011-10-20 10:02:58 -07:00
Tom Eastep
efb768464c Add FAQ 97a 2011-10-14 11:27:44 -07:00
Tom Eastep
1052b481f3 Mention IP_FORWARD=On in FAQ 1g
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-11 15:33:32 -07:00
Tom Eastep
a10909f791 Enhance FAQ 15
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-10 16:51:04 -07:00
Tom Eastep
6d56a8aa45 Merge branch '4.4.24'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-10 06:57:05 -07:00
Tom Eastep
668926c2a6 Add BALANCE_TABLE.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 09:00:14 -07:00
Tom Eastep
809f27decd More alternate-specification fixes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 07:06:01 -07:00
Tom Eastep
8115934adf More alternate-specification fixes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 07:05:08 -07:00
Tom Eastep
092da7ce67 Add proxyndp to 'pairs' documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-07 15:14:23 -07:00
Tom Eastep
109bed7037 Add proxyndp to 'pairs' documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-07 15:07:09 -07:00
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
072f4752fc Get rid of minimum column requirement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 09:56:25 -07:00
Tom Eastep
5aa4534fbe Correct copyright date in the Shorewall Lite doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-29 07:20:01 -07:00
Tom Eastep
765ec27fbb Correct URL in the Documentation Index 2011-09-27 18:34:23 -07:00
Tom Eastep
a3d4edfd1f Reorganize Shorewall Lite docs 2011-09-27 18:13:57 -07:00
Tom Eastep
37da8b5808 Rename and refine Shorewall Lite doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-27 15:44:19 -07:00
Tom Eastep
11064202a5 Update features 2011-09-26 17:32:06 -07:00
Tom Eastep
2b7515f434 Refer manpage readers to the 'Pairs' information
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 10:16:52 -07:00
Tom Eastep
9a4dfc4394 Implement an alternate way of specifying column contents.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-25 17:08:53 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation.
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
12bfc14c5f More SWTICH changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:20 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
cf80dc8858 Document OpenVZ brokenness on Squeeze 2011-09-21 19:27:38 -07:00
Tom Eastep
e894e15fa1 More netmap updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:04 -07:00
Tom Eastep
379d1d3201 Document how to use IPv6 netmap
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 10:56:11 -07:00
Tom Eastep
dd836507e0 Correct capitalization (SHARED->Shared)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 10:27:49 -07:00
Tom Eastep
551f93762d Correct two typos in the Proxy ARP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:50 -07:00
Tom Eastep
a16986ddc3 s /filter/sfilter/ in FAQ 17
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-05 17:24:42 -07:00
Tom Eastep
88e28775c9 Document SAFESTOP in FAQ 73.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-04 07:49:04 -07:00
Tom Eastep
678f6b4091 Add FAQ 97 about low TC outbound bandwidth
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-01 10:48:48 -07:00
Tom Eastep
d08ddd30ff Update copyright in Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-31 07:59:05 -07:00
Tom Eastep
8b67052e5d Add LXC.html to the documentation index and provide Graphic
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-31 07:49:43 -07:00
Tom Eastep
751094f408 Remove my email address from the LSM sample config 2011-08-31 07:07:25 -07:00
Tom Eastep
528f2b0aa2 Implement enable and disable commands for IPv4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-25 16:00:27 -07:00
Tom Eastep
0b2a8b12c7 Implement Stateless NAT support.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-14 12:01:17 -07:00
Tom Eastep
f49ae2762b Correct typos in Macros HOWTO
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-12 14:49:34 -07:00
Tom Eastep
c923dfdade Correct Port Knocking HOWTO for iptables 1.4.12
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-09 16:22:46 -07:00
Tom Eastep
58f9a66587 Add FAQ 96 re: DISABLE_IPV6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-02 07:33:01 -07:00
Tom Eastep
db8092d71e Update VPN Basics Doc 2011-07-30 09:16:26 -07:00
Tom Eastep
9e6fd39145 Corrections to OPENVPN doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-30 06:57:55 -07:00
Tom Eastep
15a88f962f Add a FAQ regarding $FW
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-14 07:48:51 -07:00
Tom Eastep
0ab7e06f84 Document renaming of scripts in the Build document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 15:15:06 -07:00
Tom Eastep
92e244f1b8 Mention reversed interfaces in FAQ 1b.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 09:32:38 -07:00
Tom Eastep
290e5d3cfd Add the release repository to the Build document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 16:03:10 -07:00
Tom Eastep
7cb3392e3d Expand explaination of rate limiting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 09:53:56 -07:00
Tom Eastep
aa31e52b96 Show alternative message for partial PORT or PASV reply
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 06:43:07 -07:00
Tom Eastep
d31e2d67ba DEFAULTS directive enforces max number of parameters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 07:22:29 -07:00
Tom Eastep
ef848a559c Correct TPROXY documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-30 06:36:48 -07:00
Tom Eastep
bd2cbfc5e2 Correct typo in the Manual Chains HOWTO
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-28 07:45:49 -07:00
Tom Eastep
67b8a10879 Correct parameterized default action in the FAQ 2011-06-25 10:26:45 -07:00
Tom Eastep
6cc2503f60 More FAQ updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 08:23:32 -07:00
Tom Eastep
961b9b5e6d More FAQ cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 07:44:13 -07:00
Tom Eastep
8b61e4500a Documentation Updates (mostly FAQ)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 13:40:50 -07:00
Tom Eastep
6da5380230 Update troubleshooting doc for -T option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 11:48:14 -07:00
Tom Eastep
0d2e2a14d3 Document additional parameters to standard default actions and DEFAULT in macro files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:05:13 -07:00
Tom Eastep
44599530ea Remove warnings about duplicate zone/interface dynamic hosts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 18:27:18 -07:00
Tom Eastep
c112f2381e Document IPv6 Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:59:14 -07:00
Tom Eastep
f7322a674d Update ipset doc with Shorewall6 and Shorewall-init info.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 15:00:48 -07:00
Tom Eastep
a4b77d7267 Update compiler.pl documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:56:03 -07:00
Tom Eastep
6f3497e353 Update Audit.xml with parameterized standard action info
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 06:50:18 -07:00
Tom Eastep
b7a3142620 Document parameterized default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:25:48 -07:00
Tom Eastep
0cb98737f7 Document DEFAULTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:29:25 -07:00
Tom Eastep
642319d706 Change annotated documentation default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 15:40:21 -07:00
Tom Eastep
c42c6864b4 Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:22 -07:00
Tom Eastep
4436d479b4 Extend FAQ 4 2011-06-05 17:58:20 -07:00
Tom Eastep
b20156de9e Add note about 'burst' to the complex TC doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-05 06:33:33 -07:00
Tom Eastep
818b927b73 Make Kernel Config article unmaintained 2011-06-04 06:31:25 -07:00
Tom Eastep
eba1473600 Change heading in the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-03 07:39:08 -07:00
Tom Eastep
c3600eb814 Document -p and PLAIN
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-02 06:43:23 -07:00
Tom Eastep
0287d96aa2 Finish filtering implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-26 13:38:44 -07:00
Tom Eastep
704f3fdd55 Document audited default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 07:24:15 -07:00
Tom Eastep
5d04c93a16 Implement LEGACY_FASTSTART option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 15:36:29 -07:00
Tom Eastep
e511c5a8d5 Corrections to Audit documents 2011-05-22 10:25:43 -07:00
Tom Eastep
a8fd3281d9 Add CONFIG_PATH section
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 08:59:05 -07:00
Tom Eastep
57d276f0b3 Add default action example 2011-05-22 08:02:23 -07:00
Tom Eastep
b844fc3107 Correct typo in Audit doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 06:10:58 -07:00
Tom Eastep
ad050763cc Documentation update 2 for AUDIT support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-21 17:22:19 -07:00
Tom Eastep
e940f5018e Implement whitelisting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-18 08:30:01 -07:00
Tom Eastep
8ec33cd6dd Update accounting documentation 2011-05-17 18:35:28 -07:00
Tom Eastep
fd70e73d34 Add ACCOUNTING_TABLE option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-17 12:51:33 -07:00
Tom Eastep
43a21e122a Update Install doc with absolute path name info
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-14 07:20:38 -07:00
Tom Eastep
02baf94246 Fix typo in starting/stopping doc 2011-05-08 05:44:24 -07:00
Tom Eastep
68fe7c733e Correct ipset allowed characters 2011-04-11 10:02:18 -07:00
Tom Eastep
c902045348 Document method of turning off TSO/GSO 2011-04-11 09:49:48 -07:00
Tom Eastep
5734c84499 Documentation updates 2011-04-11 09:37:50 -07:00
Tom Eastep
f2d5e79684 Add link to 2011 Linuxfest Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-10 15:25:52 -07:00
Tom Eastep
6e7a7b7f39 Clarify what Shorewall UPnP does and does not do 2011-04-10 10:29:10 -07:00
Tom Eastep
81437b2bb1 Don't mention downloads in the complex TC doc 2011-04-04 19:01:06 -07:00
Tom Eastep
6b93ff3a91 Clarify Debian file location 2011-04-03 19:32:39 -07:00
Tom Eastep
a47357a6e8 Re-add LXC doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-03 10:27:52 -07:00
Tom Eastep
cc633c5bd9 Shorewall 4.4.19 Changes 2011-04-03 09:56:30 -07:00
Tom Eastep
d7fb4e8ed9 More corrections to Tuomo's Example 2011-03-02 07:13:14 -08:00
Tom Eastep
e2c8d7b3e1 Correct Tuomo's workaround description 2011-03-01 14:04:06 -08:00
Tom Eastep
b7b1d5a7ab Link Proxy NDP section to the Vserver example of same 2011-02-28 13:40:20 -08:00
Tom Eastep
323fef9b51 Add additional info to the Vserver NDP section 2011-02-28 13:38:03 -08:00
Tom Eastep
cb94ca821e Correct typo 2011-02-28 13:08:28 -08:00
Tom Eastep
e9a3dc85fc Add proxy NDP example to the Vserver article 2011-02-28 13:05:04 -08:00
Tom Eastep
ac45a9b392 Fix typo in the Lenny->Squeeze doc 2011-02-19 09:28:09 -08:00
Tom Eastep
e47cb61c33 Introduce 'accountfwd' chain for forwarded accounting in sectioned configuration 2011-02-18 15:44:55 -08:00
Tom Eastep
da1ae7d301 Add bleve's tip to the MultiISP doc 2011-02-18 09:02:56 -08:00
Tom Eastep
e5fb8b0a35 Add Simple TC warning to the Lenny->Squeeze article 2011-02-12 20:02:54 -08:00
Tom Eastep
5c0b592934 Section the accounting file 2011-02-12 12:47:15 -08:00
Tom Eastep
27add33ff3 Add 'show ipa' to Accounting doc 2011-02-10 13:54:51 -08:00
Tom Eastep
f5a39a4aa8 Updates for new release model 2011-02-07 16:32:51 -08:00
Tom Eastep
b4b59119ef Don't allow non-accounting chain in the CHAIN accounting column 2011-02-07 16:32:38 -08:00
Tom Eastep
2c2fdab0fe Rename USE_LOCAL_MODULES to EXPORTMODULES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:42:35 -08:00
Tom Eastep
98e3827246 Remove rant in getting started doc 2011-02-04 06:45:53 -08:00
Tom Eastep
ea2c72d1b1 Prepare for 4.4.17 2011-02-04 06:44:02 -08:00
Tom Eastep
b61ad28897 Add threat to GettingStarted doc 2011-02-03 20:38:41 -08:00
Tom Eastep
ac13be4ed4 Add rate-limiting example to rules manpages 2011-02-03 13:26:41 -08:00
Tom Eastep
ae4d675d0d Document chain name length restriction 2011-01-31 07:07:10 -08:00
Tom Eastep
a9f5721851 Add OpenSuSE 11.3 to distros tested with per-IP accounting 2011-01-31 06:55:59 -08:00
Tom Eastep
a026ffabe1 Add iptaccount -l example with output 2011-01-30 14:04:26 -08:00
Tom Eastep
2cf3d15d45 Mention the iptaccount --help command 2011-01-30 10:46:35 -08:00
Tom Eastep
303afe8c7e Some accounting fixes (code and docs) 2011-01-30 09:39:14 -08:00
Tom Eastep
26cea4336e Document per-IP accounting 2011-01-30 08:33:06 -08:00
Tom Eastep
156b04c380 Implement Run-time Address Variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-01-26 09:08:48 -08:00
Tom Eastep
4098535a43 Revise info about mis-using Vserver zones 2011-01-23 12:47:13 -08:00
Tom Eastep
d5b0a39b45 Add some info about mis-using Vserver zones 2011-01-23 09:45:06 -08:00
Tom Eastep
a7dd95d394 Add some info about mis-using Vserver zones 2011-01-23 09:43:35 -08:00
Tom Eastep
228eeabb7d More explainations in the Simple TC doc 2011-01-23 08:36:45 -08:00
Tom Eastep
7b73323301 Add more introductory material to the Simple TC document 2011-01-23 07:53:56 -08:00
Tom Eastep
a2b440b093 Add USE_LOCAL_MODULES option 2011-01-22 08:13:17 -08:00
Tom Eastep
985fd990c6 Update Shorewall-4 with info about shorewall-init 2011-01-22 07:30:40 -08:00
Tom Eastep
d0858f6034 Add module-loading section to Shorewall-lite doc 2011-01-21 15:49:28 -08:00
Tom Eastep
3a2da73808 Document INCLUDE changes in the basics doc 2011-01-15 15:56:20 -08:00
Tom Eastep
265ca85d02 Allow INCLUDE in extension scripts 2011-01-15 15:43:45 -08:00
Tom Eastep
4a69ad35ee Resolve conflicts -- take 2 2011-01-13 19:24:15 -08:00
Tom Eastep
edde07fd85 Resolve conflects 2011-01-13 19:01:44 -08:00
Tom Eastep
fce558d97e Correct 'shorewall-common' references in the quickstart guides 2011-01-13 18:53:03 -08:00
Roberto C. Sanchez
28682a2428 eliminate obsolete references to shorewall-common 2011-01-13 20:02:19 -05:00
Tom Eastep
08f09d7de0 Deprecate EXPORTPARAMS 2011-01-09 10:12:36 -08:00
Tom Eastep
97672455b2 Correct typo in the FAQ 2011-01-09 09:18:21 -08:00
Tom Eastep
3c4336da58 Enhance DNAT documentation again 2011-01-07 10:27:35 -08:00
Tom Eastep
a8084370b6 Correct bridge example in the OPENVPN doc 2011-01-05 06:57:42 -08:00
Tom Eastep
6a7dad5e18 Merge branch 'master' into 4.4.16
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-27 12:32:28 -08:00
Tom Eastep
79cbfd0126 Allow '--' to specify '-' as an action parameter 2010-12-26 17:03:05 -08:00
Tom Eastep
4111432a52 Implement optional action parameters 2010-12-26 16:13:53 -08:00
Tom Eastep
31bd00e42e Document parameterized actions 2010-12-26 08:59:31 -08:00
Tom Eastep
29da130eef Add a note about the SOURCE and DEST columns 2010-12-24 14:03:55 -08:00
Tom Eastep
a51eac91b0 Add documentation for parameterized actions 2010-12-22 15:09:54 -08:00
Tom Eastep
880a94e42f Update documentation regarding Hack removal 2010-12-14 11:19:17 -08:00
Tom Eastep
aba63d5c9b More action/macro documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-13 09:06:29 -08:00
Tom Eastep
e8b26236e2 Shuffle the Compiled Program article 2010-12-12 19:00:15 -08:00
Tom Eastep
b786da4abb Document lack of configfiles/ in Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-12 08:45:54 -08:00
Tom Eastep
48b00d719e Complete Proxy NDP implementation 2010-12-11 10:04:07 -08:00
Tom Eastep
2f70c0b71a Add Optional/Required interface section to the config basics doc 2010-12-09 10:04:52 -08:00
Tom Eastep
627733d925 Mention DHCPfwd in the DHCP doc - TAKE 2 2010-12-01 11:39:48 -08:00
Tom Eastep
b573826226 Mention DHCPfwd in the DHCP doc 2010-12-01 11:37:40 -08:00
Tom Eastep
c0ba395276 Update IPSEC title
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-28 10:00:31 -08:00
Tom Eastep
095345f95c Mention 'weak host model' in the Fool's firewall article 2010-11-27 11:14:51 -08:00
Tom Eastep
681529b664 Clarify 'switch' in the Fool's firewall article 2010-11-27 11:01:20 -08:00
Tom Eastep
2702d7f208 Implement header matching 2010-11-24 10:46:06 -08:00
Tom Eastep
972d00c300 Add another SNAT virtual alias example 2010-11-22 12:04:20 -08:00
Tom Eastep
93f9e8914c Add another SNAT virtual alias example 2010-11-22 11:59:59 -08:00
Tom Eastep
9b31906c6c Update bogus link in the features page 2010-11-21 21:40:56 -08:00
Tom Eastep
6083693181 Tweak FAQ 16c - LOGFILE 2010-11-21 19:37:54 -08:00
Tom Eastep
fdd1500971 Add FAQ 16c - LOGFILE 2010-11-21 12:05:28 -08:00
Tom Eastep
a17c47b017 Add FAQ 16b - dmesg 2010-11-21 10:48:23 -08:00
Tom Eastep
eac128b5e2 Add routes file to manpage indexes; modify links in the features page 2010-11-20 13:51:16 -08:00
Tom Eastep
e052951890 More /etc/shorewall/routes documentation 2010-11-17 17:27:48 -08:00
Tom Eastep
4ca1098e3e Be more explicit about route rules with SOURCE lo 2010-11-15 21:03:53 -08:00
Tom Eastep
17cc0bad45 Mention IPv6 in the tcfilters section 2010-11-15 12:38:28 -08:00
Tom Eastep
c9737930a2 Complete Shared TC documentation 2010-11-14 14:48:16 -08:00
Tom Eastep
a1e3683651 Documentation updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-10 14:38:55 -08:00
Tom Eastep
8c1bdc803b Fix typo in address-type section; add faq 94 2010-11-04 09:57:33 -07:00
Tom Eastep
e9b7b8acad Add address-type info to config file basics doc 2010-11-03 16:31:50 -07:00
Tom Eastep
5b7a2f002a Add helpers file to advice about modifying loaded modules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-03 12:47:50 -07:00