shorewall_code

Author	SHA1	Message	Date
Tom Eastep	d0861e813b	Make Shorewall's handling of '+' consistent with that of iptables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-12 08:22:57 -07:00
Tom Eastep	da62bd2b32	Use a hash slice in recently-added code Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-11 13:38:34 -07:00
Tom Eastep	a504820d19	Correct optimize level 8 handling of policy and policychain Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-07 16:56:30 -07:00
Tom Eastep	4c2c1bcdf1	Export CONFDIR and SHAREDIR to the generated script. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-06 13:42:01 -07:00
Tom Eastep	5589ab76d9	Add arguments to the enabled and disabled user exits Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-03 12:44:15 -07:00
Tom Eastep	6425e5ae5d	Remove superfluous white space in the generated script Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-02 14:09:05 -07:00
Tom Eastep	8521c6f750	Merge branch '5.1.5'	2017-08-02 14:02:03 -07:00
Tom Eastep	80e6cd8a2f	Add enabled and disabled user exits Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-29 15:15:57 -07:00
Tom Eastep	69a0061d0f	Correct handling of MAC addresses in the accounting file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-27 14:55:19 -07:00
Tom Eastep	eea3cca90c	Correct handling of USER/GROUP in the OUTPUT accounting section Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-27 09:01:46 -07:00
Tom Eastep	a420ef04d9	Correct tcfilter source port handling when BASIC_FILTERS=Yes Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-26 16:48:53 -07:00
Tom Eastep	2d0cb5c2d8	Process the snat file if the masq file is empty Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-06 09:09:52 -07:00
Tom Eastep	9d160d4342	Add RESTORE_DEFAULT_ROUTE to shorewall6.conf samples Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-27 15:50:56 -07:00
Tom Eastep	f050fc6e05	Avoid issues with Perl 5.30 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 20:57:48 -07:00
Tom Eastep	aee8c14ea6	Correct update setting of USE_NFLOG_SIZE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 17:10:44 -07:00
Tom Eastep	ff2323b249	Add the USE_NFLOG_SIZE option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 16:54:14 -07:00
Tom Eastep	b4a06e9656	NFLOG_SIZE capability Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 13:44:26 -07:00
Tom Eastep	4122021344	Improve editing of port numbers/service names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 07:44:23 -07:00
Tom Eastep	71d50e0217	Use --nflog-size rather than --nflog-range Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 07:43:39 -07:00
Tom Eastep	1b6f15d577	Correct multiple fallback providers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-23 07:41:23 -07:00
Tom Eastep	2f5687c65a	Don't generate multihop routes unnecessarily Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-18 09:37:41 -07:00
Tom Eastep	62a60ad995	Add comments around functions moved from IPAddrs.pm to Chains.pm. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-14 12:26:22 -07:00
Tom Eastep	b1ba05db2b	Correct handling of port ranges and port variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 17:07:55 -07:00
Tom Eastep	57f7cb4f3c	Runtime Port Variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 11:55:56 -07:00
Tom Eastep	4cf60258af	Correct a runtime error with NFQUEUE. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 11:07:54 -07:00
Tom Eastep	965a8e8f68	Minor cleanup of the Config module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-15 09:29:12 -07:00
Tom Eastep	eb26a467e9	Add snat and mangle to %config_files - Tabify initialization of %config_files Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-12 08:37:54 -07:00
Tom Eastep	bb70a3637b	Add PERL_HASH_SEED option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-02 07:51:37 -07:00
Tom Eastep	d4e05f6163	Correct handling of IPv6 tunnel-src and tunnel-dst Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-23 08:36:22 -07:00
Tom Eastep	6201f37913	Clarify <filename> in the generated script's header Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-18 16:45:17 -07:00
Tom Eastep	7ee44d6b4b	Correct a typo in the generated script's header syntax description Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-18 16:31:51 -07:00
Tom Eastep	363b8f9802	Correct validation of string interface options. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-13 06:48:14 -07:00
Tom Eastep	00d4724fd8	Some cleanup of the Chains module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-05 20:14:13 -07:00
Tom Eastep	d2392c3a9b	Add IPv6 UPnP Support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-24 09:54:36 -07:00
Tom Eastep	0763b27b0b	Correct a comment Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-22 15:59:55 -07:00
Tom Eastep	8b90827611	Minor cleanup of split_columns() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-22 10:18:07 -07:00
Tom Eastep	8507c97b5a	Clean up column/value pair editing. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-22 09:46:52 -07:00
Tom Eastep	a6306f2c08	?reset action param now sets parmsmodified. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-18 12:53:05 -07:00
Tom Eastep	bdcf93f92c	Report the call site when issuing messages from an action. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-17 17:08:19 -07:00
Tom Eastep	6b84727886	Delete useless blank line Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-17 13:26:07 -07:00
Tom Eastep	55cf06d0a8	Correct all+ handling in the policy file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-15 10:09:53 -07:00
Tom Eastep	5b85627fb8	Merge branch '5.1.3' Conflicts: Shorewall/Perl/Shorewall/Config.pm Shorewall6/Actions/action.Multicast	2017-03-14 14:16:47 -07:00
Tom Eastep	a447d726fa	Revert change which screwed up ?begin perl ... ?end perl line numbering Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-14 12:44:33 -07:00
Tom Eastep	fe29adbd66	Correct use of $family in combined actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-13 16:52:16 -07:00
Tom Eastep	0b8945da8e	Correctly handle expansion of option names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-13 10:20:15 -07:00
Tom Eastep	da363880a9	Always quote the LEVEL and DEFAULT settings when updating Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-13 09:51:58 -07:00
Tom Eastep	037fe490f3	Process config options in file order during update. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-12 17:09:41 -07:00
Tom Eastep	b13014c9ab	Expand variables in .conf except when upgrading Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-11 11:21:07 -08:00
Tom Eastep	76aef6cb04	Correct generation of '! --syn' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-11 08:43:04 -08:00
Tom Eastep	4c72b3ee58	Make sure that $LOG_LEVEL is defined Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-10 11:06:23 -08:00
Tom Eastep	d9071c5308	Correct $LOG_LEVEL expansion Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-10 10:24:24 -08:00
Tom Eastep	49811d24fa	Correct convertion of tcrules->mangle when a writable mangle exists Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 15:21:45 -08:00
Tom Eastep	0ec7bc846e	Correct logging in inline policy actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 13:58:14 -08:00
Tom Eastep	8e000b158e	Correct the handling of tcp-reset Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 10:33:51 -08:00
Tom Eastep	f1d1ab6411	Implement tcp:!syn in PROTO column Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 10:33:20 -08:00
Tom Eastep	5f1370f1b4	Clear the firewall on Debian systemd 'stop' command Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-06 11:22:55 -08:00
Tom Eastep	dc53fa2665	Correct file/line from ?error Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-06 11:02:06 -08:00
Tom Eastep	356d3fa2dd	Correct new directives with respect to omitting Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-05 12:09:54 -08:00
Tom Eastep	80d93235b5	Eliminate builtin actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-05 12:09:33 -08:00
Tom Eastep	c1e7fce1c5	Report the file/line where action invoked Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-05 09:29:00 -08:00
Tom Eastep	63ec936f21	Remove determinism sorts	2017-03-04 19:05:33 -08:00
Tom Eastep	63cf7dd699	Revert "Move $test to the config module." This reverts commit `876d76b294`.	2017-03-04 18:45:40 -08:00
Tom Eastep	876d76b294	Move $test to the config module. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-02 11:42:07 -08:00
Tom Eastep	9075a6dd7a	Copy libs and footer when compiling for test Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-02 10:49:49 -08:00
Tom Eastep	118e4f73c9	Correct validation of LOG_LEVEL Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-19 10:25:44 -08:00
Tom Eastep	10b39f3855	Correct typo (allowMast -> allowMcast) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-19 10:25:27 -08:00
Tom Eastep	944888c04f	Handle broadcast and muticast separately Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-15 10:16:20 -08:00
Tom Eastep	48d301b2cf	Rename the policy LIMIT column to RATE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-12 10:17:43 -08:00
Tom Eastep	735919d8d3	Add LOG_LEVEL option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-12 09:52:55 -08:00
Tom Eastep	977fa81d46	Make 'none' case-insensitive in policy action specifications Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-10 11:43:51 -08:00
Tom Eastep	7e984af094	Some cleanup of policy actions - Allow '+' in policy file action list Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-07 13:19:53 -08:00
Tom Eastep	dab9e1d7c4	Assume no default actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 14:45:43 -08:00
Tom Eastep	b9471a2499	Correct parsing of the POLICY column Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 14:15:24 -08:00
Tom Eastep	b2553fb008	Another change to allow builtin actions as default actions. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 13:25:10 -08:00
Tom Eastep	92133e5a6b	Default-action lists Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 10:11:48 -08:00
Tom Eastep	686ca9d3a3	Allow builtin actions in xxx_DEFAULT settings. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-05 15:21:57 -08:00
Tom Eastep	70a395892f	Make BLACKLIST work correctly in the blrules file - Add the 'section' action option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 15:03:02 -08:00
Tom Eastep	2bbb5c8c1e	Add hack to distinguish between the BLACKLIST macro and action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 09:23:26 -08:00
Tom Eastep	33b4ee4d31	Don't quote variable values in ERROR/WARNING/INFO directives Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 09:00:18 -08:00
Tom Eastep	71dd5d016b	Add ?REQUIRE compiler directive Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-22 14:48:18 -08:00
Tom Eastep	9c3a82f628	Add BLACKLIST action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-19 14:08:15 -08:00
Tom Eastep	e6933f4c8d	Add BLACKLIST policy Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-18 10:55:15 -08:00
Tom Eastep	cc3b8793e0	Make BALANCE_PROVIDERS default the setting of USE_DEFAULT_RT Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-17 15:02:16 -08:00
Tom Eastep	ac5fd195ec	Correct provider/routefilter check wrt optional interfaces Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-17 09:34:13 -08:00
Tom Eastep	45b9ddf188	Add BALANCE_PROVIDERS option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-17 08:58:09 -08:00
Tom Eastep	2d16fac9ed	Revert "Implement USE_DEFAULT_RT=Exact" This reverts commit `2ca1ae734a`.	2017-01-17 08:25:33 -08:00
Tom Eastep	f23970b4f7	Include LOG_MARTIANS in test for setting log_martians with routefilter Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-14 13:03:24 -08:00
Tom Eastep	04112647d3	Correct provider/routefilter checking Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-14 12:40:39 -08:00
Tom Eastep	2ca1ae734a	Implement USE_DEFAULT_RT=Exact Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-14 08:14:08 -08:00
Tom Eastep	64c249a174	Set logmartians along with routefilter. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-11 15:53:55 -08:00
Tom Eastep	0019ca53e5	Include ROUTE_FILTER in routefilter/provider checks Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-11 15:39:13 -08:00
Tom Eastep	0d2a5089a9	Merge branch '5.1.0'	2017-01-11 12:29:57 -08:00
Tom Eastep	50d09e76cb	Catch 'routefilter' with provider interfaces. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-11 11:47:10 -08:00
Tom Eastep	568f461763	Propogate PAGER to -lite systems Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-11 11:18:57 -08:00
Tom Eastep	cb150f9c09	Allow compact IPv6 addresses in IP6TABLES() rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-07 10:01:03 -08:00
Tom Eastep	19ce2093d8	Correct splitting of IP(6)TABLES options Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-07 10:00:37 -08:00
Tom Eastep	b8c322a05f	Ignore SUBSYSLOCK when $SERVICEDIR is non-empty Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-06 15:50:26 -08:00
Tom Eastep	f68d3fd9fa	Revert "Remove SUBSYSLOCK" This reverts commit `386b137e9b`.	2017-01-06 09:49:40 -08:00
Tom Eastep	386b137e9b	Remove SUBSYSLOCK Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-05 10:03:03 -08:00
Tom Eastep	638c7c5bca	Implement NETMAP_TARGET capability Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-27 08:26:51 -08:00

1 2 3 4 5 ...

3895 Commits