Tom Eastep
1308560aba
Display compilation date/time in 'status -a' output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-29 14:12:53 -07:00
Tom Eastep
41923cb80e
Improve compile time/date implementation
...
- Rename the command from 'date' to 'info'
- Return the complete date/time/version string in the command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-29 12:31:17 -07:00
Tom Eastep
2a40012fc4
Include compile time and date in the output of 'shorewall status'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-27 16:25:21 -07:00
Matt Darfeuille
05a15c6f8b
patches and request
...
Tom,
Some patches for the trunk repo(fixes.patch):
Patch1: Fix a typo in the path being printed for the standard actions
file.
Patch2: Will only install the shorewall's manpages if the variable
MANDIR is none-empty(I did it only for the sake of completeness)!
Patch3: Will only install the shorewall-lite's manpages if the
variable MANDIR is none-empty.
Patch4: Correct multiple product name's typos in
shorewall-init/install.sh.
Patch5: Remove ~/.shorewallrc when shorewall-core is uninstalled.
And two other patches for the release repo(changelog-1.patch):
Patch1: Changed restart to reload for the line: 'Update DHCP
article(refresh -> restart).
Patch2: Rephrased the line for the newly added ?WARNING and ?INFO
directives.
Request:
Could the date of the compiled firewall script also be displayed when
'shorewall status' is executed?
-Matt
-------------- Enclosure number 2 ----------------
>From a5ae24bbe9b25aefdbcc4d7c8e5d013a36b03078 Mon Sep 17 00:00:00 2001
From: Matt Darfeuille <matdarf@gmail.com>
Date: Sat, 23 Apr 2016 14:44:19 +0200
Subject: [PATCH 1/5] Fix typo in printed path for standard actions file
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-27 15:07:44 -07:00
Tom Eastep
47edfaf093
Create standard error messages in the CLI
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-27 10:13:24 -07:00
Tom Eastep
524838ae47
Implement $SW_LOGGERTAG
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-15 14:29:51 -07:00
Tom Eastep
fc2b555cdb
Correct date formatting in startup_error()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-11 15:24:35 -07:00
Tom Eastep
8dc88898c8
Tidy up the output of 'shorewall[6][-lite] show bl'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 17:22:22 -07:00
Tom Eastep
05e4049174
Ipset-based blacklisting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:07:56 -07:00
Tom Eastep
3c544b20e6
Convert the state actions to use the 'state' action option
...
- Also avoid the CLI having to know about builtin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-14 14:54:09 -07:00
Tom Eastep
c56ba534d6
Yet more PAGER fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 12:34:39 -08:00
Tom Eastep
90bc894200
More PAGER fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 08:58:26 -08:00
Tom Eastep
90d254f0c3
Add PAGER option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 08:32:49 -08:00
Tom Eastep
a95de8d092
Page the output of verbose commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-01 15:12:54 -08:00
Tom Eastep
8a02624f05
Update copyrights in the install and uninstall scripts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-29 11:03:09 -08:00
Tom Eastep
bf8c131545
Add a local variable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-15 10:36:53 -08:00
Tom Eastep
1553e6b831
Sort the output of 'show actions'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-10 08:37:47 -08:00
Tom Eastep
9aa915a5e0
Avoid errors from 'status -i' when there are no optional interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-15 16:39:47 -08:00
Tom Eastep
2f59ea5ca3
Implement the WAIT_OPTION capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-05 09:28:24 -08:00
Tom Eastep
0c66e5f1b2
More Openwrt support in Shorewall-init from Matt Darfeuille
...
- Also, various cleanup in install/uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 15:45:21 -08:00
Tom Eastep
89d91d37a1
Add Shorewall-init installer support for OpenWRT
...
- Supply sysconfig files for all products
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-27 16:47:31 -08:00
Tom Eastep
fc426923b1
Accept host=debian.* in the configure scripts (Matt Darfeuille)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-12 08:10:34 -08:00
Tom Eastep
5bc471ff03
Another fix to configure.pl from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-11 14:37:52 -08:00
Tom Eastep
0bc250ba11
More configure/install/uninstall fixes from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-06 12:04:34 -08:00
Tom Eastep
09af9130df
Correct syntax error in lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-05 08:42:34 -08:00
Tom Eastep
4139c932a4
More configure/install/uninstall fixes from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-05 08:31:22 -08:00
Tom Eastep
8e7f001f7e
Update manpages for column renaming
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-04 14:53:26 -08:00
Tom Eastep
f4fef3a931
Configure script corrections for Debian
...
- Matt Darfeuille and Tom Eastep
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-29 09:06:39 -08:00
Tom Eastep
b087cee7f0
Redefine MODULESDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-28 08:36:12 -08:00
Tom Eastep
dab780368f
Use netstat if ss isn't installed
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-16 15:02:47 -08:00
Tom Eastep
8ae6e3ff57
A couple more OpenWRT fixes
...
- Detect OpenWRT in the configure script
- Fix the Shorewall6-lite uninstaller
2015-11-07 07:20:44 -08:00
Tom Eastep
ec1c9bd991
Delete shorewallrc from Shorewall-core
...
- Inadvertently added during OpenWRT testing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-06 14:12:28 -08:00
Tom Eastep
6f560bda38
More OpenWRT tweaks from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-06 14:01:02 -08:00
Tom Eastep
7cce2e4ed5
Fix mkdir command in mutex_on()
...
- Also support 'lock' utility on openWRT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-05 12:38:54 -08:00
Tom Eastep
3d4cde76aa
OpenWRT support in the installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-04 13:29:59 -08:00
Tom Eastep
ca0ac0473c
Another tweak to syslog_circular_buffer()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-03 18:59:10 -08:00
Tom Eastep
3890a5c1fd
Correct syslog_circular_buffer()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-02 14:29:06 -08:00
Tom Eastep
332f636d29
Adjust LOGFILE if circular log buffer
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-01 07:25:34 -08:00
Tom Eastep
d1bad364e9
Correct syntax error in installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 17:54:20 -07:00
Tom Eastep
5807d44733
Allow HOST=default in the configure scripts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 13:29:02 -07:00
Tom Eastep
aa680d8472
Avoid double slashes in pathnames within the installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 12:57:33 -07:00
Tom Eastep
3d06a75768
Remove more %_b instances
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 12:43:22 -07:00
Tom Eastep
073b2992cc
Require the 'install' utility in the installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 12:43:01 -07:00
Tom Eastep
27d94c8921
Improve check for circular log buffer
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 08:31:46 -07:00
Tom Eastep
f90567abf1
Add support for OpenWRT BB and later
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 08:08:17 -07:00
Tom Eastep
c83536767e
Move get_config() into the overloadable part of the file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-30 08:54:07 -07:00
Tom Eastep
1848c3fa45
Add lib.cli-user support to the -lite products
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-30 08:47:01 -07:00
Tom Eastep
38049fd0df
Correct "remote-" commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 20:06:10 -07:00
Tom Eastep
1e2cfcd9a3
Deal with missing 'hostname' utility
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-21 17:41:01 -07:00
Tom Eastep
1b571f3d86
Correct the reset command
...
- Also allow chain names to be specified a la the refresh command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-11 14:16:16 -07:00
Tom Eastep
ed90360b4c
Remove all of the update-specific options from the update command
...
Leave -i and -A
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 14:21:41 -07:00
Tom Eastep
5ead22aa48
Move fatal_error() to lib.base
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 14:19:20 -07:00
Tom Eastep
0d635632e3
Add conversion of notrack to conntrack
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-08 16:46:58 -07:00
Tom Eastep
73c8b563a1
Add -s option to update to convert the routestopped file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-07 13:46:16 -07:00
Tom Eastep
4bf714aca0
Correct debian systemd shorewallrc file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 14:53:05 -07:00
Tom Eastep
2eb1cb5e6e
More debian changes from 4.6.12
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 14:35:03 -07:00
Tom Eastep
ef9e75753a
Restore .214 files
...
- Also merge Debian changes from 4.6.12
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 11:23:35 -07:00
Tom Eastep
67589cab69
More version changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:59:11 -07:00
Tom Eastep
f233031b08
Update shorewallrc files' versions
...
- Correct the SERVICEDIR setting for debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:33:22 -07:00
Tom Eastep
b1d75e53a1
Correct syntax error in lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-27 07:23:39 -07:00
Tom Eastep
cecc81ce82
Update .service files
...
- make the .214 versions the default and remove the ones name *.214
- Add 'ExecReload' to all but Shorewall-init
- Create Debian-specific versions with /etc/default rather than /etc/sysconfig
2015-07-26 10:58:03 -07:00
Tom Eastep
a00bf196a3
Remove all workarounds
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 10:27:30 -07:00
Tom Eastep
f9ec0c6930
New 'reload' and 'restart' semantics
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 09:59:49 -07:00
Tom Eastep
3959feebe0
Remove extraneous line that causes a "not found" shell diagnostic
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-10 09:35:43 -07:00
Tom Eastep
0414166d6d
'show connections' enhancement
...
- Allow tayloring of the entries displayed by specifying conntrack
-L options.
2015-06-29 14:55:47 -07:00
Tom Eastep
7153146759
Don't ask for script version when WORKAROUNDS=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-28 09:18:47 -07:00
Tom Eastep
a911ec318e
Add a comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-27 09:19:14 -07:00
Tom Eastep
5ca68477d5
Corrections to last commit
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 15:18:07 -07:00
Tom Eastep
9f08726794
Eliminate running the script twice is some cases
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 14:32:43 -07:00
Tom Eastep
846d629c47
Eliminate the usage() function in lib.cli-std
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-26 12:55:34 -07:00
Tom Eastep
5003e826b9
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-06-09 10:58:58 -07:00
Tuomo Soini
f8d95d1ee9
rename not_configured() to not_configured_error()
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-06-09 20:29:45 +03:00
Tom Eastep
7f50557250
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-06-08 13:50:47 -07:00
Tuomo Soini
5221c92d7f
Add to lib.common a new function not_configured()
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-06-08 22:18:01 +03:00
Tom Eastep
2956698298
Corrections to WORKAROUNDS implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-06 12:15:03 -07:00
Tom Eastep
019e49b481
Implement WORKAROUNDS option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-01 12:59:25 -07:00
Tom Eastep
93c7e2c2f7
Change the way in which a warning message is suppressed
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-26 15:54:41 -07:00
Tom Eastep
ba7afcaeae
Make 'call' a supported command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-21 10:38:35 -07:00
Tom Eastep
4b27c72c79
Set exit code to 6 when startup is disabled
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-07 14:12:41 -07:00
Tom Eastep
fe37844455
Correct CLI helper capability detection
...
- Previously, the HELPERS setting was ignored
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-02 07:54:01 -07:00
Tom Eastep
2cea78e6df
Add the 'reenable' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-28 13:02:12 -07:00
Tom Eastep
3cb45f234e
Delete questionable logic in lib.cli
...
- It hasn't worked since there was a typo in it that prevented it from
doing the correct thing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-07 12:12:59 -07:00
Tom Eastep
23137e5e8a
Correct typo in lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-07 09:23:35 -07:00
Tom Eastep
77165326f2
Merge branch '4.6.8'
...
Conflicts:
Shorewall6/uninstall.sh
2015-04-03 14:02:21 -07:00
Tom Eastep
eb3a162560
Apply Matt Darfeuille's fix for fatal_error()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-02 13:26:51 -07:00
Tom Eastep
7442c2189d
Implement TCPMSS_TARGET capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-31 15:53:05 -07:00
Tom Eastep
0c11870e46
Implement the 'savesets' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-17 10:03:12 -07:00
Tom Eastep
fdc36747ad
Allow the 'open' and 'close' commands to handle icmp
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-16 16:25:32 -07:00
Tom Eastep
ecaae1f644
Improve editing of open numbers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-15 10:15:39 -07:00
Tom Eastep
52e7efc666
Move open_close_setup() inside open_close_command()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-14 09:42:43 -07:00
Tom Eastep
86d6d6900e
Improve 'close' and 'show opens' commands
...
- close accepts a rule number
- list opens displays rule numbers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-14 08:54:30 -07:00
Tom Eastep
095e523c9f
Add 'show opens' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-06 13:10:23 -08:00
Tom Eastep
2817060edb
Improvements to the 'open' and 'close' commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-06 08:13:44 -08:00
Tom Eastep
a85fdc45ac
Implement 'open' and 'close' commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-05 16:20:54 -08:00
Orion Poplawski
9ad0b297e2
Supporting xz compressed kernel modules
...
- I've attached a patch that adds xz support to the default MODULE_SUFFIX.
- I'm wondering it wouldn't be better to not have MODULE_SUFFX=ko in various
sample configs so that the default value is used instead:
./Shorewall/configfiles/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/Universal/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/three-interfaces/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/two-interfaces/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/one-interface/shorewall.conf:MODULE_SUFFIX=ko
./docs/MultiISP.xml:MODULE_SUFFIX=ko
./docs/MyNetwork.xml:MODULE_SUFFIX=ko
./Shorewall6/configfiles/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/Universal/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/three-interfaces/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/two-interfaces/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/one-interface/shorewall6.conf:MODULE_SUFFIX=ko
- Is:
MODULE_SUFFIX=
sufficient to use the default value or does it need to be commented out?
Thanks,
Orion
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion@nwra.com
Boulder, CO 80301 http://www.nwra.com
>From f13edf8fc07c7b62825408b8665b10d6014d368d Mon Sep 17 00:00:00 2001
From: Orion Poplawski <orion@cora.nwra.com>
Date: Mon, 26 Jan 2015 09:48:48 -0700
Subject: [PATCH] Support xz compressed modules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-06 12:51:00 -08:00
Tom Eastep
740e19968b
Don't complain if the 'ip' executable doesn't exist.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-09 12:20:51 -08:00
Tom Eastep
33e2e19193
Always set IP
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 09:28:50 -08:00
Tom Eastep
4a4bfe77ce
Implement IFACE_MATCH capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 09:05:06 -08:00
Tom Eastep
3890b8a884
Infrastructure for detecting loopback interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 08:49:38 -08:00
Tom Eastep
15a2fd14f9
Implement TARPIT target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-28 15:23:30 -08:00
Tom Eastep
685825a336
Correct Handling of Dynamic Zones
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-13 13:48:36 -08:00
Evangelos Foutras
3a64ef7d3a
Set SBINDIR to /usr/bin in shorewallrc.archlinux
...
/usr/bin is the directory used for all binaries that were previously
installed to /bin, /sbin or /usr/sbin. This unification occurred in
Arch Linux in mid-2013, so might as well change it in Shorewall too.
Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:08 -08:00
Evangelos Foutras
b746c9319f
Rename SYSTEMDDIR to SERVICEDIR in shorewallrc.*
...
This was omitted from commit e3b1034
(Change SYSTEMDDIR to SERVICEDIR).
Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:04 -08:00
Evangelos Foutras
6f81bb5c8e
Fix setting of options[SERVICEDIR] in configure
...
The previous syntax resulted in:
./configure: line 199: [SERVICEDIR]=: command not found
Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:00 -08:00
Tom Eastep
9598ac6fad
Correct a couple of problems with -C
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 10:09:04 -07:00
Tom Eastep
8fb73026c8
Replace SAVE_COUNTERS with the -C command option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
b7ab82dba4
Implement -f option in the -lite products' start command
...
- Remove 'recover' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
3454e10525
Add SAVE_COUNTERS option.
...
- Also implement recover command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
54461a9a90
Correct indentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 12:29:45 -07:00
Tom Eastep
e3b10343a5
Change SYSTEMDDIR to SERVICEDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 11:56:26 -07:00
Tom Eastep
a5086f785f
Avoid confusing output when 4.6.4 CLI executes a 'save'
...
- If a down-rev firewall is running, the savesets command produces
confusing usage output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-10 18:40:55 -07:00
Tom Eastep
815e93e80c
Rename SYSTEMD to SYSTEMDDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 16:46:16 -07:00
Tom Eastep
4071b9d337
Update SuSE shorewallrc for SBINDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-30 16:16:33 -07:00
Tom Eastep
3858683e94
Allow saving a specified list of ipsets
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:19:41 -07:00
Tom Eastep
4495ed687b
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2014-09-23 07:10:46 -07:00
Tuomo Soini
8f05d0f16d
install.sh: support install on centos7 and foobar7
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-09-23 13:19:09 +03:00
Tom Eastep
f9d98b74a2
Merge branch '4.6.2' into 4.6.3
...
Conflicts:
Shorewall/Perl/Shorewall/Providers.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-16 08:09:20 -07:00
Tom Eastep
fc58dab66d
Remove redundant 'run' command from help output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-02 12:57:04 -07:00
Tom Eastep
bf5be7198b
Make dump work correctly on RHEL5
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 16:18:42 -07:00
Tom Eastep
0bf80c15d8
Detect missing <commmand> in the generated scrip
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 11:35:32 -07:00
Tom Eastep
4e9a0b989d
Update 'run' help text
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:46:28 -07:00
Tom Eastep
31e5aeeaea
Refine the 'run' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
a7b18ca875
Implement 'run' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
cc935009ce
Correct install problems under Cygwin
...
- configure.pl doesn't understand CYGWIN return from uname
- shorewall-core install.sh doesn't understand CYGWIN return from uname
- shorewall install.sh generates 'mkdir -p //etc/shorewall' which is
broken under Cygwin
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-09 10:48:03 -07:00
Tom Eastep
50736fb8ae
Correct last patch (s/-i/-x/)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:38:11 -07:00
Tom Eastep
a2e514c0ab
Add the -i option to the 'show bl' help text
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:35:49 -07:00
Tom Eastep
6ad9b95351
Implement 'show bl'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 13:27:25 -07:00
Tom Eastep
ac4bf15606
Implement 'status -i'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 11:07:37 -07:00
Tom Eastep
e64a7feda2
Make 'show filters' work with Simple TC
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 12:30:12 -07:00
Tom Eastep
d49d352d77
Improve the output of 'shorewall[6] show filters'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-23 09:26:12 -07:00
Tom Eastep
966926fac5
RHE7 support -- first cut
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-19 15:15:52 -07:00
Tom Eastep
3311bbd73a
Merge branch '4.5.21'
2014-03-27 10:53:16 -07:00
Tom Eastep
9107259a56
Correct reporting of the REAP_OPTION capability.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-27 10:52:40 -07:00
Tom Eastep
8f36c080d0
Streamline the output of the status comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-27 10:44:08 -07:00
Tom Eastep
669d15e2cf
Implement the -t update option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-15 09:36:13 -08:00
Tom Eastep
f140a8e7e2
Detect EMATCH in the CLI
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-03 12:03:22 -08:00
Tom Eastep
4daee95902
Merge branch '4.5.21'
2014-01-30 13:19:26 -08:00
Tom Eastep
245c64478c
Correct 'add/delete' with a VLAN interface.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-30 13:18:05 -08:00
Tom Eastep
d44bc12df3
Merge branch '4.5.21'
2014-01-15 19:25:23 -08:00
Tom Eastep
6223bdd8e1
Add -m to the dump options in help output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-15 19:25:07 -08:00
Tom Eastep
dec088566b
Merge branch '4.5.21'
2014-01-15 17:39:03 -08:00
Tom Eastep
6d8cadd152
Correct issues in the 'dump' command.
...
- the -x and -l options do nothing
- output of 'help' doesn't describe those options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-15 17:38:39 -08:00
Tom Eastep
42dd8dfee9
Change license to GPLv2+ and update copyrights
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-04 09:48:27 -08:00
Tom Eastep
1771bb75cf
Finish ipset match option implementation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-02 14:43:55 -08:00
Tom Eastep
dd38cdc0f0
Merge branch '4.5.21'
2013-12-18 07:16:12 -08:00
Tom Eastep
a5e8bc6298
Apply Luigi's small fix for IPSET=
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-18 07:15:24 -08:00
Tom Eastep
6d72cb3138
Correct update inline
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 09:32:09 -08:00
Tom Eastep
9abe60bc27
Implement the -i option of upgrade
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 17:54:10 -08:00
Tom Eastep
bcb2573918
Don't try to get firewall version if not root
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:51:07 -07:00
Tom Eastep
66c2fca2b0
Eradicate the use of 'fgrep'
...
- Busybox on Leaf Bering does not have fgrep
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:15:08 -07:00
Tom Eastep
b6c3d9cae1
Avoid error message during initial install
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 14:06:41 -07:00
Tom Eastep
20946f0711
Add Ubuntu support to configure
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 07:14:55 -07:00
Tom Eastep
faeea3bd8a
Add Ubuntu support to Shorewall-core installer.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 07:05:06 -07:00
Tom Eastep
75f5d97657
Enhance 'shorewall capabilities' output for REAP_OPTION
...
Include 'REAP_OPTION' in parentheses.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 12:53:53 -07:00
Tom Eastep
8c4bbf0c85
Implement REAP_OPTION capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-07 07:54:52 -07:00
Tom Eastep
9c30105fff
Display compiler version in the status and 'version -a' commands.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-30 15:59:42 -07:00
Tom Eastep
4524281163
Apply Thomas D's Gentoo support patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:22:52 -07:00
Tom Eastep
df028e420c
Use 'ip neigh ls' when 'arp' isn't installed.
...
- From Martin Gignac
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:10:36 -07:00
Tom Eastep
ff634ac776
Use 'ss' rather than 'ss' in the 'dump' command.
...
- From Martin Gignac
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 06:55:04 -07:00
Tom Eastep
e46e059b87
Specify SYSCONFFILE for SuSE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 08:04:36 -07:00
Tom Eastep
50411e638c
Report the name of the SysV init file installed.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-09 08:11:45 -07:00
Tom Eastep
39e348997f
Add SERVICEFILE variable to shoreallrc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-18 14:27:26 -07:00
Tom Eastep
32763e998b
Make -v work with the status command
...
- Also document exit status
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 06:52:46 -07:00
Tom Eastep
84e0c98c88
Remove debugging statement
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-10 06:54:43 -07:00
Tom Eastep
5f63183247
More fixes to the configure script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 18:35:32 -07:00
Tom Eastep
189b81cd49
Correct more typos
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:56:48 -07:00
Tom Eastep
2f25584dee
Correct another typo
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:50:43 -07:00
Tom Eastep
d127c90924
Correct typo
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:50:30 -07:00
Tom Eastep
fc5c92cabc
Use /etc/os-release to determine build host
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-08 17:44:40 -07:00
Tom Eastep
a10aea280b
Add some abbreviations for common commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
5ba8df81fb
Further improve readability of the show event[s] commands.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-13 09:08:50 -07:00
Tom Eastep
51d5ec6b2b
Make the output of 'show event[2] understandable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 16:07:22 -07:00
Tom Eastep
5c7500e13e
Display the current time as an integer in 'show event[s]' output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:46:08 -07:00
Tom Eastep
09240da55a
Change the external name of MARK_ANYWHERE to 'Mark in the filter table'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:45:20 -07:00
Tom Eastep
89f16bdb37
Include a current time event in /proc/net/xt_recent/
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:14:22 -07:00
Tom Eastep
f99e20ee19
Allow 'show event[s]'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 19:21:56 -07:00
Tom Eastep
b639a18eb9
Simplify fix for -q
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 08:16:27 -07:00
Tom Eastep
3e1ed30f4e
Make initial progress message obey VERBOSITY
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 14:23:27 -07:00
Tom Eastep
f6a55bbf05
Allow the '-V' option in the CLI programs.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-16 14:29:36 -07:00
Tom Eastep
c3901f1161
Release mutex on error.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-09 09:57:09 -07:00
Tom Eastep
3923092468
Take 2 on conditional compilation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-08 19:01:39 -07:00
Tom Eastep
56318e6cc8
Try to ensure that cp doesn't copy the firewall script to itself.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-06 09:22:16 -07:00
Tom Eastep
186f71fa96
Add NEW_TOS_MATCH capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-09 14:04:16 -07:00
Tom Eastep
b10218e773
Add a 'UDPLITE Port Redirection' capability.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 10:07:52 -07:00
Tom Eastep
e77ca971bd
Avoid shell diagnostic in 'show capabilities' when no arptables installed
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:48:10 -07:00
Tom Eastep
8442477224
Add Enhanced Multi-port match capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:04:47 -07:00
Tom Eastep
418034579f
Support IPv6 Masquerade
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-27 09:25:26 -08:00
Tom Eastep
40865dce4d
Correct 'not running' error message in enable/disable commands.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 16:32:17 -08:00
Tom Eastep
82f9ba8bb7
Correct detection of IPv6 PERSISTENT_SNAT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 12:59:38 -08:00
Tom Eastep
8ed6642387
Modify reload_command() and export_command() to directly call compiler()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-22 16:15:41 -08:00
Tom Eastep
bb5b6e42d6
Replace death sequences with calls to fatal_error()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-16 07:32:47 -08:00
Tom Eastep
430c69b8db
Merge branch '4.5.13'
2013-02-15 18:23:45 -08:00
Tom Eastep
36db41457d
Make 'version -a' work when not run by /sbin/shorewall.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 12:45:49 -08:00
Tom Eastep
138638cb1a
Effectively use the specified directory as the CONFIG_PATH til .conf is read
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 07:45:24 -08:00
Evangelos Foutras
2d59f7e31a
Tweak shorewallrc.archlinux configuration
...
Changes:
- Remove reference to SysV init script
- Define systemd system unit directory
- Set SBINDIR to /usr/sbin
- Unset BUILD; should be auto-detected
Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-01 10:13:48 -08:00
Tom Eastep
38657d9f98
Support for arptables.
...
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
24c69f9efb
Sort the output of 'show capabilities'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 11:09:18 -08:00
Tom Eastep
60012d1208
Add additional space for the OPTIONS column
...
- actions and actions.std problem
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:54:32 -08:00
Tom Eastep
8cbe26e32c
Ignore 'inline' for certain actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 07:54:42 -08:00
Tom Eastep
6702bb1989
Revert condition initialization patch.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 07:31:29 -08:00