Tom Eastep
a1e3683651
Documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-10 14:38:55 -08:00
Tom Eastep
489364a1a0
Correct zone manpages re: blacklist vs zone type
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-27 13:57:03 -07:00
Tom Eastep
611c33e052
Add rule order warning to secmark manpages
2010-09-23 11:31:56 -07:00
Tom Eastep
b3d6ae78ba
Add redundancy warning re 'blacklst'
2010-09-19 07:57:36 -07:00
Tom Eastep
c7373ada46
Add advice about SAVE/RESTORE
2010-09-17 09:22:48 -07:00
Tom Eastep
44665775b2
Documentation corrections to the blacklist files
2010-09-16 09:46:46 -07:00
Tom Eastep
a8c9fc1859
Implement new Blacklisting Scheme
2010-09-16 09:40:28 -07:00
Tom Eastep
1d650b41cd
Remove blacklisting by destination IP address support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 15:24:58 -07:00
Tom Eastep
bea4ce4ca6
Add tc-tbf link to tcinterfaces manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 14:07:42 -07:00
Tom Eastep
8147671eb2
Document JUMP
2010-09-15 09:49:37 -07:00
Tom Eastep
f925b335ef
Ignore the 'blacklist' host option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 08:10:57 -07:00
Tom Eastep
373fc87165
More blacklisting wrapup
...
- Deprecate 'blacklist' in the hosts file
- Base blacklisting on interfaces alone
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 07:38:20 -07:00
Tom Eastep
10a9ae496a
More manpage updates for 4.4.13
2010-09-14 16:47:45 -07:00
Tom Eastep
33adbe7a27
Update documentation for net TC features
2010-09-13 13:51:25 -07:00
Tom Eastep
3f93ebdda8
Update blacklist manpages
2010-09-13 13:23:32 -07:00
Tom Eastep
37a5a01185
Correct INPUT marking documentation
2010-09-11 12:47:32 -07:00
Tom Eastep
828d190436
Change example
2010-09-07 19:14:43 -07:00
Tom Eastep
46bbb26b6b
Tweak secmarks example to use ESTABLISHED,RELATED
2010-09-07 13:59:33 -07:00
Tom Eastep
ee83b7f022
Add link to James Morris blog re SECMARK
2010-09-07 13:52:43 -07:00
Tom Eastep
ab87d8800a
List secmarks as SEE ALSO
2010-09-07 12:27:39 -07:00
Tom Eastep
8d63e04926
Yet more docunentation updates
2010-09-06 20:37:34 -07:00
Tom Eastep
50b4bd8dfe
More Blacklist and Secmark documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 17:26:49 -07:00
Tom Eastep
f3255cd83a
Rework blacklisting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 15:29:20 -07:00
Tom Eastep
c6f58ba924
Enhance SELinux support:
...
- Add state match
- Add user/group match
- Add examples to the man pages
2010-09-06 09:06:40 -07:00
Tom Eastep
b139ff7e90
Update docs and implementation of SECMARK
2010-09-04 16:08:29 -07:00
Tom Eastep
15d8d6d8b7
Add SECMARK and CONNSECMARK support
2010-09-04 15:12:08 -07:00
Tom Eastep
5aceddbf37
Update Accounting Documents
2010-08-22 16:40:04 -07:00
Tom Eastep
e70d9c82d8
Revise and document IPSEC Accounting
...
- Place accounting rules in accipsecin and accipsecout
- Add warning when rule inserted into unreferenced accounting chain
- Add warning when an accounting chain has no references
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-20 08:24:45 -07:00
Tom Eastep
33ee9b1481
Add IPSEC Accounting (again)
2010-08-20 06:53:31 -07:00
Tom Eastep
4322d7b2af
Zone exclusion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-18 16:10:58 -07:00
Tom Eastep
255cd6cf9c
Implement zone lists in rules file entries
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-18 12:18:58 -07:00
Tom Eastep
36054b7784
Add additional vserver notes in rules manpages
2010-08-12 17:52:22 -07:00
Tom Eastep
e35e9d2c99
Clarify nesting of vserver zones
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-12 15:26:30 -07:00
Tom Eastep
0234564a1b
Add destination IP blacklisting
2010-08-10 17:33:50 -07:00
Tom Eastep
967629569b
Taylor Universal config to work with Shorewall-init and streamline ruleset
...
- Make interface 'all' optional and set REQUIRE_INTERFACE=Yes
- Add COMPLETE option
- Set FASTACCEPT in Universal samples
- Reset SUBSYSLOCK in Universal samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-01 08:36:56 -07:00
Tom Eastep
bd5facda30
Implement per-IP log rate limiting
2010-07-25 12:42:39 -07:00
Tom Eastep
d447482dd6
Fix typo in rules manpages
2010-07-13 07:37:14 -07:00
Tom Eastep
eff84ae8a6
Add warning about ff80::/10 in shorewall6-interfaces manpage
2010-07-12 11:19:11 -07:00
Tom Eastep
8d5f04d5a5
Correct TC_PRIO description in shorewall.conf and shorewall6.conf manpages
2010-07-07 15:35:26 -07:00
Tom Eastep
02fab09a14
Add PERL= option to shorewall.conf and shorewall6.conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:11:52 -07:00
Tom Eastep
d3e30b5fe4
Add FORWARD_CLEAR_MARK option
2010-07-03 17:03:42 -07:00
Tom Eastep
e4afc15370
Finish Vserver Implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-30 20:35:46 -07:00
Tom Eastep
925de3cee9
Fix typo in tcrules manpages
2010-05-26 06:42:37 -07:00
Tom Eastep
896e18be00
Document REQUIRE_INTERFACE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-19 07:37:49 -07:00
Tom Eastep
b42d80cb29
Update 'wait' documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 09:59:57 -07:00
Tom Eastep
88188202cc
Add 'wait' interface option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 09:52:46 -07:00
Tom Eastep
16e451a7d8
Add 'required' interface option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 09:04:32 -07:00
Tom Eastep
96bef5bd49
Assume 'routeback' in routestopped based on interface config.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-03 12:31:11 -07:00
Tom Eastep
013567496c
Update manpages for addressless bridge
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-27 12:40:57 -07:00
Tom Eastep
0a9b7c75d0
Delete misleading wording in the explaination of rate limiting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-16 06:24:35 -07:00