holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
2,162 Commits 104 Branches 736 Tags 54 MiB
af366ccd4e
Commit Graph

626 Commits

Author SHA1 Message Date
teastep
ed2076a0fc Fix problem with exclusion lists 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2469 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-11 01:40:50 +00:00
teastep
5de0a44eea Modify kernel version patch 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2465 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-08 18:05:22 +00:00
teastep
46210cd6bb Add kernel version information to 'shorewall dump' output 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2462 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-08 17:02:08 +00:00
teastep
41142965a1 Add new macros to the spec file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2461 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-07 18:45:40 +00:00
teastep
68b39a07d9 Update for Shorewall 2.5.1 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2460 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-07 18:37:15 +00:00
teastep
24dc05e6b7 Fix a couple of bugs 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2459 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-07 00:17:29 +00:00
teastep
e2253d6092 Install the Makefile -- Patch by Cristian Rodriquez 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-06 16:58:18 +00:00
teastep
39ca0828db Infrastructure for Unified Handling of Exclude Lists 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2457 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-05 15:52:03 +00:00
teastep
bba152b119 Don't generate redundant ACCEPT rules for DNAT/REDIRECT/SAME 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-05 14:13:45 +00:00
teastep
f56e907907 Correct typo in /etc/shorewall/policy; Allow "all+" in SOURCE/DEST in /etc/shorewall/rules to enable intra-zone traffic 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2454 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-04 20:24:23 +00:00
teastep
2b261424d7 Minor tweak to 'dump'; remove the dynamic blacklist in 'forget' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2451 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-03 20:24:55 +00:00
teastep
1b1af2fc65 Remove some dead code and reduce confusion amoung those who read the code (including me) 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2450 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-02 21:06:05 +00:00
teastep
ac1983a5da Large cleanup patch from Tuomo Soini 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-02 16:46:30 +00:00
teastep
21a7315717 Remove last vestiges of 'nobogons' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2445 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-01 20:43:46 +00:00
teastep
3f748212d6 Globalize shorewall_is_started() 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-01 20:35:28 +00:00
teastep
c66159abee capitalize 'terminator' variable; duplicate PREROUTING connmark logic in OUTPUT 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2441 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-01 17:17:24 +00:00
teastep
c7cb64e4ee Make a couple of more warnings more emphatic 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2438 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-31 17:15:37 +00:00
teastep
54a5a111a6 Make separate_list handle enclosures in a more general way 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2437 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-31 17:12:04 +00:00
teastep
0a03598d11 Correct anachronistic reference in /etc/shorewall/shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-31 16:26:55 +00:00
teastep
0cafde4c74 Correct anachronistic reference in /etc/shorewall/hosts 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2435 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-31 15:07:48 +00:00
teastep
b828793da9 Recombine the 'status' and 'state' commands 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2434 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-30 21:59:12 +00:00
teastep
86f20a374b Little cleanup of release notes and /sbin/shorewall 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2431 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-29 19:06:37 +00:00
teastep
9feb547b6e /sbin/shorewall status rework -- take 2 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-29 18:32:50 +00:00
teastep
48502e75bb Fix 'status' command in /usr/share/shorewall/firewall; try to make release notes clearer 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2429 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-28 20:22:25 +00:00
teastep
989e1e87a5 Fix syntax error in 'help' file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2428 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-28 14:45:59 +00:00
teastep
2a52d3342d Fix Makefile; rename status to dump and create a real status command 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2427 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-28 14:37:56 +00:00
teastep
5f37ce46bf Fix typo which broke use of arping 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2426 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-27 22:41:52 +00:00
teastep
5f58eac0f7 Optimize use of 'arping' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2423 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-27 22:13:25 +00:00
teastep
6c8b63bfe0 Remove dependence on 'which' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2421 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-27 20:30:16 +00:00
teastep
9a42f57a6a Allow 'ipsec' in /etc/shorewall/hosts to work in the presence of dynamic zones 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-27 17:29:20 +00:00
teastep
03c0415eb5 Fix errors and omissions in shorewall.spec 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-26 14:22:29 +00:00
teastep
dca0b27564 Fix errors and omissions in shorewall.spec 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2413 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-26 14:09:57 +00:00
teastep
f442002d3b Fix errors and omissions in shorewall.spec 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2412 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-26 14:09:57 +00:00
teastep
2a3353ebe7 Fix errors and omissions in shorewall.spec 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-26 14:05:23 +00:00
teastep
82e50a632f Fix errors and omissions in shorewall.spec 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2410 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-26 14:02:50 +00:00
teastep
b66929a65e Large merge of function from EXPERIMENTAL to HEAD. 
1) Elimination of the "shorewall monitor" command.

2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.

3) Support has been added for the arp_ignore interface option.

4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.

5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.

6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).

7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.

8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.

9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.

10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.

11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-25 23:08:09 +00:00
teastep
0d56188e7a Add warning about function use in the 'started' extension script 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2404 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-24 23:44:19 +00:00
teastep
89eaf99906 Pretty up the output of 'show actions' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2403 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-24 16:49:02 +00:00
teastep
aaecd53a29 Add 'shorewall show actions command' 
Make it possible for the 'stopped' extension script to save commands in
the 'restore-tail' file by calling 'run_and_save_command' and
'save_command'


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2401 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-24 16:27:21 +00:00
paulgear
d8a471e7b9 Cleaned up additional rules from Debian package. Got rid of versions 
and paths in the header comments, since they're just as likely to be
wrong as not.  Changed all service names to port numbers.  eDonkey is a
big one - i wonder whether it isn't too variable for us to consider
providing a default rule.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-23 03:09:06 +00:00
paulgear
b6649720cb Adding extra actions provided by Debian package 
Do not use yet - these need cleaning


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2394 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-22 23:04:36 +00:00
teastep
f3ea3c7edb Avoid annoying 'ipset:not found' message 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-22 22:24:28 +00:00
teastep
fbabd7d6ef Obviate the need for 'loose' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2389 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-21 19:48:33 +00:00
paulgear
d7f9a22d77 How long have these names been hanging around? :-) 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2381 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-20 03:36:31 +00:00
teastep
ca8e5631d3 Make \!<address> work in the SUBNET column of the masq file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2374 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-20 01:10:28 +00:00
teastep
b0e6e3a893 Given the large number of people shooting themselves in the foot with 
poorly-written one-to-one NAT rules, I'm changing the shorewall.conf
file to set ADD_IP_ALIASES=No in shorewall.conf. Hopefully, this will
reduce the amount of whining about routing table modification during
"shorewall [re]start".


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-19 18:41:05 +00:00
teastep
687704eff2 Add 'loose' provider option; add COPY column to providers file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-18 22:40:26 +00:00
teastep
318e204358 Re-implement MACLIST_TTL 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-17 22:08:15 +00:00
teastep
c6e3e84352 Disable MACLIST_TTL 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-17 16:52:21 +00:00
paulgear
7c0e2c8f77 More disabling until i can get a clean build 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2355 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-17 11:37:05 +00:00