Commit Graph

614 Commits

Author SHA1 Message Date
teastep
5b101f3a81 Use the routing table rather than the ip configuration to determine masquerading
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@416 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:59:49 +00:00
teastep
94c5455c9e Masquerade from all primary subnets when an interface name is in the second column of masq file entry
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@415 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:47:22 +00:00
teastep
43cc73ef47 Allow creation of an alias label when ADD_IP_ALIASE=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 19:42:23 +00:00
teastep
0bd0a3672e Allow specification of marking chain in TC rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 23:18:40 +00:00
teastep
a0cb5de22c Make FORWARDPING=Yes verboten under OLD_PING_HANDLING=No; make 'list' a synonym for 'show' in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@410 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 01:13:36 +00:00
teastep
7fe133fe4a Add OLD_PING_HANDLING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@406 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-21 00:34:00 +00:00
teastep
3b29150cb2 Fix bug in 'shorewall add' re 'find_interfaces_by_maclist'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@405 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-20 23:06:55 +00:00
teastep
bdcf22b4f8 Add NAT support with remote IPSEC zone; add UDP 4500 to ipsecnat support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@398 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-07 16:26:41 +00:00
teastep
feb0752113 Allow shared files to be moved easily
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@397 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 23:01:23 +00:00
teastep
a28dac71ec Update release notes comment -- allow '-' in ORIGINAL DEST column for consistency
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 14:12:59 +00:00
teastep
305c43fea2 Fix RFC1918_LOG_LEVEL
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@394 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-03 17:48:11 +00:00
teastep
b1fb6bd72c Add CLEAR_TC option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 16:04:31 +00:00
teastep
9ebd6ceaae Exit status 255 from tcclear indicates that Shorewall should not clear tc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@391 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 03:50:05 +00:00
teastep
144c9ab576 Add DNAT- action; 'shorewall check' prints policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@390 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 01:10:28 +00:00
teastep
6ec62fd189 Fix bug in blacklist logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@381 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-22 05:26:20 +00:00
teastep
ba05611498 Fix bad bug in find_hosts_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@376 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 21:10:53 +00:00
teastep
43b6a8acc8 Change comment on SPT=0 trap
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@375 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 01:13:41 +00:00
teastep
ad6a24aa3f a) fix a silly bug and b) avoid calling separate_list on an already separated list
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 21:30:58 +00:00
teastep
97c6eae79e Release 1.3.12-Beta1 Changes; bug fix from Tuomo Soini
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 20:14:10 +00:00
teastep
c9a1bff975 More Cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 23:56:34 +00:00
teastep
efb857df9d Fix a couple of bugs in recent changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:58:21 +00:00
teastep
852217c510 Break 'run_iptables' into two functions - only run_iptables2 checks for \!
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@369 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:26:03 +00:00
teastep
fa843d4139 Allow marking packets in the FORWARD chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@368 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-16 19:25:20 +00:00
teastep
ede456adf6 Restore fw->fw redirection; Check for SPT=0 in SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@367 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-14 15:44:26 +00:00
teastep
b9891e08e2 Add ULOG Support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@362 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-13 03:23:46 +00:00
teastep
faa859e84a Added error message for MAC address in rule destination
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 22:48:04 +00:00
teastep
39da3ef60f Remove redundent function - add some comments
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 16:03:26 +00:00
teastep
1fa9316550 Yet another speed improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@357 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-09 02:42:28 +00:00
teastep
46e306eba9 Correct wording of an error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 23:33:26 +00:00
teastep
14b0682723 More [re]start speedups
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@355 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 03:21:32 +00:00
teastep
2528043867 Speed up 'separate_list'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@354 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-06 00:31:49 +00:00
teastep
992cc301a7 Generate error if 'lo' is defined in the interfaces file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@353 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 17:29:56 +00:00
teastep
7a1aa39f95 Speed up running of iptables
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@351 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 00:18:47 +00:00
teastep
14a20ece71 a) Rewrote 'list_count' to not require 'wc'
b) Turn off trace after error
c) Allow output ICMP unconditionally again


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@350 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 23:53:03 +00:00
teastep
0f33d5af0d Refresh also refreshes traffic control/shaping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@349 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 21:17:14 +00:00
teastep
94cc75b63a Fix bug in NAT exclusion -- Roger Aich
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@344 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-27 19:16:06 +00:00
teastep
9a8d39bdd5 Add reverse GRE rules for PPTP server and clients
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@337 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-24 18:40:51 +00:00
teastep
dc0c17f075 Minor firewall cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@334 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-13 00:57:48 +00:00
teastep
871eeffa2c Revise 'all' in rules to never apply to intra-zone traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@333 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 19:47:34 +00:00
teastep
9483f891fc Allow 'all' in rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@332 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 19:21:47 +00:00
teastep
0ad28aae80 Correct fw->fw rule catcher
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@331 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 18:24:38 +00:00
teastep
a511b9b485 Check for fw->fw rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@330 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 17:38:40 +00:00
teastep
18a6aff46a Add some comments in the policy chain creation/population logic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@327 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 03:41:42 +00:00
teastep
b8f806e625 Accomodate bash clones like dash and ash
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@325 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-10 23:15:53 +00:00
teastep
8c3af56566 Add TCP Flags Checking
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@324 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-10 21:34:20 +00:00
teastep
c44cb44f7c Verify interface names in the SOURCE column of /etc/shorewall/tcrules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@318 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-09 15:56:29 +00:00
teastep
507fa8069d Cosmetic cleanup in firewall script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@317 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-03 15:42:23 +00:00
teastep
5ff9d1a888 Clear nat and mangle counters during 'shorewall reset'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@316 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-30 15:56:46 +00:00
teastep
eef8a3dc72 Improve comments in interfaces file re: use of aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@314 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-29 01:36:06 +00:00
teastep
01a78306cf Update release and changelog files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@312 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-24 00:47:43 +00:00
teastep
0eda4bab27 Conserve space by removing comment decorations
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@311 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 16:48:40 +00:00
teastep
a997c16a42 Clean up MAC Verification Code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@310 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 15:58:53 +00:00
teastep
d26c6a5e92 Extend 'maclist' to the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@309 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 01:22:48 +00:00
teastep
347fc0da18 Adjust insertion points for dynamic zone rules based on MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@308 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 18:33:37 +00:00
teastep
cd555022bf Add MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@306 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 18:07:52 +00:00
teastep
9f691d20e4 Allow SNAT using primary IP and ADD_SNAT_ALIASES=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 00:13:24 +00:00
teastep
42d7503984 Give better error message when getting the IP of a down interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-21 18:13:28 +00:00
teastep
23f6bb2371 Move the main firewall script to /usr/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@297 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-15 15:00:11 +00:00
teastep
c1d99fe769 Add support for PPTP client and server on the Firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@295 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-14 22:26:28 +00:00
teastep
912681428b Tone down ipsecnat rules a bit
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@294 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-11 17:19:06 +00:00
teastep
2c41dc5154 Add IPSECNAT tunnel type; correct typo in spec file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@293 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-10 13:29:06 +00:00
teastep
9c0ad6d495 Fix typo in firewall script (recalculate_interfacess)
Add PATH assignment to the install script
Correct 'functions' file handling in the install script


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@288 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-09 15:05:53 +00:00
teastep
38e5f236dc Remove iptables 1.2.7 hacks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@286 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-05 16:36:53 +00:00
teastep
46328322db Add some comments to the Dynamic Zone code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@282 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-02 01:24:57 +00:00
teastep
93db8120f9 Some optimizations to the Dynamic Zone code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@281 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:58:48 +00:00
teastep
e55951ba31 Fix typo
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@280 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:49:17 +00:00
teastep
09285f8c06 Fix rule insertion algorithms for Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@279 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:43:03 +00:00
teastep
8ff1919657 Correct typo in error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@278 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:01:34 +00:00
teastep
73ae96bb64 More fixes for Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@277 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 22:27:19 +00:00
teastep
1a0534f5c0 Corrections to Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@276 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 21:46:48 +00:00
teastep
129cedbe8f First implementation of dynamic zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@275 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 20:54:42 +00:00
teastep
e7c44ec80e Fix dumb bug in 1.3.9 Tunnel Handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@270 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-30 17:48:20 +00:00
teastep
85dfee1475 Remove after error exits
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-29 21:28:44 +00:00
teastep
c665fec5ef Cleanup of 1.3.9 for Bering
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@261 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-29 21:08:25 +00:00
teastep
86d7723602 Fix problems with oddball shells; updated documentation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@260 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-28 00:31:15 +00:00
teastep
f536d805b0 Move fireall, function and version to /usr/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@259 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-27 21:10:21 +00:00
teastep
de84a5a43e Don't insist on NEW state for odd protocols -- part 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@257 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-26 20:35:25 +00:00
teastep
ccf0e4d598 Don't insist on NEW state for odd protocols
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@256 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-26 20:28:49 +00:00
teastep
f2b2e84808 Add DNS Name support; remove startup_disabled on uninstall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@255 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-24 23:13:36 +00:00
teastep
7ff49f05b6 Prevent pre-configuration startup; change version to 1.3.9
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@250 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-19 20:40:10 +00:00
teastep
7f249597b6 Fix typo in policy file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@248 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-19 18:36:09 +00:00
teastep
167cf45cea Allow both interface and address on source in rules file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@247 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-18 23:38:09 +00:00
teastep
87890954b7 Allow RST and ACK packets under NEWNOTSYN=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@238 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-16 16:08:15 +00:00
teastep
53f8743591 Add ICMP and MULTIPORT support to the black list
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@237 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-14 23:40:46 +00:00
teastep
80498aa034 Assume 'multi' if canonical chain exists; add PROTOCOL and PORT columns to the blacklist file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@236 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-14 22:00:52 +00:00
teastep
08eed6d0b4 Second try at DNAT fw ... fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@229 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-02 17:39:46 +00:00
teastep
b3e56a87ea Correct DNAT with 'fw' source; verify interface in masq file entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@227 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-01 17:34:59 +00:00
teastep
ff412cba4d Fix for 'shorewall refresh' bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@225 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-27 02:15:48 +00:00
teastep
def9caa806 Replace tab with space in black list message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@219 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-26 20:36:19 +00:00
teastep
429b8e7d38 Check for DHCP before RFC 1918
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@217 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-24 15:09:34 +00:00
teastep
8f4ff3306e NEWNOTSYN option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@216 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-23 18:51:55 +00:00
teastep
2ef1dbf0af Correct rule processing bug in 1.3.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@212 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-23 01:55:51 +00:00
teastep
d766536d1c Correction to iptables 1.2.7 workaround
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@205 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-22 13:34:43 +00:00
teastep
bcea92a607 Work around iptables 1.2.7 bugs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@204 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 17:33:22 +00:00
teastep
7af8a1dbb6 Correct ADD_SNAT_ALIASES problem (again)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@203 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 14:40:42 +00:00
teastep
646a947b8c Correct ADD_SNAT_ALIASES problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@202 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 13:56:28 +00:00
teastep
652cadb22c Add loopback class A to rfc1918 file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@201 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-17 22:15:41 +00:00
teastep
6ae0ea8981 Make multiport work with iptables 1.2.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@197 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-14 16:01:32 +00:00
teastep
3c8515aa6b Remove ICMP.DEF and replace with FORWARDPING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@189 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-12 17:33:05 +00:00
teastep
0e9e5a4241 Remove extra '-p tcp'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@178 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 19:45:49 +00:00
teastep
ed2036ece9 Make 'new not SYN' user-customizable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@177 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 19:06:32 +00:00
teastep
27952f3d4b Final 'New not SYN' implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@176 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 18:45:13 +00:00
teastep
3428f59895 New technique for dealing with NEW not SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@175 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 23:34:46 +00:00
teastep
7b00737a94 Initialize LOGNEWNOTSYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@174 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 14:43:39 +00:00
teastep
3ae4938cec Update versions to 1.3.6\; Add NEWNOTSYN parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@173 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 14:40:06 +00:00
teastep
5940dd8815 Fix proxyarp attribute
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@171 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-04 22:54:49 +00:00
teastep
51c7e767ff Remove lock file when firewall script dies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@165 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-29 23:53:26 +00:00
teastep
63bc520aa9 Allow host-list in /etc/shorewall/hosts again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@164 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-29 14:31:50 +00:00
teastep
576ee2beee Correct bugs in 1.3.5
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@161 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-27 18:47:09 +00:00
teastep
c2b143cba0 Added 'proxyarp' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@156 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-25 15:05:21 +00:00
teastep
b898747dc3 Add MUTEX_TIMEOUT variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@150 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-24 03:47:34 +00:00
teastep
621e8df85b Issue message when adding an IP address
Don't die on lockfile timeout


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-23 23:09:14 +00:00
teastep
1412f0d698 Centralize addition of IP aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@147 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-23 16:26:45 +00:00
teastep
2344570e81 Change Version to 1.3.5
Save counter reset time/date in /var/lib/shorewall/restarted


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@146 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-22 22:31:07 +00:00
teastep
90e2520f1c Provide saner behavior WRT the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@144 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-19 22:51:28 +00:00
teastep
44e0821f66 Duplicate new checks in start/restart path
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@141 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-18 13:43:51 +00:00
teastep
646a259f2e Improve source/dest checking in 'check'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@140 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-17 21:42:30 +00:00
teastep
13305c45c3 Detect empty source and destination qualifiers
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@139 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-17 18:55:08 +00:00
teastep
ccdbd9faed Allow shell variable expansion in /etc/shorewall/routestopped
Make the HOST(S) column optional in /etc/shorewall/routestopped
Add a 'stopped' user exit


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@132 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-11 16:15:40 +00:00
teastep
45e4750219 Add 'routestopped' file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-11 00:01:45 +00:00
teastep
0665db84e1 Correct policy file zone validation during [re]start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@130 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-09 22:39:22 +00:00
teastep
5fb079b6f3 Rename DETECT_IPADDRS to DETECT_DNAT_IPADDRS
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@129 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-09 21:21:28 +00:00
teastep
90b701de4d Implement DETECT_IPADDRS parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@128 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-09 15:44:49 +00:00
teastep
350426f983 Undo over zealous tabification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@126 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-06 14:05:30 +00:00
teastep
e899d2a8ab Untabify major files and fix 'hits' bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@114 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 22:24:40 +00:00
teastep
ee19fb9ea6 More NAT table Tuning
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@113 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 21:57:37 +00:00
teastep
a53f7546bb Correct stupid error in chain name routines
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@112 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 16:48:41 +00:00
teastep
a8c6143943 More NAT table Rework
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@103 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 15:56:02 +00:00
teastep
338673c29a Improve handling of PREROUTING for NAT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@102 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-04 15:41:51 +00:00
teastep
750d40ce03 Fix MULTIPORT port forwarding
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@101 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-03 23:31:50 +00:00
teastep
939750baa2 Fix NAT_BEFORE_RULES=No
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@100 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-30 14:35:32 +00:00
teastep
6b8a9b8ddf Validate the interfaces in the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@96 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-28 23:42:00 +00:00
teastep
399aa099ba Correct ICMP Protocol Number in Case Statement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@93 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-25 16:11:27 +00:00
teastep
90bb5f1b53 Correct RFC1918 Logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@92 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-25 14:31:45 +00:00
teastep
1623988384 Validate TARGET column in rfc1918 file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@91 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-21 21:40:36 +00:00
teastep
2bcb33a34d Rename rfc1918 mangle chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@90 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-21 17:20:18 +00:00
teastep
115e052f12 Reorganize Tunnel Creation; Automatic 'multi' on wildcard interfaces
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@89 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-21 15:57:01 +00:00
teastep
a9d40f34b3 Reorganize rules file processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@84 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-19 21:51:36 +00:00
teastep
98d57a3733 Correct indentation in check_config()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@83 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 19:30:22 +00:00
teastep
8dc9451500 Enable forwarding during clear
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@82 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 17:56:00 +00:00
teastep
16a9abc9d8 Flush all chains during clear
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@81 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 17:53:24 +00:00
teastep
332352bc6f Correctl duplicate interface message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@80 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 15:50:16 +00:00
teastep
d5bfd4e40a Correctly detect duplicate entry in interfaces file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@79 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 15:44:17 +00:00
teastep
38a0ff5486 Fix bug in find_hosts_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@77 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-17 17:50:45 +00:00
teastep
1cb43c539c Move the 'save' file to /var/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@76 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-16 17:56:45 +00:00
teastep
1c299919c8 Fix bug in find_interfaces_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@74 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-15 17:28:46 +00:00
teastep
65e4f035b0 Move firewall, functions and version to /var/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@73 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-15 17:27:41 +00:00
teastep
bdb05089e6 Correct an indentation problem in firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@64 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-12 16:15:26 +00:00
teastep
69220bedfe Cosmetic changes to firewall and shorewall files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@63 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-11 20:14:58 +00:00
teastep
52ef74cfb8 Correct missing argument to packet_log() in the "shorewall status" command.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@62 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-10 16:53:18 +00:00
teastep
d58c3ac29e Include workaround for ICMP bug in firewall script.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@61 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-09 16:30:52 +00:00
teastep
aac129f404 Add dynamic drop/reject/allow/save functions.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@57 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-04 20:17:46 +00:00
teastep
fe1086676a Speed up multiport selection code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@53 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-02 23:14:51 +00:00
teastep
3563a47103 Don't use "-m multiport" if port lists don't have more than one element.
Clarify comments on the MULTIPORT option in shorewall.conf.
Update versions to 1.3.2.
Update release notes and change log.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@51 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-02 19:47:17 +00:00
teastep
ca9c02ce7f Fix problem with double-counting SYN packets.
Avoid superfluous jumps to the policy chain with CONTINUE.
Add reserved networks to rfc1918.
Implement MULTIPORT option for multiport match support.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@50 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-02 17:05:51 +00:00
teastep
16d50cb974 Final Changes for 1.3.1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@47 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-01 00:28:18 +00:00
teastep
44abd1be80 Add rfc1918 file and correct 'all->z CONTINUE' policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@43 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-31 14:33:18 +00:00
teastep
5245e3b75a Final 1.3 Updates
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@41 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-30 12:55:47 +00:00
teastep
4c1193e4cd Near complete removal of the 'multi' pseudo-zone
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@31 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-18 19:04:45 +00:00
teastep
44170128c2 1.3 Beta 2 Snapshot
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@27 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-18 13:45:23 +00:00
teastep
4f01c2b3ed Final 1.2.13 Update
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@15 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-04 18:38:49 +00:00
teastep
9ba6a48354 Slight cleanup of the ADD_IP_ALIASES change.
Apply the same change to ADD_SNAT_ALIASES.
Add a new 'report' function that prints and logs in a single call.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@14 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-02 22:56:27 +00:00
teastep
d97c5573c6 Cause aliases added under ADD_IP_ALIASES to use the VLSM and Broadcast of
the primary IP address.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@13 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-02 01:34:56 +00:00
teastep
7c78bb16a7 Initial revision
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@10 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-04-30 23:13:15 +00:00