Tom Eastep
613e41c25a
Enable OPT 16 in check -r; Suppress duplicate rules
2011-11-25 16:05:07 -08:00
Tom Eastep
90e03e1833
Even more tweaks to optimize 16
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-25 14:46:37 -08:00
Tom Eastep
71bbd7963c
Some tweaks to optimize 16
2011-11-25 10:42:10 -08:00
Tom Eastep
0f02b497f6
Document optimize 16 in the manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 11:11:59 -08:00
Tom Eastep
f305da9d0d
Require extended multi-port match for OPTIMIZE 16.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:57:09 -08:00
Tom Eastep
8d8a681f40
Implement optimization level 16
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:22:04 -08:00
Tom Eastep
4559c8b5d0
Tweaks to convert_blacklist()
...
- Reword an error message to handle both missing file and zero-sized file.
- Don't rename file that doesn't exist.
2011-11-21 12:13:39 -08:00
Tom Eastep
1a968ec734
Add routefilter to one-armed router section
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-21 05:54:51 -08:00
Tom Eastep
dffb79e7bd
Handle empty blacklist file in 'update -b'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 17:02:01 -08:00
Tom Eastep
bd8ba435cd
Avoid uninitialized value in hash element.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 16:24:42 -08:00
Tom Eastep
4d30811794
Implement 'show marks'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 12:29:17 -08:00
Tom Eastep
4a7d4d6abc
Bring the upgrade issues doc up to date
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:46:02 -08:00
Tom Eastep
88a883da71
Update references to WIDE_TC_MARKS and HIGH_ROUTE_MARKS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:45:47 -08:00
Tom Eastep
e5a6387695
Eliminate use of WIDE_TC_MARKS in the Tc module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:45:16 -08:00
Tom Eastep
5097d36a33
Update Packing Marking doc for this release
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 07:41:17 -08:00
Tom Eastep
382309bc53
Derive default values for the mark-layout options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 07:03:33 -08:00
Tom Eastep
86c51f24d9
Deprecate the old mark layout options.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 17:14:05 -08:00
Tom Eastep
9d56fcab89
Update Shorewall6 .conf files and manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:54:10 -08:00
Tom Eastep
2fd3766be8
Remove duplicate options from Universal shorewall.conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:01:23 -08:00
Tom Eastep
9988f744ff
Add mark layout options to shorewall.conf manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:55:45 -08:00
Tom Eastep
0adc82f469
Add the mark layout options to shorewall.conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:29:07 -08:00
Tom Eastep
83d7cfa76a
Update documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:18:43 -08:00
Tom Eastep
ae8aa3a45a
More fixes for ZONE_BITS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 08:19:38 -08:00
Tom Eastep
ab1b65d6a8
Fixes for blacklist conversion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 08:18:58 -08:00
Tom Eastep
4f9afc32ec
Allow zone names in the MARK column when ZONE_BITS != 0
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-18 07:23:24 -08:00
Tom Eastep
7c0cb69c29
Don't copy limited broadcast routes to provider tables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-18 07:07:51 -08:00
Tom Eastep
364b30fd9b
Fix 'update -b' handling of missing files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-18 06:26:37 -08:00
Tom Eastep
72f75c201c
Implement zone automark
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 16:07:45 -08:00
Tom Eastep
96f5aec71f
Add ZONE_BITS configuration option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 10:40:47 -08:00
Tom Eastep
fe09646bed
Make zone types a power of 2.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 09:23:39 -08:00
Tom Eastep
348c6c8cf7
Correct handling of LOGMARK
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 07:22:07 -08:00
Tom Eastep
d096b9399a
Fix '\!' handling in validate_level()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-15 16:41:32 -08:00
Tom Eastep
afaf0d9de8
Trivial optimiation in validate_level()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-13 06:19:40 -08:00
Tom Eastep
28a1087cd4
Cleanup of rewritten validate_level()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-13 05:58:59 -08:00
Tom Eastep
73ed66b9b9
Add ULOG and NFLOG capabilities plus LOGMARK for IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-12 14:10:48 -08:00
Tom Eastep
bf010dc03e
Macro changes from Tuomo Soini
2011-11-11 15:08:57 -08:00
Tom Eastep
ffec7a4d95
More corrections to wildcard interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-11 07:29:44 -08:00
Tom Eastep
04dfe26549
Remove two unused variables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-11 05:23:37 -08:00
Tom Eastep
972721facb
Remove some white space
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 17:52:25 -08:00
Tom Eastep
6813409c31
Make the previous patch a bit cleaner
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 07:19:21 -08:00
Tom Eastep
d85f6970e3
Fix wildcard interfaces
...
- Suppress extra jumps to interface chains.
- Insure that the 'lo' ACCEPT rule doesn't get masked by a wildcard interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 06:53:48 -08:00
Tom Eastep
83d373c0aa
More documentation cleanup.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 06:52:14 -08:00
Tom Eastep
7ebf5a4284
Correct links in shorewall.conf manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-09 09:56:59 -08:00
Tom Eastep
d053faadde
Allow convertion of a legacy blacklist configuration
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
6108a9cad8
Delete BLACKLISTSECTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 14:46:14 -08:00
Tom Eastep
da7516d401
Update config files and manpages for BLACKLISTSECTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 12:05:07 -08:00
Tom Eastep
b0103a51d5
Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
2011-11-06 08:44:26 -08:00
Tom Eastep
1091c24348
Implement the BLACKLISTSECTION option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 08:43:38 -08:00
Tom Eastep
755ed9859b
Merge branch '4.4.25' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
2011-11-06 06:16:43 -08:00
Roberto C. Sanchez
cf8c30904d
Add support for a "status" command to the Debian init scripts
...
(cherry picked from commit d36a2030ea
)
2011-11-06 09:10:59 -05:00