Commit Graph

10302 Commits

Author SHA1 Message Date
Tom Eastep
b7a3142620 Document parameterized default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:25:48 -07:00
Tom Eastep
a60fe6e665 Allow parameters to be specified to Default Actions in the policy file
and in shorewall.conf.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 14:58:54 -07:00
Tom Eastep
68bf99ec69 Parameterize the standard default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 08:34:37 -07:00
Tom Eastep
3dd363677c Implement set_action_param
Export both set_action_params and read_action_param by default

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 08:33:21 -07:00
Tom Eastep
8b6a7a7053 Implement read_action_param()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:49:57 -07:00
Tom Eastep
f278d05637 Rename action param functions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:46:54 -07:00
Tom Eastep
0cb98737f7 Document DEFAULTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:29:25 -07:00
Tom Eastep
2549982528 Fix DEFAULTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:23:41 -07:00
Tom Eastep
af1898b17b Document default values for parameters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:18:11 -07:00
Tom Eastep
acefd0a75b Improvements to interfaces manpages
- Indicate when 'routefilter' cannot be used.
- Clarify use of 'sfilter'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 06:44:07 -07:00
Tom Eastep
6e6be468a9 Support for DEFAULT statements in actions 2011-06-10 17:05:09 -07:00
Tom Eastep
32c7d36cd0 Make zones with multiple interfaces complex
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 15:37:26 -07:00
Tom Eastep
dbd30f981c Set the interface routeback option if there are any IP host groups with 'routeback'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 15:37:09 -07:00
Tom Eastep
79348d2b55 Correct manpages: filter->sfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 06:04:45 -07:00
Tom Eastep
8a7ad569e4 Don't leave unused sfilter chains in the config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 17:22:48 -07:00
Tom Eastep
3e9a54d404 Couple of tweaks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 17:22:34 -07:00
Tom Eastep
a0b0c5bdac Jump (don't go) to sfilter1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 14:24:44 -07:00
Tom Eastep
1399a8ffde Don't move rules from a chain with references
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 14:24:38 -07:00
Tom Eastep
9555a552c2 Fix FORWARD with ipsec dest
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 14:24:08 -07:00
Tom Eastep
71177c3ca3 Exempt ipsec from sfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 07:27:06 -07:00
Tom Eastep
b17ad603ae Correct typo in the shorewall-providers manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-08 14:38:56 -07:00
Tom Eastep
fa2746d469 Apply sfilter to INPUT as well as FORWARD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-08 09:40:28 -07:00
Tom Eastep
d6ebdd3cb7 Fix tcrules manapges WRT source/dest ports
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-08 09:03:08 -07:00
Tom Eastep
35d1586672 Correct sfq handle assignment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 13:58:45 -07:00
Tom Eastep
a3968beb7e Add fix inadvertently dropped from 4.4.19.4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 13:57:52 -07:00
Tom Eastep
0e839f3d7b Initiate 4.4.21
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 09:54:35 -07:00
Tom Eastep
9fb2ab718c Have AUTOMAKE follow CONFIG_PATH
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 08:51:36 -07:00
Tom Eastep
9c2c562bf5 Correct autorepeat wart
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 06:45:50 -07:00
Tom Eastep
cf0275a049 Make FAKE_AUDIT work again 2011-06-06 16:08:29 -07:00
Tom Eastep
59c11e205b Update release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 15:48:26 -07:00
Tom Eastep
642319d706 Change annotated documentation default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 15:40:21 -07:00
Tom Eastep
cfb3d6a801 Merge branch '4.4.20' 2011-06-06 14:09:26 -07:00
Tom Eastep
6136e986cf Update version to 4.4.20.1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 14:08:25 -07:00
Tom Eastep
186f89f387 Merge branch '4.4.20' 2011-06-06 13:23:47 -07:00
Tom Eastep
e8f61e2109 Restate vulnerability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 13:19:40 -07:00
Tom Eastep
447d0f0b2d Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:52 -07:00
Tom Eastep
c42c6864b4 Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:22 -07:00
Tom Eastep
2803d3ee0b Merge branch '4.4.20' 2011-06-06 07:02:57 -07:00
Tom Eastep
c2e78bfaf8 Correct address of the FSF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 06:55:40 -07:00
Tom Eastep
f04a541195 Merge branch '4.4.20' 2011-06-05 18:02:03 -07:00
Tom Eastep
037a9374df Merge branch '4.4.20' 2011-06-05 17:59:19 -07:00
Tom Eastep
4436d479b4 Extend FAQ 4 2011-06-05 17:58:20 -07:00
Tom Eastep
b20156de9e Add note about 'burst' to the complex TC doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-05 06:33:33 -07:00
Tom Eastep
e264e42d81 Add note about 'burst' to the complex TC doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-05 06:33:01 -07:00
Tom Eastep
aabefe91f1 Merge branch '4.4.20' 2011-06-04 08:46:40 -07:00
Tom Eastep
f1cbfab7ac More blacklist/audit fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-04 08:45:23 -07:00
Tom Eastep
653a61a04a Merge branch '4.4.20' 2011-06-04 07:44:24 -07:00
Tom Eastep
a9c0824a30 Correct BLACKLIST_DISPOSITION=A_xxx with BLACKLIST_LOG_LEVEL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-04 07:44:07 -07:00
Tom Eastep
818b927b73 Make Kernel Config article unmaintained 2011-06-04 06:31:25 -07:00
Tom Eastep
4f3b306140 Make Kernel Config article unmaintained 2011-06-03 18:26:46 -07:00