Commit Graph

178 Commits

Author SHA1 Message Date
teastep
b98c2dc661 Disallow DROP with ratelimiting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6214 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 16:30:59 +00:00
teastep
d1b9a71a3b Ensure that action extension scripts are always processed
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6213 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 16:02:24 +00:00
teastep
92823f08f3 Catch invalid use of COMMENT in action body
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6209 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 15:13:51 +00:00
teastep
61fb84d23b Fix COMMENT in action files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6208 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 14:24:56 +00:00
teastep
14a243fa20 Fix bad ruleset caused by empty action
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6207 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 14:00:08 +00:00
teastep
94d324d01d Fix LOG rule with level in an action
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6206 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 02:07:04 +00:00
teastep
9f8aebe33d Fix LOG rules in action files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6205 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-03 00:56:36 +00:00
teastep
7af29213b8 Revert change 6200
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6201 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 21:59:11 +00:00
teastep
72f278b704 Restructure process_actions1 to be like the Shell version
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6200 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 21:43:04 +00:00
teastep
7aec5dc398 Catch self-invocation of an action
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6199 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 21:20:01 +00:00
teastep
fd7d07cd75 Make SOURCE and DEST reserved names
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6197 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 18:49:56 +00:00
teastep
79d57a7751 Fix handling of Action extension scripts
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6195 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 16:43:58 +00:00
teastep
16d22e9c27 Simplify 'isolate_basic_target'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6194 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 16:22:08 +00:00
teastep
47b309f221 Remove redundant space from log rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6192 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 15:49:41 +00:00
teastep
3d4900ef9e Fix tag handling with macros
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6191 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 15:39:36 +00:00
teastep
2243553b28 Use --or-mark like shorewall-shell
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6190 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 15:03:44 +00:00
teastep
6accb50ca7 Fix mask used in connmark manipulation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6189 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 14:24:19 +00:00
teastep
e9b6bdc9a6 Fix OWNER handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6188 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-02 00:33:30 +00:00
teastep
bf81862741 Adjust macro merging -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6187 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 23:40:37 +00:00
teastep
5f1f0b9ace Adjust macro merging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6186 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 23:39:38 +00:00
teastep
fcbe8768c3 Another round of Macro fiddling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6185 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 23:04:30 +00:00
teastep
e2e316c6c7 Fix port 0 in macro invocation -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6184 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 21:24:40 +00:00
teastep
4aec31b1ac Fix port 0 in macro invocation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6183 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 21:23:21 +00:00
teastep
a2453451db Add MARK handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6179 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 18:30:10 +00:00
teastep
15c8f371b1 Fix for macro handling of rate and user
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6178 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 17:50:50 +00:00
teastep
6852e09ba3 More multiport improvements
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6176 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 17:24:44 +00:00
teastep
d5b278a969 Fix ipset match generation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6174 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 16:39:41 +00:00
teastep
c984c0bbe3 Try to handle multiport sport/dport correctly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6173 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 16:20:49 +00:00
teastep
d1d8a11858 Try to handle multiport sport/dport correctly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6172 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 16:18:45 +00:00
teastep
278ab3bc8d Fix mark testing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6171 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 15:55:41 +00:00
teastep
ecc6c0bb5d Small optimization of provider handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6170 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 14:53:57 +00:00
teastep
bb157c5864 Fix silly providers bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6169 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 14:29:34 +00:00
teastep
f64e8128ed Fix IPP2P matching
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6168 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 01:02:55 +00:00
teastep
3c15fdabdd Fix "!" following log level
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6167 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-05-01 00:01:24 +00:00
teastep
3156e2f3d2 Correct error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6166 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 22:25:34 +00:00
teastep
0d01ff7d84 Update version to 3.9.5
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6164 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 22:00:07 +00:00
teastep
f95a9e4db3 Fix remaining problems reported by Andras Sarkozy
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6157 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 17:55:43 +00:00
teastep
0b996cb556 Remove ACCEPT- silliness; fix IPSET capability detection
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6156 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 16:29:19 +00:00
teastep
e596c92d74 Fix some rule problems -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6155 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 15:25:07 +00:00
teastep
c1d6faf509 Fix some rule problems
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6154 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 15:07:51 +00:00
teastep
a6358bf7e4 Fix some 'policy' file bugs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6151 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-29 22:29:10 +00:00
teastep
bc7b6354df Validate netmap interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6150 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-29 18:33:30 +00:00
teastep
ecbd719bef Fix RETAIN_ALIASES=Yes behavior; only 'detect' first address for SNAT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6149 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-29 14:28:11 +00:00
teastep
fbec94e465 Fix ADDRESSES = 'detect' on optional interface -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6147 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-28 15:08:17 +00:00
teastep
f22fc6575e Fix ADDRESSES = 'detect' on optional interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6146 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-28 15:07:08 +00:00
teastep
e8a4bb4469 Fix exclusion in masq SOURCE column
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6145 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-28 14:59:18 +00:00
teastep
849615da17 Add additional command/rule controls
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6144 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-28 13:48:28 +00:00
teastep
da503e4b07 Create 'add_commands'; revise handling of 'detect' in the masq ADDRESSES column
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6135 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-27 16:18:42 +00:00
teastep
69be038583 Fix setting of ORIGINAL_POLICY_MATCH
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6134 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-27 15:15:13 +00:00
teastep
213eca848a Fix another masq ipsec option handling bug -- take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6133 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-27 15:06:17 +00:00