shorewall_code

Author	SHA1	Message	Date
Tom Eastep	1ad796ba5d	Add Warning to Squid document Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-02 18:11:42 -07:00
Tom Eastep	c8e2b4ae28	Add Shared Configs Document Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-02 18:11:16 -07:00
Tom Eastep	1e2030fd6f	Document leading "+" in inline matches Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-22 13:56:39 -07:00
Tom Eastep	708644f7c9	Clarify isusable and persistent providers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-21 14:26:11 -07:00
Tom Eastep	d8ef934f24	Consolidate manpages between Shorewall and Shorewall6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-16 15:01:41 -07:00
Tom Eastep	b1ba05db2b	Correct handling of port ranges and port variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 17:07:55 -07:00
Tom Eastep	28e3218041	Update the copyrights on the two- and three-interface HOWTOs Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-11 15:51:28 -07:00
Matt Darfeuille	749c8047d8	Explain the 'ipset' package Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Roberto C. Sánchez <roberto@connexer.com>	2017-04-05 11:50:36 -04:00
Tom Eastep	a00f2e6365	Update Copyright on the Documentation Index Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-31 20:34:43 -07:00
Tom Eastep	a79dc194a4	Re-factor the directive message change - results in much more compact code - Document change in the config basics doc Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-18 11:42:53 -07:00
Tom Eastep	ccf9d73c72	Clarify line continuation WRT params and .conf Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-17 19:13:29 -07:00
Tom Eastep	037fe490f3	Process config options in file order during update. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-12 17:09:41 -07:00
Tom Eastep	5729be6431	Add dropInvalid to BLACKLIST_DEFAULT Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-10 09:06:41 -08:00
Tom Eastep	1a381f717c	Revert "Remove Multicast from the shorewall6.conf samples" This reverts commit `655f260cb6`.	2017-03-10 08:54:05 -08:00
Tom Eastep	655f260cb6	Remove Multicast from the shorewall6.conf samples Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-09 13:16:52 -08:00
Tom Eastep	d20ad64739	Correct FAQ 1e Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-25 08:54:14 -08:00
Tom Eastep	c4f21ffefb	Additional documentation changes. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-15 13:11:52 -08:00
Tom Eastep	944888c04f	Handle broadcast and muticast separately Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-15 10:16:20 -08:00
Tom Eastep	7e984af094	Some cleanup of policy actions - Allow '+' in policy file action list Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-07 13:19:53 -08:00
Tom Eastep	e91f414223	Document policy action changes Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 17:09:23 -08:00
Tom Eastep	e45b96ca20	Update blacklisting article: - ipset-based blacklisting - BLACKLIST policy and action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-26 13:17:11 -08:00
Tom Eastep	889ca756a1	Document @action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 08:58:42 -08:00
Tom Eastep	45b9ddf188	Add BALANCE_PROVIDERS option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-17 08:58:09 -08:00
Tom Eastep	2d16fac9ed	Revert "Implement USE_DEFAULT_RT=Exact" This reverts commit `2ca1ae734a`.	2017-01-17 08:25:33 -08:00
Tom Eastep	2ca1ae734a	Implement USE_DEFAULT_RT=Exact Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-14 08:14:08 -08:00
Tom Eastep	a15b2918a4	Remove ipsec-tools/Racoon config info from the IPSEC-2.6 Article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-08 13:32:34 -08:00
Tom Eastep	75a9e45caf	Documentation cleanup - Update Copyright years - Tweaks to the Anatomy article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-02 09:17:59 -08:00
Tom Eastep	26f181ef2a	Add SERVICEDIR to the init file paragraph titles Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-29 14:28:46 -08:00
Tom Eastep	b0ea9db0bd	Update the Anatomy article for 5.1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-28 11:28:09 -08:00
Tom Eastep	7a3865bcfc	Eliminate duplicate id tags in the Anatomy article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-28 11:24:30 -08:00
Tom Eastep	7b96d41065	Correct typo in the Shorewall 5 article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-24 13:01:44 -08:00
Tom Eastep	dcade04fba	Update Shorewall5 article for 5.1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-20 08:38:49 -08:00
Tom Eastep	273b02c6da	Add IPCOMP information to the IPSEC article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-17 12:31:17 -08:00
Tom Eastep	e98abac706	Define MYNET in the QOS example Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-12-12 09:35:03 -08:00
Roberto C. Sánchez	8a6dcc469b	Fix typo	2016-11-21 11:59:57 -05:00
Tom Eastep	3a70185284	A couple of documentation updates - Anatomy - Bridge (Perl) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-31 11:09:06 -07:00
Tom Eastep	174f46f3e6	More snat documentation changes Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-28 14:56:44 -07:00
Tom Eastep	1a06765d14	Add Bill Shirley's logging suggestions to the logging article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-26 16:06:15 -07:00
Tom Eastep	21877d5fcb	Force a reload when enabling an interface whose IP address has changed Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-26 13:39:50 -07:00
Tom Eastep	ee8ffc3ceb	Add SNAT action example to the Actions article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-25 10:57:32 -07:00
Tom Eastep	6e30c286c3	Reword Address Variable Warning Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-22 19:06:56 -07:00
Tom Eastep	9c749731c5	Add caution regarding Address Varibles Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-22 14:39:40 -07:00
Tom Eastep	5b5f91f75f	SNAT option documentation Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-18 15:32:22 -07:00
Tom Eastep	05dbfbb988	Restrict hypen as range separator to use with integers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-16 13:26:44 -07:00
Tom Eastep	2ca86d9abd	Merge branch '5.0.13'	2016-10-16 10:22:12 -07:00
Tom Eastep	ef0253905a	More document updates for the snat file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-15 16:16:30 -07:00
Tom Eastep	026c30cfff	Update the documentation for /etc/shorewall/snat Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-15 13:52:28 -07:00
Tom Eastep	b5906812a2	Accept '-' as the separator in a port range. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-14 10:10:03 -07:00
Tom Eastep	289825a76f	Update to logging article - correct a typo - recommend using NFLOG rather than ULOG	2016-10-12 10:02:59 -07:00
Tom Eastep	0bf5ca7e0c	Rename lsm->foolsm in MultiISP article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-10-07 08:01:11 -07:00
Tom Eastep	0f287dfe60	Add 'reload' to config basic document as appropriate Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-09-24 08:05:47 -07:00
Tom Eastep	ef4b1c2030	Add a TIME Columns section to the config file basics doc Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-09-22 15:45:18 -07:00
Tom Eastep	3954636fb5	Document 'comment' in the alternate input format Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-09-01 14:46:54 -07:00
Tom Eastep	d3591c071d	Correct dump instructions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-08-02 09:23:49 -07:00
Tom Eastep	65d5249bd8	Link to Digimer's article on Shorewall/REL7 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-07-07 12:44:28 -07:00
Roberto C. Sánchez	0364c15be1	Fix typos, thanks to Marco Di Cerbo for reporting them	2016-07-06 08:46:32 -04:00
Tom Eastep	094fd8129c	Update copyright and version info in the config basics doc Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-06-25 12:11:34 -07:00
Matt Darfeuille	0925636995	(Fwd) [Shorewall-users] Shorewall-lite on OpenWRT On 7 Jun 2016 at 8:21, Tom Eastep wrote: > On 06/07/2016 06:40 AM, Matt Darfeuille wrote: > > On 5 Jun 2016 at 12:53, Tom Eastep wrote: > > > >> On 06/05/2016 12:33 PM, Matt Darfeuille wrote: > >>> On 5 Jun 2016 at 7:57, Tom Eastep wrote: > >>> > >>>> On 05/29/2016 02:00 AM, Matt Darfeuille wrote: > >>>> > >>>> Hi Matt, > >>>> > >>>>> > >>>>> -------------- Enclosure number 1 ---------------- > >>>>> >From 6ff651108df33ab8be4562caef03a8582e9eac5e Mon Sep 17 00:00:00 2001 > >>>>> From: Matt Darfeuille <matdarf@gmail.com> > >>>>> Date: Tue, 24 May 2016 13:10:28 +0200 > >>>>> Subject: [PATCH 1/8] Emulate 'ps -p' using grep to work on openwrt > >>>>> > >>>>> Signed-off-by: Matt Darfeuille <matdarf@gmail.com> > >>>>> --- > >>>>> Shorewall-core/lib.common \| 2 +- > >>>>> 1 file changed, 1 insertion(+), 1 deletion(-) > >>>>> > >>>>> diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common > >>>>> index 03ecb2a..fcb02ee 100644 > >>>>> --- a/Shorewall-core/lib.common > >>>>> +++ b/Shorewall-core/lib.common > >>>>> @@ -776,7 +776,7 @@ mutex_on() > >>>>> error_message "WARNING: Stale lockfile ${lockf} removed" > >>>>> elif [ $lockpid -eq $$ ]; then > >>>>> return 0 > >>>>> - elif ! qt ps p ${lockpid}; then > >>>>> + elif ! qt ps \| grep -v grep \| grep ${lockpid}; then > >>>> > >>>> I don't see how this can work -- 'qt ps' will produce no output yet the > >>>> code pipes into tandem greps. > >>>> > >>>> Do you really want this instead? > >>>> > >>>> elif ! ps \| grep -v grep \| qt grep ${lockpid}; then > >>>> > >>> > >>> Oops sorry Tom, that's what I meant(do you want the corrected > >>> patch?)! > >> > >> Yes, please. > >> > > > > Tom, along with correcting this faulty commit I realize, after some > > more testing, that I've also sent unnecessary commits. > > > > Should I revert these 3 commits(git revert ...): > > Set proper permissions for the LOCKFILE on openwrt > > 2ded346cb557212389212fd5adcd4c6800edbb62 > > Create lockfile before using openwrt's lock utility > > 08e8796ff1abc3b24b8bbd40bf5e0a2b36464d61 > > Emulate 'ps -p' using grep to work on openwrt > > 6ff651108df33ab8be4562caef03a8582e9eac5e > > > > or should I simply create new commits that will correct these faulty > > commits? > > > > In other words what's the best way to correct submited commits. > > > > Matt, > > Either way is fine. > Hopefully these 3 commits will do it(code-fixes.patch): Patch 1 will correct the error you have point out! On OpenWRT the lock utility doesn't allow to append the pid of the currently running script to the LOCKFILE that's why I've simply deleted that line(patch 2). I've also reordered the permissions line to be added after the line that will lock the file specified by the LOCKFILE variable(patch 3). and two other patches: While installing shorewall-init using the DESTDIR variable on debian, 'mkdir' would complain if the directory ${DESTDIR}/${etc}/default already exist; corrected using 'mkdir -p ...'(patch 4). The last patch will correct a typo in the blacklisting_support article. -Matt -------------- Enclosure number 1 ---------------- >From 1a2ff15c8dc994030e819d2882570d188b99c501 Mon Sep 17 00:00:00 2001 From: Matt Darfeuille <matdarf@gmail.com> Date: Wed, 8 Jun 2016 09:09:46 +0200 Subject: [PATCH 1/5] Correct pid detection mutex_on() Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-06-08 15:40:48 -07:00
Tom Eastep	2809d6896c	Clarify dynamic sub-zones Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-05-18 08:20:23 -07:00
Tom Eastep	1d066bdfa4	Minor updates to the Shorewall 5 article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-05-18 08:19:47 -07:00
Tom Eastep	590243a787	Add NFLOG as a supported mangle action - Also document nflog-parameters - Correct range of nflog groups Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-05-03 11:27:34 -07:00
Tom Eastep	d959fd4445	Fix link Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-30 08:37:20 -07:00
Tom Eastep	200ad3f874	Correct typos in the Events article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-25 09:00:45 -07:00
Tom Eastep	ab95607f5f	Document ?WARNING and ?INFO Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-18 14:47:08 -07:00
Tom Eastep	549af8b402	Update config files where address and gateway variables can be used Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-15 10:51:39 -07:00
Tom Eastep	541ecb67b4	Update dhcp article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-13 17:36:56 -07:00
Tuomo Soini	6366fb40cf	ProxyARP.xml: fix proxyndp sample column matching Signed-off-by: Tuomo Soini <tis@foobar.fi>	2016-04-06 12:00:41 +03:00
Tom Eastep	646572098c	Update IPv6 Article - Remove 'No NAT' bullet Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-04 12:55:37 -07:00
Tom Eastep	ebf55a84f0	Correct trace instructions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-04-03 12:47:28 -07:00
Tom Eastep	89adc3ea68	Use an address variable rather than find_first_interface_address() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-26 13:13:15 -07:00
Tom Eastep	8a6941707a	Updates to the config basics article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-26 09:01:02 -07:00
Tom Eastep	0b049a55e0	Correct Three-interface doc. - find_interface_address -> find_first_interface_address	2016-03-25 09:34:49 -07:00
Tom Eastep	5fc391cb58	Document passed() in the config basics document Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-15 15:19:21 -07:00
Tom Eastep	a50c52675b	Correct a comment Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-12 15:08:04 -08:00
Tom Eastep	ec9148637f	Inline mangle actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-09 10:28:02 -08:00
Tom Eastep	c5bb04dcb2	Add FAQ 1105 (Wifidog) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-05 14:41:30 -08:00
Tom Eastep	d4e2508a90	Clarify USE_DEFAULT_RT Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-03-04 14:26:42 -08:00
Tom Eastep	5b163e9bc2	Save/restore docker0 rules when it isn't defined to Shorewall Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-27 14:09:29 -08:00
Tom Eastep	71d64ab380	Add DOCKER network support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-27 13:36:47 -08:00
Tom Eastep	64de3d0e83	Add Docker article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-26 15:30:39 -08:00
Tom Eastep	6c88eb6916	Add an ECN action to shorewall-mangle(8) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-26 09:33:16 -08:00
Tom Eastep	f265596613	Add sample ulogd.conf file to the logging article Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-25 14:01:37 -08:00
Tom Eastep	2ee1d11f94	Cleanup of ORIGINAL DEST column references Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 12:40:36 -08:00
Tom Eastep	016acfb9de	Final cleanup of PORT(S) column headings Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 12:31:53 -08:00
Tom Eastep	665381f194	Remove 'LAST LINE' anachronisms Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 12:04:32 -08:00
Tom Eastep	b6af7a0ebb	Update the packet marking article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 11:16:24 -08:00
Tom Eastep	839f7f3329	Correct policy file column heading names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 11:04:20 -08:00
Tom Eastep	0a73d365dd	Update three-interface guide for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 11:02:48 -08:00
Tom Eastep	749fdfa5af	Update Xen articles for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:46:36 -08:00
Tom Eastep	e36bf75f9f	Update the whitelisting article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:29:41 -08:00
Tom Eastep	bc50c45e63	Update the Vserver article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:26:10 -08:00
Tom Eastep	9203c8a4a9	Update the VPN Basics document for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:23:24 -08:00
Tom Eastep	02ab9cd4ac	Update the UPnP doc for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:19:27 -08:00
Tom Eastep	1dff1444dd	Update the Universal guide for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:17:34 -08:00
Tom Eastep	3562a5b1bd	Update the two-interface guide for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:17:20 -08:00
Tom Eastep	b73fb58745	Update the Traffic Shaping article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 10:17:05 -08:00
Tom Eastep	26f760b761	Update start/stop article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 09:57:15 -08:00
Tom Eastep	b95a15631c	Update standalone article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 09:51:16 -08:00
Tom Eastep	60f319a718	Update Simple Bridge article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 09:46:23 -08:00
Tom Eastep	ce47ea7ec7	Update simple TC article for 5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2016-02-19 09:33:19 -08:00

1 2 3 4 5 ...

2109 Commits