Commit Graph

334 Commits

Author SHA1 Message Date
teastep
275a8ca33f Don't whine about LOG policy rule; Accept RELATED connections during [re]start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@587 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 01:01:48 +00:00
teastep
1c2f75656d More cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@585 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 22:01:50 +00:00
teastep
70d8293d88 Re-add logging code that was mistakenly deleted
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@584 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 19:26:56 +00:00
teastep
2bdcada874 Fix routestopped; minor fix in rules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@583 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 18:08:35 +00:00
teastep
184d7aac40 More cleanup of rules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@581 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 18:14:57 +00:00
teastep
18cfd011c3 A small cleanup of the rules parsing code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@580 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 16:51:34 +00:00
teastep
89bb721da4 More ORIGINAL DEST fixes; restore last 'Hits' report
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 03:14:20 +00:00
teastep
e3bafeecaa Make excludehosts work for OUTPUT; correct destination in DNAT rule
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@578 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-31 16:34:17 +00:00
teastep
d9268be1c4 List on original dest; debugging try
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@577 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-31 15:29:14 +00:00
teastep
df6a59cf68 Shorewall-1.4.4b
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@575 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-29 14:43:47 +00:00
teastep
e70a63f267 Shorewall-1.4.4a
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@573 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-28 19:20:23 +00:00
teastep
59660f2576 Restore 5-character zone name capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@572 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-27 17:49:13 +00:00
teastep
66337f3cda Restore 5-character zone name capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@570 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-27 17:42:12 +00:00
teastep
09392c88d3 Move DNAT and REDIRECT logging to the nat table
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@567 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-22 20:37:24 +00:00
teastep
e33573eff9 Change LOGMARKER/LOGFORMAT Implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@566 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-21 21:36:05 +00:00
teastep
c15c93c7d1 Implement REDIRECT-
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@564 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-20 23:27:11 +00:00
teastep
019fc32d26 Enable loopback interface earlier in startup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@550 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-16 15:19:57 +00:00
teastep
bbcbbca6b8 Implement LOGMARKER variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-25 16:22:18 +00:00
teastep
554970dcc4 Correct Syntax Error
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@544 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-21 23:04:52 +00:00
teastep
f404c75b2f Add 6to4 tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@543 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-21 15:12:59 +00:00
teastep
99cb231761 Remove temporary directory at completion of 'add' and 'delete' commands
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@541 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-18 03:09:51 +00:00
teastep
8b5cadbdff Add a catchall rule for old REJECT handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@539 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-16 16:54:46 +00:00
teastep
a7cd930b96 Add comments to REJECT improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@538 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-14 01:01:01 +00:00
teastep
d44564fab8 Improve REJECT processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@537 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-14 00:47:47 +00:00
teastep
850f18bea6 Make a more conservative patch to fix the 'traceroute -I' problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@531 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-01 14:58:47 +00:00
teastep
e16e47893d Add 'routeback' option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@530 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-01 02:00:37 +00:00
teastep
02a42e2fb0 INCLUDE directive; make 'traceroute -I' work again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-29 14:37:50 +00:00
teastep
b49e944321 Remove trailing white space
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@526 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:56:31 +00:00
teastep
777202cb11 Remove superfluous -s specification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@525 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:55:16 +00:00
teastep
b5d3078fa6 Add intermediate input chain for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@524 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:02:29 +00:00
teastep
886ad1e547 Add intermediate input chain for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@523 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:01:53 +00:00
teastep
1a36e13f8c Fix 'check' command shell message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@522 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-23 23:53:10 +00:00
teastep
04d78dc49f Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@517 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:49:40 +00:00
teastep
526f0f9eb8 Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:47:19 +00:00
teastep
cb5d9460b8 Cleanup new policy code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@514 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:25:17 +00:00
teastep
e6d9dda852 Cleanup new policy code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@513 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:23:03 +00:00
teastep
5be79ecde7 NONE Policy; Allow Intrazone connections; no bounce rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@510 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 04:14:20 +00:00
teastep
8556250875 Only check 'ipchains' module on start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-11 15:45:29 +00:00
teastep
8918a72c13 Ignore default route when detecting masq networks; refuse to start with ipchains module loaded
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@497 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-11 14:55:01 +00:00
teastep
0d7c31371a Restore the 'check' command to the comments in the 'firewall' script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@496 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-10 00:47:12 +00:00
teastep
7fab125525 Drop INVALID state packets; rate limit NEWNOTSYN logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@495 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-10 00:41:39 +00:00
teastep
e2748d3245 More SHARED_DIR changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@489 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 18:01:32 +00:00
teastep
6a478754ac Remove SHARED_DIR from shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@488 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 17:55:34 +00:00
teastep
4a173940b2 Add log limiting to 'logdrop' chain and optimize code that deletes temporary rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 15:48:07 +00:00
teastep
c67ef5582c Remove two superfluous calls to determine_zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@484 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-07 00:30:39 +00:00
teastep
09fc5e317a Process params file before shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@482 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-06 23:21:25 +00:00
teastep
4c2b1406de Remove unused function
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@478 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-28 15:33:40 +00:00
teastep
2894700fcf Re-add 'check' -- delete trailing white space
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@475 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-27 22:28:06 +00:00
teastep
a9d201f4f6 Print the name of the ECN file during processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-25 23:35:22 +00:00
teastep
5f0d26d1b9 Remove 'check' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@470 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-25 16:21:41 +00:00
teastep
99bcc9cc39 Alloc null second column in ecn file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@469 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-24 15:35:50 +00:00
teastep
08ec9ac4e0 Validate interface names in ecn file; confirm additions to ECN control chain; update to Beta2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@468 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-24 15:24:55 +00:00
teastep
5a778540da Tweak the comma-separated list parsing fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@466 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 14:22:14 +00:00
teastep
21cb22303f 1) Remove trailing white space.
2) Improve detection of white space in comma-separated lists.
3) Fix a typo in the INSTALL file.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@464 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 14:10:37 +00:00
teastep
9b98ecbff5 final 1.4.0 Beta1 Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@461 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-21 22:55:36 +00:00
teastep
fe9b56090c Remove call to undefined function 'validate_bounce_file'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-21 17:00:10 +00:00
teastep
6cabdfae5d More 1.3.14 Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-19 23:52:03 +00:00
teastep
5fe2bef29e Remove icmp.def; change versions to 1.4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-15 00:09:44 +00:00
teastep
b5c7f91e5a Run user init script before stripping files; improve comment in hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@445 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-13 14:59:34 +00:00
teastep
92fc84ac14 Outbound ICMP no longer unconditionally accepted
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@444 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-11 01:34:52 +00:00
teastep
ef51c04d1d Shorewall 2.0.0 Alpha1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-08 20:58:44 +00:00
teastep
f9918b0da8 Correct rule number calculation in 'shorewall add' code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-08 20:44:00 +00:00
teastep
5b9a57d49e Changes for 1.3.14 RC1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-04 16:59:49 +00:00
teastep
5aeecee8ab Add openvpn tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@426 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-31 19:10:22 +00:00
teastep
4cf3600e5c Update copyrights
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@425 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-31 18:04:57 +00:00
teastep
45879f20f3 Beta 2 update
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@423 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-29 02:56:39 +00:00
teastep
fd37bd4c59 Fix VLAN Broadcast detection
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@422 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-28 14:44:40 +00:00
teastep
bf4ccb8d7a Restore support for VLAN devices
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@420 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-27 02:54:43 +00:00
teastep
cd1417ec17 Clean up release notes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-26 01:00:22 +00:00
teastep
4964497aa3 Allow labels for aliases added under ADD_SNAT_ALIASES; improve masquerade algorithm
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@417 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 23:43:22 +00:00
teastep
5b101f3a81 Use the routing table rather than the ip configuration to determine masquerading
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@416 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:59:49 +00:00
teastep
94c5455c9e Masquerade from all primary subnets when an interface name is in the second column of masq file entry
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@415 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:47:22 +00:00
teastep
43cc73ef47 Allow creation of an alias label when ADD_IP_ALIASE=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 19:42:23 +00:00
teastep
0bd0a3672e Allow specification of marking chain in TC rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 23:18:40 +00:00
teastep
a0cb5de22c Make FORWARDPING=Yes verboten under OLD_PING_HANDLING=No; make 'list' a synonym for 'show' in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@410 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 01:13:36 +00:00
teastep
7fe133fe4a Add OLD_PING_HANDLING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@406 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-21 00:34:00 +00:00
teastep
3b29150cb2 Fix bug in 'shorewall add' re 'find_interfaces_by_maclist'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@405 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-20 23:06:55 +00:00
teastep
bdcf22b4f8 Add NAT support with remote IPSEC zone; add UDP 4500 to ipsecnat support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@398 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-07 16:26:41 +00:00
teastep
feb0752113 Allow shared files to be moved easily
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@397 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 23:01:23 +00:00
teastep
a28dac71ec Update release notes comment -- allow '-' in ORIGINAL DEST column for consistency
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 14:12:59 +00:00
teastep
305c43fea2 Fix RFC1918_LOG_LEVEL
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@394 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-03 17:48:11 +00:00
teastep
b1fb6bd72c Add CLEAR_TC option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 16:04:31 +00:00
teastep
9ebd6ceaae Exit status 255 from tcclear indicates that Shorewall should not clear tc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@391 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 03:50:05 +00:00
teastep
144c9ab576 Add DNAT- action; 'shorewall check' prints policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@390 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 01:10:28 +00:00
teastep
6ec62fd189 Fix bug in blacklist logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@381 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-22 05:26:20 +00:00
teastep
ba05611498 Fix bad bug in find_hosts_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@376 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 21:10:53 +00:00
teastep
43b6a8acc8 Change comment on SPT=0 trap
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@375 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 01:13:41 +00:00
teastep
ad6a24aa3f a) fix a silly bug and b) avoid calling separate_list on an already separated list
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 21:30:58 +00:00
teastep
97c6eae79e Release 1.3.12-Beta1 Changes; bug fix from Tuomo Soini
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 20:14:10 +00:00
teastep
c9a1bff975 More Cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 23:56:34 +00:00
teastep
efb857df9d Fix a couple of bugs in recent changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:58:21 +00:00
teastep
852217c510 Break 'run_iptables' into two functions - only run_iptables2 checks for \!
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@369 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:26:03 +00:00
teastep
fa843d4139 Allow marking packets in the FORWARD chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@368 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-16 19:25:20 +00:00
teastep
ede456adf6 Restore fw->fw redirection; Check for SPT=0 in SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@367 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-14 15:44:26 +00:00
teastep
b9891e08e2 Add ULOG Support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@362 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-13 03:23:46 +00:00
teastep
faa859e84a Added error message for MAC address in rule destination
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 22:48:04 +00:00
teastep
39da3ef60f Remove redundent function - add some comments
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 16:03:26 +00:00
teastep
1fa9316550 Yet another speed improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@357 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-09 02:42:28 +00:00
teastep
46e306eba9 Correct wording of an error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 23:33:26 +00:00
teastep
14b0682723 More [re]start speedups
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@355 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 03:21:32 +00:00
teastep
2528043867 Speed up 'separate_list'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@354 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-06 00:31:49 +00:00
teastep
992cc301a7 Generate error if 'lo' is defined in the interfaces file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@353 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 17:29:56 +00:00
teastep
7a1aa39f95 Speed up running of iptables
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@351 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 00:18:47 +00:00
teastep
14a20ece71 a) Rewrote 'list_count' to not require 'wc'
b) Turn off trace after error
c) Allow output ICMP unconditionally again


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@350 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 23:53:03 +00:00
teastep
0f33d5af0d Refresh also refreshes traffic control/shaping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@349 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 21:17:14 +00:00
teastep
94cc75b63a Fix bug in NAT exclusion -- Roger Aich
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@344 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-27 19:16:06 +00:00
teastep
9a8d39bdd5 Add reverse GRE rules for PPTP server and clients
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@337 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-24 18:40:51 +00:00
teastep
dc0c17f075 Minor firewall cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@334 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-13 00:57:48 +00:00
teastep
871eeffa2c Revise 'all' in rules to never apply to intra-zone traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@333 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 19:47:34 +00:00
teastep
9483f891fc Allow 'all' in rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@332 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 19:21:47 +00:00
teastep
0ad28aae80 Correct fw->fw rule catcher
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@331 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 18:24:38 +00:00
teastep
a511b9b485 Check for fw->fw rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@330 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 17:38:40 +00:00
teastep
18a6aff46a Add some comments in the policy chain creation/population logic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@327 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 03:41:42 +00:00
teastep
b8f806e625 Accomodate bash clones like dash and ash
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@325 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-10 23:15:53 +00:00
teastep
8c3af56566 Add TCP Flags Checking
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@324 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-10 21:34:20 +00:00
teastep
c44cb44f7c Verify interface names in the SOURCE column of /etc/shorewall/tcrules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@318 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-09 15:56:29 +00:00
teastep
507fa8069d Cosmetic cleanup in firewall script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@317 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-03 15:42:23 +00:00
teastep
5ff9d1a888 Clear nat and mangle counters during 'shorewall reset'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@316 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-30 15:56:46 +00:00
teastep
eef8a3dc72 Improve comments in interfaces file re: use of aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@314 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-29 01:36:06 +00:00
teastep
01a78306cf Update release and changelog files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@312 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-24 00:47:43 +00:00
teastep
0eda4bab27 Conserve space by removing comment decorations
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@311 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 16:48:40 +00:00
teastep
a997c16a42 Clean up MAC Verification Code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@310 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 15:58:53 +00:00
teastep
d26c6a5e92 Extend 'maclist' to the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@309 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 01:22:48 +00:00
teastep
347fc0da18 Adjust insertion points for dynamic zone rules based on MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@308 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 18:33:37 +00:00
teastep
cd555022bf Add MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@306 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 18:07:52 +00:00
teastep
9f691d20e4 Allow SNAT using primary IP and ADD_SNAT_ALIASES=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 00:13:24 +00:00
teastep
42d7503984 Give better error message when getting the IP of a down interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-21 18:13:28 +00:00
teastep
23f6bb2371 Move the main firewall script to /usr/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@297 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-15 15:00:11 +00:00
teastep
c1d99fe769 Add support for PPTP client and server on the Firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@295 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-14 22:26:28 +00:00
teastep
912681428b Tone down ipsecnat rules a bit
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@294 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-11 17:19:06 +00:00
teastep
2c41dc5154 Add IPSECNAT tunnel type; correct typo in spec file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@293 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-10 13:29:06 +00:00
teastep
9c0ad6d495 Fix typo in firewall script (recalculate_interfacess)
Add PATH assignment to the install script
Correct 'functions' file handling in the install script


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@288 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-09 15:05:53 +00:00
teastep
38e5f236dc Remove iptables 1.2.7 hacks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@286 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-05 16:36:53 +00:00
teastep
46328322db Add some comments to the Dynamic Zone code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@282 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-02 01:24:57 +00:00
teastep
93db8120f9 Some optimizations to the Dynamic Zone code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@281 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:58:48 +00:00
teastep
e55951ba31 Fix typo
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@280 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:49:17 +00:00
teastep
09285f8c06 Fix rule insertion algorithms for Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@279 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:43:03 +00:00
teastep
8ff1919657 Correct typo in error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@278 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:01:34 +00:00
teastep
73ae96bb64 More fixes for Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@277 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 22:27:19 +00:00
teastep
1a0534f5c0 Corrections to Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@276 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 21:46:48 +00:00
teastep
129cedbe8f First implementation of dynamic zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@275 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 20:54:42 +00:00
teastep
e7c44ec80e Fix dumb bug in 1.3.9 Tunnel Handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@270 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-30 17:48:20 +00:00
teastep
85dfee1475 Remove after error exits
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-29 21:28:44 +00:00
teastep
c665fec5ef Cleanup of 1.3.9 for Bering
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@261 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-29 21:08:25 +00:00
teastep
86d7723602 Fix problems with oddball shells; updated documentation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@260 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-28 00:31:15 +00:00
teastep
f536d805b0 Move fireall, function and version to /usr/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@259 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-27 21:10:21 +00:00
teastep
de84a5a43e Don't insist on NEW state for odd protocols -- part 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@257 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-26 20:35:25 +00:00
teastep
ccf0e4d598 Don't insist on NEW state for odd protocols
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@256 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-26 20:28:49 +00:00
teastep
f2b2e84808 Add DNS Name support; remove startup_disabled on uninstall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@255 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-24 23:13:36 +00:00
teastep
7ff49f05b6 Prevent pre-configuration startup; change version to 1.3.9
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@250 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-19 20:40:10 +00:00