holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
10,664 Commits 104 Branches 736 Tags 54 MiB
dbf5f17b41
Commit Graph

4305 Commits

Author SHA1 Message Date
Tom Eastep
dbf5f17b41 More tweaks to switch implementation. 
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-24 07:34:58 -07:00
Tom Eastep
40bc6df07a Correct handling of SWITCH column 
- Handle exclusion
- Correctly detect CONDITION_MATCH at compile time
- Include condition match in the filter part of a NAT rule

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-23 15:01:40 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-23 12:33:55 -07:00
Tom Eastep
75b4540d26 Add support for condition match in the rules file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-21 15:20:50 -07:00
Tom Eastep
7978993d2b Validate NET2 in IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-20 16:24:39 -07:00
Tom Eastep
d005536fcc Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-20 16:20:34 -07:00
Tom Eastep
a5e05c9e8e Don't allow long port lists or icmp lists in netmap 2011-09-19 13:27:27 -07:00
Tom Eastep
990d6e504d Correct icmp-type and icmpv6-type 2011-09-19 10:05:58 -07:00
Tom Eastep
fd1e996fb1 Correct call to dest_iexclusion() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-19 08:28:29 -07:00
Tom Eastep
e01276225c Correct port order in the netmap file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-19 06:17:02 -07:00
Tom Eastep
c2bcb08483 Add 'i' versions of exclusion functions. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-18 14:12:22 -07:00
Tom Eastep
95a83f7fdf Allow exclusion in the netmap file's NET1 column 2011-09-17 09:20:15 -07:00
Tom Eastep
5aac5870a1 Call setup_netmap if IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-17 07:31:18 -07:00
Tom Eastep
86847957bf Merge branch '4.4.23' 2011-09-16 09:03:43 -07:00
Tom Eastep
76fc55d750 Fix TC_ENABLED=Shared 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-16 06:50:34 -07:00
Tom Eastep
be1765f44d Don't emit 'enable' code for required providers 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-15 14:46:29 -07:00
Tom Eastep
fcb8fa79c0 Don't emit 'enable' code for required providers 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-14 08:25:47 -07:00
Tom Eastep
e1afc645ba Allow IPv6 stateless NAT (undocumented) 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-14 08:24:44 -07:00
Tom Eastep
fe9df4dfd1 Remove interface weight file if not balance or default. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-14 06:24:22 -07:00
Tom Eastep
8fe6425690 Correct DONT_LOAD 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-13 07:42:26 -07:00
Tom Eastep
ab1fac3fc6 Add some comments to getparams 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-11 09:52:12 -07:00
Tom Eastep
d4b37d1c52 Better way of handling environmental variables with embedded quotes. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-10 15:46:26 -07:00
Tom Eastep
fb6d4ffaf9 Merge branch '4.4.23' 2011-09-10 08:34:45 -07:00
Tom Eastep
8ce60ce825 Don't emit dangerous %ENV entries to the generated script 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-10 08:18:46 -07:00
Tom Eastep
7ed52360d5 Set all interfaces's 'routefilter' option if ROUTE_FILTER=on 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-07 12:19:13 -07:00
Tom Eastep
6f2fd75a8c Merge branch '4.4.23' 2011-09-07 11:14:11 -07:00
Tom Eastep
5f85646418 Fix disable of last balanced route 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-07 07:00:18 -07:00
Tom Eastep
6ae184ccc7 Update the released netmap file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-06 15:36:33 -07:00
Tom Eastep
b19a6f0bfd Merge branch '4.4.23' 2011-09-05 17:25:03 -07:00
Tom Eastep
77ca62835f Add PROTO and PORTS columns to netmap 2011-09-05 12:33:42 -07:00
Tom Eastep
02009ee060 Set 'use_..._chain' on interfaces with sfilters 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-05 06:23:18 -07:00
Tom Eastep
2285dce4d1 Fix debugging of ipv6 ruleset 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-03 13:58:05 -07:00
Tom Eastep
058b746f57 Use /sys/module/ to speed up module loading 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-03 11:49:31 -07:00
Tom Eastep
29e0f57928 Cosmetic/readability changes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-03 08:44:15 -07:00
Tom Eastep
d1fea7c682 Correct 'disable' with dynamic gateway 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-02 11:01:06 -07:00
Tom Eastep
46d9faa63a Correct sed invocation in add_gateway() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-02 10:28:41 -07:00
Tom Eastep
a63d4dad44 More sfilter tweaks 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-02 08:41:42 -07:00
Tom Eastep
6afd18646d Remove backslashes from routes before processing them. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-02 08:41:15 -07:00
Tom Eastep
f5c2e9b211 Make the sfilter logic cleaner and add a comment 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-01 14:15:15 -07:00
Tom Eastep
a0bbd72a39 Avoid a calculation in a loop in the generated code 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-01 06:06:50 -07:00
Tom Eastep
3fa646845f Fix busybox anomaly 2011-08-31 16:38:58 -07:00
Tom Eastep
82a806d788 Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-31 07:58:51 -07:00
Tom Eastep
b8951259bd Avoid emitting out-of-function statements. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-30 16:55:44 -07:00
Tom Eastep
78a25bb51b Avoid undefined value error. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-30 16:43:38 -07:00
Tom Eastep
abdd6bec27 More corrections to undo_routing 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-30 09:31:06 -07:00
Tom Eastep
3031c37edd Handle routes and rules for main and default 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-29 10:05:36 -07:00
Tom Eastep
45bc3a7ea0 Split add_a_provider() into two functions. 
- Avoid generating add_xxx_routes() and add_xxx_rules
- Only configure tc during 'enable'
- Fix a bad bug (routes were actually rules)

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-28 08:04:06 -07:00
Tom Eastep
65fe958e8e Split add_a_provider() into two functions. 
- Avoid generating add_xxx_routes() and add_xxx_rules
- Only configure tc during 'enable'
- Fix a bad bug (routes were actually rules)

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-28 07:54:47 -07:00
Tom Eastep
90f83fd9fd Clear device TC on 'disable' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-08-27 12:33:24 -07:00
Tom Eastep
ed7d70e54b Merge branch 'EdW' 2011-08-27 11:45:37 -07:00