Commit Graph

289 Commits

Author SHA1 Message Date
Evangelos Foutras
3a64ef7d3a Set SBINDIR to /usr/bin in shorewallrc.archlinux
/usr/bin is the directory used for all binaries that were previously
installed to /bin, /sbin or /usr/sbin. This unification occurred in
Arch Linux in mid-2013, so might as well change it in Shorewall too.

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:08 -08:00
Evangelos Foutras
b746c9319f Rename SYSTEMDDIR to SERVICEDIR in shorewallrc.*
This was omitted from commit e3b1034 (Change SYSTEMDDIR to SERVICEDIR).

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:04 -08:00
Evangelos Foutras
6f81bb5c8e Fix setting of options[SERVICEDIR] in configure
The previous syntax resulted in:

  ./configure: line 199: [SERVICEDIR]=: command not found

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:00 -08:00
Tom Eastep
9598ac6fad Correct a couple of problems with -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 10:09:04 -07:00
Tom Eastep
8fb73026c8 Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
b7ab82dba4 Implement -f option in the -lite products' start command
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
54461a9a90 Correct indentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 12:29:45 -07:00
Tom Eastep
e3b10343a5 Change SYSTEMDDIR to SERVICEDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 11:56:26 -07:00
Tom Eastep
a5086f785f Avoid confusing output when 4.6.4 CLI executes a 'save'
- If a down-rev firewall is running, the savesets command produces
  confusing usage output

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-10 18:40:55 -07:00
Tom Eastep
815e93e80c Rename SYSTEMD to SYSTEMDDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 16:46:16 -07:00
Tom Eastep
4071b9d337 Update SuSE shorewallrc for SBINDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-30 16:16:33 -07:00
Tom Eastep
3858683e94 Allow saving a specified list of ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:19:41 -07:00
Tom Eastep
4495ed687b Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2014-09-23 07:10:46 -07:00
Tuomo Soini
8f05d0f16d install.sh: support install on centos7 and foobar7
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-09-23 13:19:09 +03:00
Tom Eastep
f9d98b74a2 Merge branch '4.6.2' into 4.6.3
Conflicts:
	Shorewall/Perl/Shorewall/Providers.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-16 08:09:20 -07:00
Tom Eastep
fc58dab66d Remove redundant 'run' command from help output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-02 12:57:04 -07:00
Tom Eastep
bf5be7198b Make dump work correctly on RHEL5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 16:18:42 -07:00
Tom Eastep
0bf80c15d8 Detect missing <commmand> in the generated scrip
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 11:35:32 -07:00
Tom Eastep
4e9a0b989d Update 'run' help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:46:28 -07:00
Tom Eastep
31e5aeeaea Refine the 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
a7b18ca875 Implement 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
cc935009ce Correct install problems under Cygwin
- configure.pl doesn't understand CYGWIN return from uname
- shorewall-core install.sh doesn't understand CYGWIN return from uname
- shorewall install.sh generates 'mkdir -p //etc/shorewall' which is
  broken under Cygwin

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-09 10:48:03 -07:00
Tom Eastep
50736fb8ae Correct last patch (s/-i/-x/)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:38:11 -07:00
Tom Eastep
a2e514c0ab Add the -i option to the 'show bl' help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:35:49 -07:00
Tom Eastep
6ad9b95351 Implement 'show bl'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 13:27:25 -07:00
Tom Eastep
ac4bf15606 Implement 'status -i'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 11:07:37 -07:00
Tom Eastep
e64a7feda2 Make 'show filters' work with Simple TC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 12:30:12 -07:00
Tom Eastep
d49d352d77 Improve the output of 'shorewall[6] show filters'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-23 09:26:12 -07:00
Tom Eastep
966926fac5 RHE7 support -- first cut
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-19 15:15:52 -07:00
Tom Eastep
3311bbd73a Merge branch '4.5.21' 2014-03-27 10:53:16 -07:00
Tom Eastep
9107259a56 Correct reporting of the REAP_OPTION capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-27 10:52:40 -07:00
Tom Eastep
8f36c080d0 Streamline the output of the status comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-27 10:44:08 -07:00
Tom Eastep
669d15e2cf Implement the -t update option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-15 09:36:13 -08:00
Tom Eastep
f140a8e7e2 Detect EMATCH in the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-03 12:03:22 -08:00
Tom Eastep
4daee95902 Merge branch '4.5.21' 2014-01-30 13:19:26 -08:00
Tom Eastep
245c64478c Correct 'add/delete' with a VLAN interface.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-30 13:18:05 -08:00
Tom Eastep
d44bc12df3 Merge branch '4.5.21' 2014-01-15 19:25:23 -08:00
Tom Eastep
6223bdd8e1 Add -m to the dump options in help output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-15 19:25:07 -08:00
Tom Eastep
dec088566b Merge branch '4.5.21' 2014-01-15 17:39:03 -08:00
Tom Eastep
6d8cadd152 Correct issues in the 'dump' command.
- the -x and -l options do nothing
- output of 'help' doesn't describe those options

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-15 17:38:39 -08:00
Tom Eastep
42dd8dfee9 Change license to GPLv2+ and update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-04 09:48:27 -08:00
Tom Eastep
1771bb75cf Finish ipset match option implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-02 14:43:55 -08:00
Tom Eastep
dd38cdc0f0 Merge branch '4.5.21' 2013-12-18 07:16:12 -08:00
Tom Eastep
a5e8bc6298 Apply Luigi's small fix for IPSET=
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-18 07:15:24 -08:00
Tom Eastep
6d72cb3138 Correct update inline
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 09:32:09 -08:00
Tom Eastep
9abe60bc27 Implement the -i option of upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 17:54:10 -08:00
Tom Eastep
bcb2573918 Don't try to get firewall version if not root
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:51:07 -07:00
Tom Eastep
66c2fca2b0 Eradicate the use of 'fgrep'
- Busybox on Leaf Bering does not have fgrep

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:15:08 -07:00
Tom Eastep
b6c3d9cae1 Avoid error message during initial install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 14:06:41 -07:00
Tom Eastep
20946f0711 Add Ubuntu support to configure
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 07:14:55 -07:00
Tom Eastep
faeea3bd8a Add Ubuntu support to Shorewall-core installer.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 07:05:06 -07:00
Tom Eastep
75f5d97657 Enhance 'shorewall capabilities' output for REAP_OPTION
Include 'REAP_OPTION' in parentheses.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 12:53:53 -07:00
Tom Eastep
8c4bbf0c85 Implement REAP_OPTION capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-07 07:54:52 -07:00
Tom Eastep
9c30105fff Display compiler version in the status and 'version -a' commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-30 15:59:42 -07:00
Tom Eastep
4524281163 Apply Thomas D's Gentoo support patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:22:52 -07:00
Tom Eastep
df028e420c Use 'ip neigh ls' when 'arp' isn't installed.
- From Martin Gignac

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:10:36 -07:00
Tom Eastep
ff634ac776 Use 'ss' rather than 'ss' in the 'dump' command.
- From Martin Gignac

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 06:55:04 -07:00
Tom Eastep
e46e059b87 Specify SYSCONFFILE for SuSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 08:04:36 -07:00
Tom Eastep
50411e638c Report the name of the SysV init file installed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-09 08:11:45 -07:00
Tom Eastep
39e348997f Add SERVICEFILE variable to shoreallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-18 14:27:26 -07:00
Tom Eastep
32763e998b Make -v work with the status command
- Also document exit status

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 06:52:46 -07:00
Tom Eastep
84e0c98c88 Remove debugging statement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-10 06:54:43 -07:00
Tom Eastep
5f63183247 More fixes to the configure script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 18:35:32 -07:00
Tom Eastep
189b81cd49 Correct more typos
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:56:48 -07:00
Tom Eastep
2f25584dee Correct another typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:50:43 -07:00
Tom Eastep
d127c90924 Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:50:30 -07:00
Tom Eastep
fc5c92cabc Use /etc/os-release to determine build host
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-08 17:44:40 -07:00
Tom Eastep
a10aea280b Add some abbreviations for common commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
5ba8df81fb Further improve readability of the show event[s] commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-13 09:08:50 -07:00
Tom Eastep
51d5ec6b2b Make the output of 'show event[2] understandable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 16:07:22 -07:00
Tom Eastep
5c7500e13e Display the current time as an integer in 'show event[s]' output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:46:08 -07:00
Tom Eastep
09240da55a Change the external name of MARK_ANYWHERE to 'Mark in the filter table'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:45:20 -07:00
Tom Eastep
89f16bdb37 Include a current time event in /proc/net/xt_recent/
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:14:22 -07:00
Tom Eastep
f99e20ee19 Allow 'show event[s]'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 19:21:56 -07:00
Tom Eastep
b639a18eb9 Simplify fix for -q
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 08:16:27 -07:00
Tom Eastep
3e1ed30f4e Make initial progress message obey VERBOSITY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 14:23:27 -07:00
Tom Eastep
f6a55bbf05 Allow the '-V' option in the CLI programs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-16 14:29:36 -07:00
Tom Eastep
c3901f1161 Release mutex on error.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-09 09:57:09 -07:00
Tom Eastep
3923092468 Take 2 on conditional compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-08 19:01:39 -07:00
Tom Eastep
56318e6cc8 Try to ensure that cp doesn't copy the firewall script to itself.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-06 09:22:16 -07:00
Tom Eastep
186f71fa96 Add NEW_TOS_MATCH capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-09 14:04:16 -07:00
Tom Eastep
b10218e773 Add a 'UDPLITE Port Redirection' capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 10:07:52 -07:00
Tom Eastep
e77ca971bd Avoid shell diagnostic in 'show capabilities' when no arptables installed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:48:10 -07:00
Tom Eastep
8442477224 Add Enhanced Multi-port match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:04:47 -07:00
Tom Eastep
418034579f Support IPv6 Masquerade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-27 09:25:26 -08:00
Tom Eastep
40865dce4d Correct 'not running' error message in enable/disable commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 16:32:17 -08:00
Tom Eastep
82f9ba8bb7 Correct detection of IPv6 PERSISTENT_SNAT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 12:59:38 -08:00
Tom Eastep
8ed6642387 Modify reload_command() and export_command() to directly call compiler()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-22 16:15:41 -08:00
Tom Eastep
bb5b6e42d6 Replace death sequences with calls to fatal_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-16 07:32:47 -08:00
Tom Eastep
430c69b8db Merge branch '4.5.13' 2013-02-15 18:23:45 -08:00
Tom Eastep
36db41457d Make 'version -a' work when not run by /sbin/shorewall.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 12:45:49 -08:00
Tom Eastep
138638cb1a Effectively use the specified directory as the CONFIG_PATH til .conf is read
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 07:45:24 -08:00
Evangelos Foutras
2d59f7e31a Tweak shorewallrc.archlinux configuration
Changes:

  - Remove reference to SysV init script
  - Define systemd system unit directory
  - Set SBINDIR to /usr/sbin
  - Unset BUILD; should be auto-detected

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-01 10:13:48 -08:00
Tom Eastep
38657d9f98 Support for arptables.
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
24c69f9efb Sort the output of 'show capabilities'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 11:09:18 -08:00
Tom Eastep
60012d1208 Add additional space for the OPTIONS column
- actions and actions.std problem

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:54:32 -08:00
Tom Eastep
8cbe26e32c Ignore 'inline' for certain actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 07:54:42 -08:00
Tom Eastep
6702bb1989 Revert condition initialization patch.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 07:31:29 -08:00
Tom Eastep
409c427134 Add support for future condition initial values.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-29 12:15:15 -08:00