teastep
370d61970a
Add FASTACCEPT option to accept ESTABLISHED/RELATED packets early
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 19:53:07 +00:00
teastep
68b39a07d9
Update for Shorewall 2.5.1
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2460 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-07 18:37:15 +00:00
teastep
f56e907907
Correct typo in /etc/shorewall/policy; Allow "all+" in SOURCE/DEST in /etc/shorewall/rules to enable intra-zone traffic
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2454 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-04 20:24:23 +00:00
teastep
ac1983a5da
Large cleanup patch from Tuomo Soini
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
b828793da9
Recombine the 'status' and 'state' commands
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2434 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-30 21:59:12 +00:00
teastep
86f20a374b
Little cleanup of release notes and /sbin/shorewall
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2431 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-29 19:06:37 +00:00
teastep
9feb547b6e
/sbin/shorewall status rework -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-29 18:32:50 +00:00
teastep
48502e75bb
Fix 'status' command in /usr/share/shorewall/firewall; try to make release notes clearer
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2429 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-28 20:22:25 +00:00
teastep
2a52d3342d
Fix Makefile; rename status to dump and create a real status command
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2427 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-28 14:37:56 +00:00
teastep
6c8b63bfe0
Remove dependence on 'which'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2421 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 20:30:16 +00:00
teastep
b66929a65e
Large merge of function from EXPERIMENTAL to HEAD.
...
1) Elimination of the "shorewall monitor" command.
2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.
3) Support has been added for the arp_ignore interface option.
4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.
5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.
6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).
7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.
8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.
9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.
10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.
11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00
paulgear
2a19eb8a5a
Copy latest 2.4 version from Shorewall2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:55:29 +00:00
paulgear
90dd62e89e
Copy latest 2.2 version from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:45:05 +00:00
paulgear
921a7223d4
Copy latest 2.0 code from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 04:45:32 +00:00
teastep
ccd528ec8c
Shorewall 1.4.10d +
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1216 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-03-20 15:40:06 +00:00
teastep
d711731678
Fix multiple excluded zone handling in DNAT/REDIRECT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1181 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-03-04 15:24:59 +00:00
teastep
7f19ec0c73
Fix another masq file bug
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-09 20:46:22 +00:00
teastep
76c135e123
Shorewall-1.4.10a
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1129 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-08 20:36:46 +00:00
teastep
97ea8c60d7
Fix problem in masq file parsing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-05 20:13:24 +00:00
teastep
76b5918a13
Fix handling of 'all' or '-' in the PROTO column of an action file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1096 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 19:11:51 +00:00
teastep
a57c778928
Shorewall 1.4.10 RC3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1094 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 23:39:45 +00:00
teastep
b4d0cbd1b1
Don't feed the smurfs
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1093 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 22:33:32 +00:00
teastep
3a82d46762
1.4.10 RC2 and fixes for broadcast rejects, ratelimiting and CONTINUE rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1092 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 21:16:07 +00:00
teastep
2e80e459bb
RC1 and 'detectnets' option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1089 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-23 23:48:30 +00:00
teastep
22df211052
Applied Fr�d�ric LESPEZ's patch for packet marking by user/group id
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1088 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 20:24:56 +00:00
teastep
d362f734d9
Destination exclude list in masq file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1085 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 02:06:56 +00:00
teastep
5338cb48b0
Minor updates for 1.4.9
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1070 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-09 20:18:40 +00:00
teastep
0c6299465d
Fix SNAT handling in DNAT rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@869 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-16 21:52:37 +00:00
teastep
dab17d0783
Update release notes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@822 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-10 15:27:07 +00:00
teastep
94d91cafa4
Clean up Action Change
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@805 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-05 19:19:08 +00:00
teastep
38ae0154ff
Improve release notes 'uname' advise
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@803 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-04 18:52:19 +00:00
teastep
90263f43af
Add user-defined Actions
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-04 02:01:08 +00:00
teastep
baa82a4697
Add MODULE_SUFFIX option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@798 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-01 18:30:28 +00:00
teastep
380b8e2ce8
Add MODULE_SUFFIX option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@797 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-01 16:10:08 +00:00
teastep
f9c596a465
Reword desciption of NEWNOTSYN
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@793 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-28 17:39:53 +00:00
teastep
9fde389c31
Log 'norfc1918'
...
packets out of 'rfc1918' chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-27 18:39:11 +00:00
teastep
a3eaa7f9af
Rework ip_forward handling; update release file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@791 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-27 18:24:57 +00:00
teastep
64bd2c9035
One-to-one NAT and updated common.def
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@790 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-24 19:08:43 +00:00
teastep
80981e802e
Fix NONE policy validation and 'routeback' for wildcard interfaces
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@786 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-08 02:38:30 +00:00
teastep
c334e92103
Shorewall 1.4.8-RC1
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@783 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-31 15:29:30 +00:00
teastep
f046ea3ab1
Fix route filtering
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-30 15:42:45 +00:00
teastep
ee51d49233
Correct Debian lockfile usage comment in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@781 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-27 22:36:22 +00:00
teastep
0f72f92c48
Another fix for <zone>_frwd chains
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@780 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-26 16:22:01 +00:00
teastep
e46c76253c
Expand chain naming
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@778 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-25 00:55:58 +00:00
teastep
5448a9cc38
Expand chain naming
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-25 00:54:01 +00:00
teastep
1fd0345510
Re-add optimization for complex zones
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@769 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-15 18:34:05 +00:00
teastep
ff2b9ce193
Remove 'complex zone' optimization
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@768 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-15 18:17:23 +00:00
teastep
84486d9115
Added BLACKLISTNEWONLY
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@766 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-11 16:13:52 +00:00
teastep
67ad01a56f
Added BLACKLISTNEWONLY
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@765 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-11 16:06:00 +00:00
teastep
55ddfb8c78
Fix error handling after 'Unable to determine the routes...'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@764 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-10 03:00:26 +00:00