Tom Eastep
d15475efae
Cleanup of AUDIT before Beta 3
...
- Correct merge snafus
- Rename the new actions (e.g., ADROP->A_DROP)
- Correct MACLIST_DISPOSITION logic
2011-05-20 07:47:35 -07:00
Tom Eastep
265c0e10e5
Correct a couple of cosmetic defects in the rules manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-18 12:39:00 -07:00
Tom Eastep
e940f5018e
Implement whitelisting.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-18 08:30:01 -07:00
Tom Eastep
8ec33cd6dd
Update accounting documentation
2011-05-17 18:35:28 -07:00
Tom Eastep
495aa9b9ac
Implement NFLOG accounting action.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-17 13:42:13 -07:00
Tom Eastep
8904e772df
Mention exclusion in the blacklist manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-15 10:57:11 -07:00
Tom Eastep
48eeab0b2a
Mark many tcrules columns as optional
2011-05-05 10:12:06 -07:00
Tom Eastep
5ce6d7d988
Back out 0x documentation part of change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-05 10:09:56 -07:00
Tom Eastep
45b83658cd
Another tcclasses manpage update
2011-05-01 06:40:28 -07:00
Tom Eastep
61c654634b
Correct some TC issues
2011-05-01 06:40:14 -07:00
Tom Eastep
f7b6ac690e
Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
2011-04-30 22:07:25 -07:00
Tom Eastep
5ff1aca52a
Augment documentation of the :I and :CI modifiers
2011-04-30 21:52:32 -07:00
Tom Eastep
3ec2bf621b
Correct example 5 in the masq manpage
2011-04-20 16:20:42 -07:00
Tom Eastep
e653a34865
Fix man page typo (CLEAR_FORWARD_MARK -> FORWARD_CLEAR_MARK)
2011-04-06 10:46:47 -07:00
Tom Eastep
cdbe58a444
Move and correct EXPORTMODULES in shorewall.conf manpage
2011-04-04 08:34:06 -07:00
Tom Eastep
cc633c5bd9
Shorewall 4.4.19 Changes
2011-04-03 09:56:30 -07:00
Tom Eastep
f88d5f13e0
Restore <burst> functionality in tcdevices
2011-03-02 07:42:24 -08:00
Tom Eastep
17a7ab40a9
Remove <burst> reference form tcdevices IN-BANDWIDH description
2011-03-01 14:18:43 -08:00
Tom Eastep
dcdfb60483
Document the <burst> option in the manpages
2011-02-24 15:49:35 -08:00
Tom Eastep
b90ea8a9e0
Change default for MODULE_PREFIX
2011-02-20 08:52:07 -08:00
Tom Eastep
3ea333c915
Fix broken link in the shorewall[6] manpages
2011-02-09 20:53:22 -08:00
Tom Eastep
2c2fdab0fe
Rename USE_LOCAL_MODULES to EXPORTMODULES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:42:35 -08:00
Tom Eastep
fb0a90e463
Update manpages for USE_LOCAL_MODULES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:28:19 -08:00
Tom Eastep
748e7f3a19
Correct typos
2011-02-03 13:28:50 -08:00
Tom Eastep
ac13be4ed4
Add rate-limiting example to rules manpages
2011-02-03 13:26:41 -08:00
Tom Eastep
ff48a78eac
Rename 'ipaccount' to 'ipa'
2011-02-01 17:15:49 -08:00
Tom Eastep
2ef674dc40
Add 'show iptaccount' command
2011-02-01 16:47:20 -08:00
Tom Eastep
8b2ed47f58
Don't use blockquote in shorewall-accounting (5)
2011-02-01 14:15:42 -08:00
Tom Eastep
d83b531af0
Use blockquote rather than simplelist in shorewall-accounting (5)
2011-02-01 14:02:50 -08:00
Tom Eastep
207db033b8
Disallow '.' in accounting and manual chain names
2011-02-01 12:58:05 -08:00
Tom Eastep
3dd674a738
Convert a simplelist to a variablelist in the Accounting manpage
2011-02-01 12:20:57 -08:00
Tom Eastep
ae4d675d0d
Document chain name length restriction
2011-01-31 07:07:10 -08:00
Tom Eastep
749b71e704
Fix typo in the Accounting manpage
2011-01-30 13:51:55 -08:00
Tom Eastep
2cf3d15d45
Mention the iptaccount --help command
2011-01-30 10:46:35 -08:00
Tom Eastep
303afe8c7e
Some accounting fixes (code and docs)
2011-01-30 09:39:14 -08:00
Tom Eastep
2af846ef9e
A couple of fixes for the accounting manpages
2011-01-30 08:55:43 -08:00
Tom Eastep
26cea4336e
Document per-IP accounting
2011-01-30 08:33:06 -08:00
Tom Eastep
156b04c380
Implement Run-time Address Variables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-01-26 09:08:48 -08:00
Tom Eastep
a2b440b093
Add USE_LOCAL_MODULES option
2011-01-22 08:13:17 -08:00
Tom Eastep
08f09d7de0
Deprecate EXPORTPARAMS
2011-01-09 10:12:36 -08:00
Tom Eastep
308831b3ff
Clarify '+' in wildcard interfaces
2010-12-19 10:02:02 -08:00
Tom Eastep
48b00d719e
Complete Proxy NDP implementation
2010-12-11 10:04:07 -08:00
Tom Eastep
bcdecdd3f5
Update manpages
2010-11-23 15:01:20 -08:00
Tom Eastep
f75e5c642f
Fix anachronisms in the masq manpage
2010-11-21 09:49:38 -08:00
Tom Eastep
5fdd506b17
Fix anachronisms in the masq manpage
2010-11-21 08:48:12 -08:00
Tom Eastep
e052951890
More /etc/shorewall/routes documentation
2010-11-17 17:27:48 -08:00
Tom Eastep
5e1c8f8d2a
Add DEVICE column to routes file
2010-11-17 08:35:20 -08:00
Tom Eastep
f523113ca7
Add manpages for the routes files
2010-11-16 20:51:11 -08:00
Tom Eastep
c9737930a2
Complete Shared TC documentation
2010-11-14 14:48:16 -08:00
Tom Eastep
a4bff9a2fa
Update manpages for IPv6 tcfilters
2010-11-14 13:50:18 -08:00
Tom Eastep
a1e3683651
Documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-10 14:38:55 -08:00
Tom Eastep
da886142f9
Update manpages for ipset lists
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-05 13:45:50 -07:00
Tom Eastep
d02bc69cd9
Document PKTTYPE as "Obsolete"
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-04 07:50:00 -07:00
Tom Eastep
489364a1a0
Correct zone manpages re: blacklist vs zone type
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-27 13:57:03 -07:00
Tom Eastep
74f1cb2443
Mention maclist file in shorewall-ipsets(5)
2010-09-25 16:07:56 -07:00
Tom Eastep
a79a8d4acc
Document that ipset multi-match may not be used in the hosts file
2010-09-24 15:44:44 -07:00
Tom Eastep
611c33e052
Add rule order warning to secmark manpages
2010-09-23 11:31:56 -07:00
Tom Eastep
6069d8d509
Add shorewall-ipsets(5) to See Also
2010-09-20 15:37:42 -07:00
Tom Eastep
b44a35edbd
Add shorewall-ipsets manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-20 15:34:04 -07:00
Tom Eastep
b3d6ae78ba
Add redundancy warning re 'blacklst'
2010-09-19 07:57:36 -07:00
Tom Eastep
c7373ada46
Add advice about SAVE/RESTORE
2010-09-17 09:22:48 -07:00
Tom Eastep
44665775b2
Documentation corrections to the blacklist files
2010-09-16 09:46:46 -07:00
Tom Eastep
a8c9fc1859
Implement new Blacklisting Scheme
2010-09-16 09:40:28 -07:00
Tom Eastep
1d650b41cd
Remove blacklisting by destination IP address support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 15:24:58 -07:00
Tom Eastep
bea4ce4ca6
Add tc-tbf link to tcinterfaces manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 14:07:42 -07:00
Tom Eastep
69a2fa1907
Replace to/from with dst/src
2010-09-15 11:25:46 -07:00
Tom Eastep
8147671eb2
Document JUMP
2010-09-15 09:49:37 -07:00
Tom Eastep
f925b335ef
Ignore the 'blacklist' host option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 08:10:57 -07:00
Tom Eastep
373fc87165
More blacklisting wrapup
...
- Deprecate 'blacklist' in the hosts file
- Base blacklisting on interfaces alone
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 07:38:20 -07:00
Tom Eastep
10a9ae496a
More manpage updates for 4.4.13
2010-09-14 16:47:45 -07:00
Tom Eastep
33adbe7a27
Update documentation for net TC features
2010-09-13 13:51:25 -07:00
Tom Eastep
3f93ebdda8
Update blacklist manpages
2010-09-13 13:23:32 -07:00
Tom Eastep
47ad42659c
Mention ipsets in the secmarks manpage
2010-09-12 08:12:41 -07:00
Tom Eastep
37a5a01185
Correct INPUT marking documentation
2010-09-11 12:47:32 -07:00
Tom Eastep
69817007bf
Some more fixes for blacklisting
2010-09-09 14:53:12 -07:00
Tom Eastep
7f72d66b90
A couple of documentation updates
2010-09-08 11:55:16 -07:00
Tom Eastep
b091169ed9
Remove deprecated syntax from examples
2010-09-08 06:04:57 -07:00
Tom Eastep
46bbb26b6b
Tweak secmarks example to use ESTABLISHED,RELATED
2010-09-07 13:59:33 -07:00
Tom Eastep
ee83b7f022
Add link to James Morris blog re SECMARK
2010-09-07 13:52:43 -07:00
Tom Eastep
ab87d8800a
List secmarks as SEE ALSO
2010-09-07 12:27:39 -07:00
Tom Eastep
8d63e04926
Yet more docunentation updates
2010-09-06 20:37:34 -07:00
Tom Eastep
50b4bd8dfe
More Blacklist and Secmark documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 17:26:49 -07:00
Tom Eastep
f3255cd83a
Rework blacklisting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 15:29:20 -07:00
Tom Eastep
c6f58ba924
Enhance SELinux support:
...
- Add state match
- Add user/group match
- Add examples to the man pages
2010-09-06 09:06:40 -07:00
Tom Eastep
b139ff7e90
Update docs and implementation of SECMARK
2010-09-04 16:08:29 -07:00
Tom Eastep
15d8d6d8b7
Add SECMARK and CONNSECMARK support
2010-09-04 15:12:08 -07:00
Tom Eastep
5aceddbf37
Update Accounting Documents
2010-08-22 16:40:04 -07:00
Tom Eastep
33ee9b1481
Add IPSEC Accounting (again)
2010-08-20 06:53:31 -07:00
Tom Eastep
4322d7b2af
Zone exclusion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-18 16:10:58 -07:00
Tom Eastep
255cd6cf9c
Implement zone lists in rules file entries
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-18 12:18:58 -07:00
Tom Eastep
36054b7784
Add additional vserver notes in rules manpages
2010-08-12 17:52:22 -07:00
Tom Eastep
e35e9d2c99
Clarify nesting of vserver zones
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-12 15:26:30 -07:00
Tom Eastep
0234564a1b
Add destination IP blacklisting
2010-08-10 17:33:50 -07:00
Tom Eastep
1efa50e6fa
Try to make the masq manpage more obvious
2010-08-05 16:50:48 -07:00
Tom Eastep
967629569b
Taylor Universal config to work with Shorewall-init and streamline ruleset
...
- Make interface 'all' optional and set REQUIRE_INTERFACE=Yes
- Add COMPLETE option
- Set FASTACCEPT in Universal samples
- Reset SUBSYSLOCK in Universal samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-01 08:36:56 -07:00
Tom Eastep
aac343b476
Document mark geometry capability
2010-07-27 08:05:54 -07:00
Tom Eastep
bd5facda30
Implement per-IP log rate limiting
2010-07-25 12:42:39 -07:00
Tom Eastep
7f4a7372ef
Remove nic registration requirement for IRC channel
2010-07-24 16:04:21 -07:00
Tom Eastep
1de257be19
Make ADD and DELETE work with any type of ipset.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-20 15:42:11 -07:00
Tom Eastep
8eeb71dc1b
Fix inconsistencies in manpages
2010-07-19 14:45:05 -07:00