teastep
5b8a9c2dbf
First step toward support of wildcard ports
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3188 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-21 04:05:27 +00:00
teastep
f91f118c2a
Fix typo in last patch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3187 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-20 19:24:53 +00:00
teastep
803720a8cc
Fix restore script generation with RETAIN_ALIASES=Yes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3185 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-20 19:14:36 +00:00
teastep
d2c9149223
Remove interface port list -- no longer needed
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3183 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-20 00:39:55 +00:00
teastep
28e3a4a7ed
Fix security hole in bridge handling; fix bug in NONE intra-zone policy handling
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3182 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-19 23:37:40 +00:00
teastep
e99e0bd05b
Correct IPv6 fix
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3180 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-19 20:52:08 +00:00
teastep
0273709c6f
Enable loopback traffic under DISABLE_IPV6
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3172 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-17 01:55:02 +00:00
teastep
6f4dfe64db
Fix stupid typo that produced a bug in tcrules processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3153 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-12 18:52:40 +00:00
teastep
7f39d760b7
Add 'ipdecimal' command
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3114 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-02 23:58:57 +00:00
teastep
25480f2187
Allow '-' in the ADDRESS/SUBNET column of the blacklist file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3099 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 18:05:13 +00:00
teastep
06dc3cf91e
Make Shorewall tolerate prehistoric kernels
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3046 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-22 02:27:00 +00:00
teastep
8bdf97d821
Fix typo in 'firewall' script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3025 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-18 17:25:09 +00:00
teastep
fd834a4f64
Clean up policy setup for nat, mangle and raw tables -- Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3023 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-18 17:02:12 +00:00
teastep
e34d046490
Clean up policy setup for nat, mangle and raw tables
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3022 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-18 16:56:38 +00:00
teastep
86a7be6c24
Fix inadvertent change to firewall script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3018 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-17 19:10:13 +00:00
teastep
0fcc67230c
Correct interaction between FASTACCEPT and CLAMPMSS
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3013 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-17 18:23:19 +00:00
teastep
1f0165e8bc
Remove flyspeck from firewall file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3001 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-15 18:48:30 +00:00
teastep
93210fa3a5
Fix Makefile and make macro substitution smarter
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3000 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-15 18:44:02 +00:00
teastep
2fc06059db
Restore ACCEPT policies to nat, mangle and raw tables during start/stop
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2996 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-13 16:00:17 +00:00
teastep
d678421c08
Fix MACLIST_TABLE=mangle and DHCP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2947 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-02 17:44:10 +00:00
teastep
981323b7d6
Fix MACLIST_TABLE=mangle and DHCP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2946 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-02 15:32:33 +00:00
teastep
53ae3fc6e0
Suppress 'ambiguous redirect' errors
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2934 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-28 03:18:49 +00:00
teastep
4b97c4584c
Add samples to base package
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2907 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-20 22:10:10 +00:00
teastep
629d7c87d2
Fix cut-and-paste error in arp_ignore processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2906 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-19 14:30:13 +00:00
teastep
cf7e66aab4
Make Openvpn TCP support a little more robust
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2904 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-18 17:05:12 +00:00
teastep
b20a7b3067
Fix tcp openvpn support
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2901 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-18 15:20:12 +00:00
teastep
057e4aeb71
Add TC_ENABLED=Internal -- Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2837 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 16:21:15 +00:00
teastep
1af4d541a0
Add TC_ENABLED=Internal
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2836 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 15:47:47 +00:00
teastep
41178852fb
Avoid extra $COMMAND tests
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2835 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 02:36:30 +00:00
teastep
1a8f760491
Fix default tc class bug
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2834 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-08 14:57:10 +00:00
teastep
d680528283
Replace TC_ENABLED with TC_SCRIPT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2829 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-07 22:16:03 +00:00
teastep
2b6d22c40d
Suppress 'save' operations during refresh
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2823 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-07 15:46:38 +00:00
teastep
b403a8c200
Remove some incompatibilities
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2822 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-07 15:30:33 +00:00
teastep
cc6caadf41
Make tc class IDs unique across devices
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2819 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 22:46:17 +00:00
teastep
748375d12d
Finish MACLIST_TABLE implementation
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2816 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 20:10:40 +00:00
teastep
a510a70124
Incomplete implementation of MACLIST_TABLE
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2815 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 20:01:51 +00:00
teastep
1f23f6a9a4
Introduce 'classid' into discussion of classification in tcrules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2814 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 16:35:20 +00:00
teastep
26628652cd
More cleanup of traffic shaping integration
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2813 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 14:21:04 +00:00
teastep
51d44fcb40
clean up tc4shorewall progress message
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2810 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 00:41:24 +00:00
teastep
21a6f90554
Use CLASSIFY target when it is available
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2809 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 00:07:06 +00:00
teastep
3a775a1316
Bring tc4shorewall code into the firewall script -- Take 2 (fix syntax error and verify tc config in 'check')
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2807 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 22:59:38 +00:00
teastep
7870f16cb7
Bring tc4shorewall code into the firewall script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2806 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 22:51:29 +00:00
teastep
a66d94d609
Fixes for IPP2P -- fix 'shorewall flush' and multi-ISP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 16:45:50 +00:00
teastep
79fead0fae
Add IPP2P UDP support -- Take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2795 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 18:46:35 +00:00
teastep
8fe0a32fd3
Add IPP2P UDP support -- Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2794 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 18:20:28 +00:00
teastep
7277150a46
Add IPP2P UDP support
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2793 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 18:00:55 +00:00
teastep
340053a6bc
Require MARK_IN_FORWARD_CHAIN=Yes for multi-ISP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 17:40:09 +00:00
teastep
116f96b47e
Flush all mangle chains in refresh
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2788 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 17:04:19 +00:00
teastep
400088ff09
Better diagnostics when IPP2P match is missing - Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2785 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 16:32:27 +00:00
teastep
47a34926f4
Better diagnostics when IPP2P match is missing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2784 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 16:20:30 +00:00
teastep
d8e1cfb689
Add zone type to 'shorewall show zones' display
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 14:54:56 +00:00
teastep
8153df9547
Ensure that is set with old-format zone file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-03 17:59:19 +00:00
teastep
bb8a928f9b
Detect multiple firewall zones; fix inappropriate call to fatal_error; Display the firewall zone name
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2776 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-03 17:39:36 +00:00
teastep
f156a9a626
Correct ipp2p logging
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2772 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-02 16:22:52 +00:00
teastep
2b6a9bb843
Deimplement original 'netnotsyn' handling
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2766 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-01 15:55:41 +00:00
teastep
3e301ffbf4
Replace 'plain' with 'ipv4' in zones file -- Take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2763 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-30 19:20:27 +00:00
teastep
3087be1d83
Rename 'plain' to 'ipv4' in zones file -- Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2762 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-30 18:22:57 +00:00
teastep
a7258ce1ff
Rename 'plain' to 'ipv4' in zones file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2759 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-30 17:16:22 +00:00
teastep
84af786df4
Add capabilities report to 'shorewall dump' output
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2758 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-30 16:54:24 +00:00
teastep
11e3a37bea
Show off a new trick
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2742 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-28 20:28:01 +00:00
teastep
e75bac46a1
Fix 'refresh' traffic control treatment -- Take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2740 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-28 19:39:47 +00:00
teastep
68390ca9d6
Fix 'refresh' traffic control treatment
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2738 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-28 18:29:11 +00:00
teastep
6c76f878a8
Update example in the providers file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2737 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-27 14:30:11 +00:00
teastep
fbb94c61f6
Correct odd whitespace problem -- take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-21 19:10:01 +00:00
teastep
9bcf80f818
Correct odd whitespace problem -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2722 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-21 19:05:01 +00:00
teastep
0b896f8c65
Correct odd whitespace problem
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2721 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-21 19:01:18 +00:00
teastep
1a5852b7c9
Allow icmp-type in tcrules and more whitespace
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2711 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-19 14:43:22 +00:00
teastep
09773c6c65
Yes more whitespace
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2710 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-19 14:17:29 +00:00
teastep
504728a079
More whitespace elimination; avoid stale lock file in some error cases
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2702 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-17 22:37:32 +00:00
teastep
17d1469c7b
Remove some superfluous whitespace -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2697 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-17 04:05:57 +00:00
teastep
efd7c44bb6
Remove some superfluous whitespace
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2696 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-17 03:49:24 +00:00
teastep
09541c7260
Add output rules for routestopped hosts during 'start' and 'restart'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2690 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-15 16:11:54 +00:00
teastep
66e9add7f0
Add -n option to suppress routing table changes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2686 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-14 23:01:13 +00:00
teastep
e178cab644
Fix startup error
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2685 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-14 21:04:07 +00:00
teastep
1d763c84df
Fix param handling in restore-base
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-09 16:52:10 +00:00
teastep
6d310db4e5
Fix error handling
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2648 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-08 20:57:29 +00:00
teastep
b663bdf559
More cleanup from the cheif Alchemist
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2627 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-03 00:48:37 +00:00
teastep
d6cf893327
Fix stupid bug in zones file alchemy -- take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2626 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-02 22:56:35 +00:00
teastep
1905664bca
Fix stupid bug in zones file alchemy -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2625 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-02 22:54:27 +00:00
teastep
731c7d121d
Fix stupid bug in zones file alchemy
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2624 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-02 22:49:21 +00:00
teastep
f6875e9da7
Alchemy -- zone file style
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-02 20:46:53 +00:00
teastep
611e987cfc
Finish integrating tc4shorewall with save/restore/refresh
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-01 23:00:30 +00:00
teastep
757ebcd164
Make tc4shorewall play nice with save/restore
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2619 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-01 15:16:11 +00:00
teastep
cba33dd4e1
Import tc4shorewall into project
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2611 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 21:31:23 +00:00
teastep
73fa097121
Merge tc4shorewall into Shorewall
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2610 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 20:48:22 +00:00
teastep
738b45ad9e
Update the version number to 3.0 in all files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 15:27:22 +00:00
teastep
988afa6bf5
Fix another Macro bug
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2597 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-30 22:35:19 +00:00
teastep
6a47756293
'shorewall check' now checks the nat and providers files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2594 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-30 20:29:42 +00:00
teastep
e949e18749
'shorewall check' now checks the proxyarp file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2593 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-30 17:42:21 +00:00
teastep
124af9a046
'shorewall check' now checks the masq file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2592 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-30 15:54:29 +00:00
teastep
e783315471
Fix some ghastly bugs in Macros -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2591 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 22:59:01 +00:00
teastep
2448315290
Fix horrible typo in rules file sectioning
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2590 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 22:55:12 +00:00
teastep
fe6cd6d349
Fix some ghastly bugs in Macros
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2589 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 22:51:49 +00:00
teastep
a6c792c731
Remove nonsensical comment
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2588 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 22:17:00 +00:00
teastep
934a6e852f
Allow the log tag to act as a generalized parameter to an action extension script -- take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2587 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 21:58:24 +00:00
teastep
6e667fa0c0
Allow the log tag to act as a generalized parameter to an action extension script -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2584 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 20:51:48 +00:00
teastep
b258f29d56
Allow the log tag to act as a generalized parameter to an action extension script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2583 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-29 20:32:16 +00:00
teastep
6251280295
Add mention of macros in the rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-28 21:44:09 +00:00
teastep
c457976d17
Fix typo in openvpnclient handling
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2573 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-27 19:11:46 +00:00
teastep
739db31efb
Slightly less horrible Hack to make the Tunnels file still work with the sectioned Rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2569 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-27 14:50:33 +00:00
teastep
2a55b70b32
Horrible Hack to make the Tunnels file still work with the sectioned Rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2568 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-27 14:39:43 +00:00
teastep
86c837bf48
Clean up rules file sectioning
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2565 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-26 22:23:56 +00:00
teastep
0ae1bdfbc1
Restore 'ipp2p' support to the rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2564 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-26 20:11:27 +00:00
teastep
07c152ab35
Section the rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2563 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-26 19:55:05 +00:00
teastep
b800346eea
Remove ESTABLISHED policy stuff in preparation for sectioned rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2562 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-26 17:16:09 +00:00
teastep
36590a52ab
Clarify intra-zone changes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2559 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-24 22:39:19 +00:00
teastep
58e00883c1
More capitalizing global variable names -- take 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2541 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-23 21:35:56 +00:00
teastep
edb36a83b0
More capitalizing global variable names -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2540 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-23 20:50:48 +00:00
teastep
9b91bafe9f
More capitalizing global variable names
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2539 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-23 20:41:18 +00:00
teastep
e130bc9f60
Make intra-zone policies more rational
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2522 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-18 21:39:30 +00:00
teastep
e4433f4b8f
Remove documentation for find_interface_by_mac()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2521 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-18 20:18:08 +00:00
teastep
a77c49a02e
Capitalize global variable ALL_POLICY_CHAINS
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2519 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-17 21:54:57 +00:00
teastep
c88858382c
Allow exclusion lists in Actions
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2518 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-17 21:00:33 +00:00
teastep
d871e1f163
Set COMMAND=restore in restore-base
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2514 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-17 17:52:32 +00:00
teastep
af28486e63
Improve wording of OPENVPN server progress message
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2512 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 22:59:47 +00:00
teastep
80dd73b9e5
Add openvpnclient and openvpnserver tunnel types
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2511 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 21:57:43 +00:00
teastep
6a087fd50e
Add support for exclusion lists in /etc/shorewall/tcrules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2509 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 18:54:11 +00:00
teastep
85bf4377c5
Update release documentation for Shorewall 2.5.2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2505 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 16:54:03 +00:00
teastep
b4067e7534
Restore ability to exclude a source sub-zone from DNAT, SAME and REDIRECT rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2504 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 16:31:55 +00:00
teastep
1beb8c15aa
Generalize the notion of 'exclude list' in the rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2503 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 00:11:08 +00:00
teastep
dee6d1ad0e
Rework fix for bug in exclusion list processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2499 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:49:06 +00:00
teastep
a2dca45579
Fix bug in exclusion list processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:25:49 +00:00
teastep
fb9292eb71
Yet another improvement to rules generated for exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2497 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:21:52 +00:00
teastep
f6565e19a0
More improvements to rules generated for exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2496 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:16:34 +00:00
teastep
0f7def6c67
Improve rules generated for exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2495 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 18:33:51 +00:00
teastep
42ee8d0c19
Finally implement exclude lists in rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2493 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 17:35:45 +00:00
teastep
5df7bc0538
Remove sub-zone exclusion feature in preparation for implementing true exclude lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2492 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 16:04:39 +00:00
teastep
e075e8c3e2
Fix 'Packet type match' availability reporting with PKTTYPE=No
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2491 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-14 19:26:17 +00:00
teastep
999c74bf03
Generate an error when 'norfc1918' is specified for an interface with an RFC 1918 IP address
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2489 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-14 16:45:48 +00:00
teastep
ea1bf1a7c8
Make the calling sequence of 'build_exclusion_chain' more rational
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2488 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-13 21:39:34 +00:00
teastep
daef55a295
Back out ill-advised tcrules portlist patch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-12 23:57:35 +00:00
teastep
1625a7c4f3
Allow port lists in tcrules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2484 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-12 22:11:30 +00:00
teastep
370d61970a
Add FASTACCEPT option to accept ESTABLISHED/RELATED packets early
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 19:53:07 +00:00
teastep
ed2076a0fc
Fix problem with exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2469 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 01:40:50 +00:00
teastep
24dc05e6b7
Fix a couple of bugs
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2459 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-07 00:17:29 +00:00
teastep
e2253d6092
Install the Makefile -- Patch by Cristian Rodriquez
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-06 16:58:18 +00:00
teastep
39ca0828db
Infrastructure for Unified Handling of Exclude Lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2457 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-05 15:52:03 +00:00
teastep
bba152b119
Don't generate redundant ACCEPT rules for DNAT/REDIRECT/SAME
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-05 14:13:45 +00:00
teastep
f56e907907
Correct typo in /etc/shorewall/policy; Allow "all+" in SOURCE/DEST in /etc/shorewall/rules to enable intra-zone traffic
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2454 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-04 20:24:23 +00:00
teastep
1b1af2fc65
Remove some dead code and reduce confusion amoung those who read the code (including me)
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2450 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 21:06:05 +00:00
teastep
ac1983a5da
Large cleanup patch from Tuomo Soini
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
3f748212d6
Globalize shorewall_is_started()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 20:35:28 +00:00
teastep
c66159abee
capitalize 'terminator' variable; duplicate PREROUTING connmark logic in OUTPUT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2441 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 17:17:24 +00:00
teastep
9feb547b6e
/sbin/shorewall status rework -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-29 18:32:50 +00:00
teastep
48502e75bb
Fix 'status' command in /usr/share/shorewall/firewall; try to make release notes clearer
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2429 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-28 20:22:25 +00:00
teastep
5f37ce46bf
Fix typo which broke use of arping
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2426 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 22:41:52 +00:00
teastep
5f58eac0f7
Optimize use of 'arping'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2423 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 22:13:25 +00:00
teastep
6c8b63bfe0
Remove dependence on 'which'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2421 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 20:30:16 +00:00
teastep
9a42f57a6a
Allow 'ipsec' in /etc/shorewall/hosts to work in the presence of dynamic zones
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 17:29:20 +00:00
teastep
b66929a65e
Large merge of function from EXPERIMENTAL to HEAD.
...
1) Elimination of the "shorewall monitor" command.
2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.
3) Support has been added for the arp_ignore interface option.
4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.
5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.
6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).
7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.
8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.
9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.
10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.
11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00