holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
3,741 Commits 104 Branches 736 Tags 54 MiB
fcc6baaf6e
Commit Graph

112 Commits

Author SHA1 Message Date
teastep
f9685d5ddd Bring forward tcrules enhancements from 3.2 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4369 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-08-17 16:10:09 +00:00
teastep
3d81581c01 Bring 3.2.2 Changes forward 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4320 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-08-08 23:03:06 +00:00
teastep
1eb563d8ee Update shorewall.conf versions 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4258 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-07-21 02:20:13 +00:00
teastep
b4ded2a9ac Remove dynamic zones (again) 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4231 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-07-18 13:27:28 +00:00
teastep
3f9c8996bb Back out all post 3.2 changes 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4229 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-07-16 23:06:18 +00:00
teastep
8c9e8cc75c Normal start of new development thread (remove dynamic zones :-) 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4219 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-07-13 22:38:22 +00:00
teastep
fb89790044 Add 'shorewall show config' command to display distribution-specific defaults 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4130 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-06-17 15:58:48 +00:00
paulgear
aedfe429cf Normalise SUSE nomenclature; spelling corrections 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4104 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-06-15 05:32:14 +00:00
teastep
bc0586aa4a Fix typo in shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4102 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-06-14 21:57:29 +00:00
teastep
412766ba52 Improve documentation of HIGH_ROUTE_MARKS in the configuration files 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3855 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-05-03 21:35:25 +00:00
teastep
f2f7edf404 Allow hex numbers in 'mark' column of the providers file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3850 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-05-03 20:37:35 +00:00
teastep
b3735408ef Fiddle with comments in config files 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3785 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-04-11 22:20:09 +00:00
teastep
503aeea7df Fix compilation failure on LEAF Bearing -- second pass; correct awkward wording in shorewall.conf comments 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3781 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-04-10 21:16:02 +00:00
teastep
912008e003 Subdivide mark fields for TC and Routing -- Phase I 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3772 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-04-04 22:56:51 +00:00
teastep
80e08e57e8 Add IMPLICIT_CONTINUE option to shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-03-24 00:05:09 +00:00
judas_iscariote
19a248d750 1. remove svn:executable property of some files. 
2. put the French docs in it's own branch.



git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3609 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-03-01 02:00:43 +00:00
teastep
20d3f6afdc Error with ESTABLISHED/RELATED rules and FASTACCEPT 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-02-01 23:05:32 +00:00
teastep
bb7bf55a77 Fix typo in shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-01-31 16:24:23 +00:00
teastep
c137f1992a Rename VERBOSE to VERBOSITY 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-01-24 17:44:19 +00:00
teastep
33cc957521 Repair -v brain damage 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-01-24 16:10:41 +00:00
teastep
cf8344b26d Allow default verbosity to be set in shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-01-23 17:48:15 +00:00
teastep
248b26a7d8 Re-add dynamic zone capability 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2006-01-11 23:30:33 +00:00
teastep
1cb2d888e8 Remove dynamic zone capability from development branch 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3196 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-12-24 21:23:10 +00:00
teastep
98f828f1c9 Console-friendly shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3163 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-12-14 16:18:38 +00:00
teastep
1ed05f0fef Change CLEAR_TC default to 'Yes' 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-12-10 20:11:07 +00:00
teastep
3d0ec74fde Clarifications and minor documentation corrections 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3108 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-12-01 22:27:18 +00:00
teastep
ee433d350d Add upgrade warning to shorewall.conf -- Take 2 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3105 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-12-01 21:26:41 +00:00
teastep
d395e177a1 Add upgrade warning to shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3104 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-12-01 21:11:23 +00:00
teastep
577389464f Improve bridging instructions in config file comments 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3090 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-11-28 15:26:06 +00:00
teastep
532bb3df5e Typo in shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2874 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-13 18:12:55 +00:00
teastep
2fc9e1590e Clean up MACLIST_TABLE mess in shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2873 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-13 18:11:48 +00:00
teastep
7d97b536a6 Move MACLIST_TABLE to correct section of shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2850 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-11 16:49:13 +00:00
teastep
f7e2332fd3 Correct spelling of MACLIST_TABLE in shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2847 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-10 21:29:24 +00:00
teastep
1af4d541a0 Add TC_ENABLED=Internal 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2836 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-09 15:47:47 +00:00
teastep
d680528283 Replace TC_ENABLED with TC_SCRIPT 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2829 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-07 22:16:03 +00:00
teastep
a510a70124 Incomplete implementation of MACLIST_TABLE 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2815 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-06 20:01:51 +00:00
teastep
7870f16cb7 Bring tc4shorewall code into the firewall script 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2806 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-05 22:51:29 +00:00
teastep
a66d94d609 Fixes for IPP2P -- fix 'shorewall flush' and multi-ISP 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-05 16:45:50 +00:00
teastep
340053a6bc Require MARK_IN_FORWARD_CHAIN=Yes for multi-ISP 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-04 17:40:09 +00:00
teastep
2b6a9bb843 Deimplement original 'netnotsyn' handling 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2766 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-10-01 15:55:41 +00:00
teastep
3daf8076ff Add warning about side effects of ADD_SNAT_ALIASES and ADD_IP_ALIASES 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-09-29 15:37:15 +00:00
teastep
f6875e9da7 Alchemy -- zone file style 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-09-02 20:46:53 +00:00
teastep
738b45ad9e Update the version number to 3.0 in all files 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-31 15:27:22 +00:00
teastep
370d61970a Add FASTACCEPT option to accept ESTABLISHED/RELATED packets early 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-11 19:53:07 +00:00
teastep
ac1983a5da Large cleanup patch from Tuomo Soini 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-08-02 16:46:30 +00:00
teastep
0a03598d11 Correct anachronistic reference in /etc/shorewall/shorewall.conf 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-31 16:26:55 +00:00
teastep
b66929a65e Large merge of function from EXPERIMENTAL to HEAD. 
1) Elimination of the "shorewall monitor" command.

2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.

3) Support has been added for the arp_ignore interface option.

4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.

5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.

6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).

7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.

8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.

9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.

10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.

11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-25 23:08:09 +00:00
teastep
b0e6e3a893 Given the large number of people shooting themselves in the foot with 
poorly-written one-to-one NAT rules, I'm changing the shorewall.conf
file to set ADD_IP_ALIASES=No in shorewall.conf. Hopefully, this will
reduce the amount of whining about routing table modification during
"shorewall [re]start".


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-19 18:41:05 +00:00
teastep
318e204358 Re-implement MACLIST_TTL 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-17 22:08:15 +00:00
teastep
c6e3e84352 Disable MACLIST_TTL 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2005-07-17 16:52:21 +00:00