holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
11,344 Commits 104 Branches 736 Tags 54 MiB
fd1d6cf935
Commit Graph

2092 Commits

Author SHA1 Message Date
Tom Eastep
24e115d0f9 Move a comment 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-04-06 08:00:20 -07:00
Tom Eastep
24d30275fa Correct syntax errors in the generated script 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-04-03 17:08:14 -07:00
Tom Eastep
fb428bf564 Don't modify CONFDIR and SHAREDIR in the shell code 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-04-02 12:39:49 -07:00
Tom Eastep
348c99c7d0 Compiler changes for Shorewall[6]-lite relocation 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-04-02 07:46:38 -07:00
Tom Eastep
85fce606dc Give all config files access to shorewallrc variables. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-04-01 13:19:38 -07:00
Tom Eastep
bb6e17fd3e Many changes involved in getting a relocated installations to work 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-04-01 10:47:24 -07:00
Tom Eastep
cf176474ac Merge branch '4.5.2' 
Conflicts:
	Shorewall/Perl/Shorewall/Chains.pm
 2012-03-31 09:44:36 -07:00
Tom Eastep
6ed207aba0 Fix 'dhcp' with 'nets' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-31 09:30:29 -07:00
Tom Eastep
924ec49d09 Add OWNER_NAME_MATCH to do_user 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-30 16:58:38 -07:00
Tom Eastep
a4097b7a02 Correct Typo in setup_null_routing() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-30 16:57:26 -07:00
Tom Eastep
e38fcb2bfc Correct ipset creation and add a WARNING when creating an ipset 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-30 16:56:43 -07:00
Tom Eastep
e09457cdf9 Correct Typo in setup_null_routing() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-27 07:46:53 -07:00
Tom Eastep
e641bf7ac2 Correct typo 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-26 16:01:35 -07:00
Tom Eastep
8a164adf98 Export TMPDIR if it exists in the .shorewallrc file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-26 15:43:04 -07:00
Tom Eastep
dee20c8d74 Add OWNER_NAME_MATCH to do_user 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-25 20:18:20 -07:00
Tom Eastep
ee15baf98c Correct typo in Chains.pm 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-25 12:48:57 -07:00
Tom Eastep
25e7555e80 Correct typo in the compiler 2012-03-25 12:36:25 -07:00
Tom Eastep
9dd9ee614b Correct ipset creation and add a WARNING when creating an ipset 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-25 08:27:28 -07:00
Tom Eastep
5aed14ffdc Set PRODUCT before processing rc file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-25 07:25:15 -07:00
Tom Eastep
59aab485c3 Handle 'PRODUCT' more gracefully 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-24 22:21:42 -07:00
Tom Eastep
173d29969d Improve shorewallrc variable expansion 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-24 21:34:24 -07:00
Tom Eastep
7390789b5e Add BLACKLIST Macro 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-24 21:33:57 -07:00
Tom Eastep
fc4aaa97c6 Expand variables in shorewallrc 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-24 21:26:20 -07:00
Tom Eastep
eb118e4443 Add shorewallrc files. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-24 13:05:39 -07:00
Tom Eastep
f4ed4109c6 Fix LENGTH handling (again) 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-23 15:40:48 -07:00
Tom Eastep
398c843643 Concatenate match options when not KLUDGEFREE 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-23 15:40:25 -07:00
Tom Eastep
01d07f55a9 Only include user exit basename in exported progress messages 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-20 07:33:32 -07:00
Tom Eastep
bdc8cb66bd Correct load_kernel_modules() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-20 07:15:47 -07:00
Tom Eastep
7bc823fb8b Support 'kerneltz' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 15:57:38 -07:00
Tom Eastep
48b7594b64 Delete prog.header* 
- Move functions into lib.core with ?IF ... ?ELSE ... ?END

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 15:56:02 -07:00
Tom Eastep
88b1180817 Support ?IF in copied files 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 13:38:24 -07:00
Tom Eastep
8803cd8d3b ?IF improvements 
- Pass line number to make process_conditional more general
- Add debugging output
- Do first_line processing prior to looking for ?

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 12:51:22 -07:00
Tom Eastep
0063de1564 Add capabilities to conditionals 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 11:57:33 -07:00
Tom Eastep
f104596b39 Merge branch '4.5.1' 2012-03-19 10:13:08 -07:00
Tom Eastep
146d66f0aa Don't complain about SHOREWALL_INIT_SCRIPT 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 09:52:55 -07:00
Tom Eastep
0ccb398cec Merge branch '4.5.1' 2012-03-19 09:22:44 -07:00
Tom Eastep
287a44be52 Allow TOS to work on RHEL5 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 09:22:21 -07:00
Tom Eastep
86f3667b82 Correct nested ?IF 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 08:19:32 -07:00
Tom Eastep
962b1cca1f Remove Perl diagnostic 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 07:46:45 -07:00
Tom Eastep
2026fdab6a Correct IPSET_WARNINGS 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 07:44:52 -07:00
Tom Eastep
722e888043 Fix ?IF 
- Allow nested ?IFs to work correctly
- Correct push logic for $ifstack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 07:38:52 -07:00
Tom Eastep
e3997abfb9 Merge branch '4.5.2' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-19 07:27:53 -07:00
Tom Eastep
710687bbd6 Revert "Move conditional processing to it's own function" 
This reverts commit 8262cff71a.
 2012-03-19 07:23:57 -07:00
Tom Eastep
d4a1e7dba9 Revert "Allow ?IF, ?ELSE and ?ENDIF in copied files" 
This reverts commit 29dd342118.
 2012-03-19 07:23:24 -07:00
Tom Eastep
c7237e5c8e Revert "Move all functions from prog.header* to lib.core" 
This reverts commit f9f557e1c6.
 2012-03-19 07:22:51 -07:00
Tom Eastep
c299c6d61a Revert "Correct spelling" 
This reverts commit 1d021e3701.
 2012-03-19 07:22:29 -07:00
Tom Eastep
6769acc7a7 Revert "Some corrections to conditional inclusion" 
This reverts commit 164d2f5d1b.
 2012-03-19 07:22:07 -07:00
Tom Eastep
df33587395 Revert "Clean up of conditional inclusion." 
This reverts commit 5f3ba4eb40.
 2012-03-19 07:21:36 -07:00
Tom Eastep
508f33a183 Revert "Eliminate prog.header6" 
This reverts commit 60f1004339.
 2012-03-19 07:21:12 -07:00
Tom Eastep
11f970d1c2 Revert "Eliminate prog.header" 
This reverts commit 13bf383ce8.
 2012-03-19 07:20:57 -07:00
Tom Eastep
72e6330ff4 Revert "Add capabilities to ?IF conditionals" 
This reverts commit 0d71c590e4.
 2012-03-19 07:20:31 -07:00
Tom Eastep
5caf68bc31 Remove .project 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-18 19:31:40 -07:00
Tom Eastep
15ca0fd1f0 Add IPSET_WARNINGS option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-18 19:30:04 -07:00
Tom Eastep
955a9f0051 Correct Steven's issues 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-18 19:10:46 -07:00
Tom Eastep
5bfd2cc2c9 Remove some WARNINGs 
- Mr Dash4 has decided he doesn't want them after all.
 2012-03-18 12:42:32 -07:00
Tom Eastep
56f66bd966 Require the correct PROTO to use a port range in the ADDRESS column of masq 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-18 11:22:37 -07:00
Tom Eastep
6e089fb0e2 Require the correct PROTO to use a port range in the ADDRESS column of masq 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-18 11:21:53 -07:00
Tom Eastep
0d71c590e4 Add capabilities to ?IF conditionals 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-18 08:48:26 -07:00
Tom Eastep
d1661c95d5 Remove .project 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 18:29:32 -07:00
Tom Eastep
13bf383ce8 Eliminate prog.header 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 18:07:36 -07:00
Tom Eastep
60f1004339 Eliminate prog.header6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 17:51:56 -07:00
Tom Eastep
5f3ba4eb40 Clean up of conditional inclusion. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 12:12:32 -07:00
Tom Eastep
164d2f5d1b Some corrections to conditional inclusion 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 10:26:36 -07:00
Tom Eastep
1d021e3701 Correct spelling 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 09:42:15 -07:00
Tom Eastep
f9f557e1c6 Move all functions from prog.header* to lib.core 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 09:35:35 -07:00
Tom Eastep
29dd342118 Allow ?IF, ?ELSE and ?ENDIF in copied files 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 09:33:40 -07:00
Tom Eastep
8262cff71a Move conditional processing to it's own function 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-17 09:32:56 -07:00
Tom Eastep
ab13fbe95e Allow conditional compilation 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-16 08:16:12 -07:00
Tom Eastep
95e4f8dd91 Fix TOS(tos/mask) in tcrules. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-14 15:34:11 -07:00
Tom Eastep
8e413a7bf0 Fix TOS(tos/mask) in tcrules. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-14 15:33:31 -07:00
Tom Eastep
2a67a202b0 Merge branch '4.5.1' 2012-03-13 20:16:01 -07:00
Tom Eastep
7e14777b8f Fix typo 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-13 19:54:58 -07:00
Tom Eastep
c1d0681e17 Correct LENGTH column validation 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-13 17:58:18 -07:00
Tom Eastep
e3f2c49c7e Remove level of indirection for the 'super' property 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-13 12:23:33 -07:00
Tom Eastep
fecd091078 Remove %zones{option}{nested} 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-13 11:31:13 -07:00
Tom Eastep
e0b360513c Remove a level of indirection for 'complex' zone flag. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-13 09:47:31 -07:00
Tom Eastep
01d99d4873 Move zone mss handling to the Rules File 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-12 15:59:35 -07:00
Tom Eastep
acb2e2a8ab Implement mss= in hosts file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-12 15:14:35 -07:00
Tom Eastep
48570227ba Big cleanup of TOS handling 
- Validate settings/matches
- Allow setting in the tcrules file.
- Deprecate /etc/shorewall[6]/tos
 2012-03-09 16:16:25 -08:00
Tom Eastep
c112f20e17 Tighten editing of LENGTH column(s) 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-07 14:07:04 -08:00
Tom Eastep
b2842ae8d4 Don't allow reserved variables to be set in params 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-05 15:42:53 -08:00
Tom Eastep
dff5136134 Correct issues with debugging the generated script 
a) Rename DEBUG to g_debug_iptablesb
b) Clear all of the tables prior to handling iptables-restore input.
 2012-03-05 15:21:10 -08:00
Tom Eastep
a84e131115 Fix bug in DSCP implementation. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-03-05 09:50:15 -08:00
Tom Eastep
aab6e67e70 Omit non-default geometry settings from updated shorewall.conf. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-29 12:34:06 -08:00
Tom Eastep
47453a20f7 Tweak to Run-time gateway variables 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-24 09:02:04 -08:00
Tom Eastep
7273f4d8d4 Implement run-time gateway variables. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-23 13:36:00 -08:00
Tom Eastep
2624005fa8 Fix FORMAT-2 interfaces 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-21 16:41:56 -08:00
Tom Eastep
d5af9c360d Implement FORMAT-2 interfaces file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-21 11:23:58 -08:00
Tom Eastep
2137840fec Fix bug in DSCP support 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-20 16:40:11 -08:00
Tom Eastep
a1ec1dc178 Add DSCP match support 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-20 08:47:48 -08:00
Tom Eastep
e2f4af6e48 Create a Perl-style switch statement to handle irregular entries in 
the tcrules file.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-19 17:28:49 -08:00
Tom Eastep
b1272e8835 Add DSCP target support. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-19 17:04:16 -08:00
Tom Eastep
75d5957020 Unify 'dont_' chain flags 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-19 14:20:09 -08:00
Tom Eastep
1896e56894 Rework some newbie code in add_group_to_zone() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-19 08:39:17 -08:00
Tom Eastep
7cd7f1ebbe Make zone-option hashes and constants global 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-19 08:30:39 -08:00
Tom Eastep
7fef97d92d Fix compiler crash from unknown interface 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-18 10:02:39 -08:00
Tom Eastep
cd3a9854f8 Change ipset flags error to a warning 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-18 08:22:16 -08:00
Tom Eastep
59fea1a05d Add a SWITCH column to /etc/shorewall/masq 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-18 08:17:14 -08:00
Tom Eastep
1c7476fe61 Validate SOURCE/DEST fit for ipset flags 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2012-02-17 15:46:28 -08:00
Tom Eastep
460efbac77 Merge branch '4.5.0' 2012-02-11 11:36:38 -08:00