forked from extern/shorewall_code
Compare commits
61 Commits
5.2.8-Beta
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
2673e6e60c | ||
|
|
d1a8c19712 | ||
|
|
3c77d83260 | ||
|
|
d8e43cee2b | ||
|
|
b0839c30b2 | ||
|
5a66c1d9d6 | ||
|
|
de23e641f7 | ||
|
|
a8294ed495 | ||
|
|
393cd5043d | ||
|
|
0de5e88018 | ||
|
badf2fc9f0 | ||
|
|
5e8ce7d073 | ||
|
450a16f730 | ||
|
aae5baedfd | ||
|
|
95831e372f | ||
|
|
77317c1766 | ||
|
|
236b06d480 | ||
|
|
86244d8faf | ||
|
|
b8ef488f64 | ||
|
|
b7f2d1b22e | ||
|
|
c93817f30b | ||
|
|
5637385507 | ||
|
|
23f66180e9 | ||
|
c1e58f6faf | ||
|
8b0d829531 | ||
|
|
c941cf4bb5 | ||
|
e9e73a259b | ||
|
|
672c3420a0 | ||
|
|
ba87937f49 | ||
|
|
69f0d4d881 | ||
|
|
6681191c88 | ||
|
|
2ceeb2c934 | ||
|
|
97165ed41e | ||
|
|
5b0cacd9c4 | ||
|
|
eeec6f2396 | ||
|
|
2e7d1ac4a3 | ||
|
|
34c59dca32 | ||
|
|
9aa2a4b704 | ||
|
|
d363809859 | ||
|
|
6c4383b5ce | ||
|
|
877807943d | ||
|
|
378df2861a | ||
|
|
f84be9faa4 | ||
|
|
c6dea1525f | ||
|
|
a7505f3ecb | ||
|
|
8c10c96844 | ||
|
|
126c5ccd53 | ||
|
|
1ca886abd7 | ||
|
|
ca78c0221c | ||
|
|
e4c2122532 | ||
|
|
f16e666858 | ||
|
|
b5f3294adb | ||
|
|
8d4e79650e | ||
|
|
b253be8a69 | ||
|
|
4385264dc3 | ||
|
|
6cab1c3c8c | ||
|
|
fe7bb4abca | ||
|
|
63b477a4de | ||
|
|
2166251b97 | ||
|
|
9e6aec7687 | ||
|
|
b154803f22 |
@@ -1 +1 @@
|
|||||||
5.2.8-Beta1
|
5.2.8-RC1
|
||||||
|
|||||||
@@ -324,6 +324,15 @@ install_file wait4ifup ${DESTDIR}${LIBEXECDIR}/shorewall/wait4ifup 0755
|
|||||||
|
|
||||||
echo
|
echo
|
||||||
echo "wait4ifup installed in ${DESTDIR}${LIBEXECDIR}/shorewall/wait4ifup"
|
echo "wait4ifup installed in ${DESTDIR}${LIBEXECDIR}/shorewall/wait4ifup"
|
||||||
|
#
|
||||||
|
# Install stop_service
|
||||||
|
#
|
||||||
|
if [ -n "${STOPSERVICEFILE}" ]; then
|
||||||
|
install_file ${STOPSERVICEFILE} ${DESTDIR}${LIBEXECDIR}/shorewall/stop_service 0755
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "${STOPSERVICEFILE} installed in ${DESTDIR}${LIBEXECDIR}/shorewall/stop_service"
|
||||||
|
fi
|
||||||
|
|
||||||
#
|
#
|
||||||
# Install the libraries
|
# Install the libraries
|
||||||
|
|||||||
@@ -3605,7 +3605,7 @@ status_command() {
|
|||||||
|
|
||||||
[ $# -eq 0 ] || missing_argument
|
[ $# -eq 0 ] || missing_argument
|
||||||
|
|
||||||
[ $VERBOSITY -ge 1 ] && echo "${g_product}-$SHOREWALL_VERSION Status at $g_hostname - $(date)" && echo
|
[ $VERBOSITY -ge 1 ] && echo "${g_product} $SHOREWALL_VERSION Status at $g_hostname - $(date)" && echo
|
||||||
show_status
|
show_status
|
||||||
[ -n "$interfaces" ] && show_interfaces
|
[ -n "$interfaces" ] && show_interfaces
|
||||||
exit $status
|
exit $status
|
||||||
@@ -4019,9 +4019,15 @@ setup_dbl() {
|
|||||||
# the Standard CLI by loading lib.cli-std
|
# the Standard CLI by loading lib.cli-std
|
||||||
################################################################################
|
################################################################################
|
||||||
#
|
#
|
||||||
# Set the configuration variables from shorewall[6]-lite.conf.
|
# Set the configuration variables from shorewall[6]-lite.conf. This function
|
||||||
|
# is replaced by the one in lib.cli-std (Shorewall product) when Shorewall or
|
||||||
|
# Shorewall6 is being run.
|
||||||
#
|
#
|
||||||
get_config() {
|
# $1 = Yes: read the params file
|
||||||
|
# $2 = Yes: check for STARTUP_ENABLED
|
||||||
|
# $3 = Yes: Check for LOGFILE
|
||||||
|
#
|
||||||
|
lite_get_config() {
|
||||||
local config
|
local config
|
||||||
local lib
|
local lib
|
||||||
|
|
||||||
@@ -4170,7 +4176,7 @@ get_config() {
|
|||||||
|
|
||||||
[ -x "$g_pager" ] || fatal_error "PAGER $g_pager is not executable"
|
[ -x "$g_pager" ] || fatal_error "PAGER $g_pager is not executable"
|
||||||
|
|
||||||
g_pager="| $g_pager"
|
g_pager="2>&1 | $g_pager"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@@ -4183,10 +4189,22 @@ get_config() {
|
|||||||
[ -f $lib ] && . $lib
|
[ -f $lib ] && . $lib
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# get_config() -- calls the appropriate xxx_get_config()
|
||||||
|
#
|
||||||
|
get_config() {
|
||||||
|
if [ -z "$g_lite" ]; then
|
||||||
|
std_get_config $@
|
||||||
|
else
|
||||||
|
lite_get_config $@
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Start Command Executor
|
# Start Command Executor
|
||||||
#
|
#
|
||||||
start_command() {
|
lite_start_command() {
|
||||||
local finished
|
local finished
|
||||||
finished=0
|
finished=0
|
||||||
|
|
||||||
@@ -4273,10 +4291,21 @@ start_command() {
|
|||||||
do_it
|
do_it
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# start_command() -- calls the appropriate xxx_start_command()
|
||||||
|
#
|
||||||
|
start_command() {
|
||||||
|
if [ -z "$g_lite" ]; then
|
||||||
|
std_start_command $@
|
||||||
|
else
|
||||||
|
lite_start_command $@
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Reload/Restart Command Executor
|
# Reload/Restart Command Executor
|
||||||
#
|
#
|
||||||
restart_command() {
|
lite_restart_command() {
|
||||||
local finished
|
local finished
|
||||||
finished=0
|
finished=0
|
||||||
local rc
|
local rc
|
||||||
@@ -4345,6 +4374,17 @@ restart_command() {
|
|||||||
return $rc
|
return $rc
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# restart_command() -- calls the appropriate xxx_restart_command()
|
||||||
|
#
|
||||||
|
restart_command() {
|
||||||
|
if [ -z "$g_lite" ]; then
|
||||||
|
std_restart_command $@
|
||||||
|
else
|
||||||
|
lite_restart_command $@
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
run_command() {
|
run_command() {
|
||||||
if [ -x $g_firewall ] ; then
|
if [ -x $g_firewall ] ; then
|
||||||
run_it $g_firewall $@
|
run_it $g_firewall $@
|
||||||
@@ -4713,7 +4753,7 @@ shorewall_cli() {
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
banner="${g_product}-${SHOREWALL_VERSION} Status at $g_hostname -"
|
banner="${g_product} ${SHOREWALL_VERSION} Status at $g_hostname -"
|
||||||
|
|
||||||
COMMAND=$1
|
COMMAND=$1
|
||||||
|
|
||||||
@@ -4803,7 +4843,7 @@ shorewall_cli() {
|
|||||||
logwatch)
|
logwatch)
|
||||||
only_root
|
only_root
|
||||||
get_config Yes Yes Yes
|
get_config Yes Yes Yes
|
||||||
banner="${g_product}-$SHOREWALL_VERSION Logwatch at $g_hostname -"
|
banner="${g_product} $SHOREWALL_VERSION Logwatch at $g_hostname -"
|
||||||
logwatch_command $@
|
logwatch_command $@
|
||||||
;;
|
;;
|
||||||
drop)
|
drop)
|
||||||
|
|||||||
@@ -981,7 +981,22 @@
|
|||||||
<td><command>shorewall -6</command> or <command>shorewall
|
<td><command>shorewall -6</command> or <command>shorewall
|
||||||
-6l</command></td>
|
-6l</command></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
|
<tr>
|
||||||
|
<td><command>shorewall</command></td>
|
||||||
|
|
||||||
|
<td><command>shorewall -l</command></td>
|
||||||
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
<para>Note that when Shorewall isn't installed, the 'shorewall'
|
||||||
|
command behaves like shorewall-lite. The same is not true with
|
||||||
|
respect to Shorewall6, "shorewall6" and 'shorewall6-lite". You can
|
||||||
|
make 'shorewall6' behave like 'shorewallt-lite' by adding the
|
||||||
|
following command to root's .profile file (or to .bashrc, if root's
|
||||||
|
shell is bash):</para>
|
||||||
|
|
||||||
|
<programlisting> alias shorewall6=shorewall6-lite</programlisting>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
@@ -2458,8 +2473,8 @@
|
|||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">bl|blacklists</emphasis>
|
<term><emphasis role="bold">[-<option>x</option>]
|
||||||
[-<option>x</option>]</term>
|
bl|blacklists</emphasis></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Added in Shorewall 4.6.2. Displays the dynamic chain
|
<para>Added in Shorewall 4.6.2. Displays the dynamic chain
|
||||||
@@ -2906,9 +2921,9 @@
|
|||||||
listed in <ulink
|
listed in <ulink
|
||||||
url="/manpages/shorewall-stoppedrules.html">shorewall-stoppedrules</ulink>(5)
|
url="/manpages/shorewall-stoppedrules.html">shorewall-stoppedrules</ulink>(5)
|
||||||
or permitted by the ADMINISABSENTMINDED option in <ulink
|
or permitted by the ADMINISABSENTMINDED option in <ulink
|
||||||
url="/manpages/shorewall.conf.html">shorewall.conf</ulink> The only
|
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>, are taken
|
||||||
new traffic permitted through the firewall is from systems listed in
|
down. The only new traffic permitted through the firewall is from
|
||||||
<ulink
|
systems listed in <ulink
|
||||||
url="/manpages/shorewall-stoppedrules.html">shorewall-stoppedrules</ulink>(5)
|
url="/manpages/shorewall-stoppedrules.html">shorewall-stoppedrules</ulink>(5)
|
||||||
or by ADMINISABSENTMINDED.</para>
|
or by ADMINISABSENTMINDED.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|||||||
@@ -22,3 +22,4 @@ SPARSE=Yes #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
|
|||||||
VARLIB=/var/lib #Directory where product variable data is stored.
|
VARLIB=/var/lib #Directory where product variable data is stored.
|
||||||
VARDIR=${VARLIB}/$PRODUCT #Directory where product variable data is stored.
|
VARDIR=${VARLIB}/$PRODUCT #Directory where product variable data is stored.
|
||||||
DEFAULT_PAGER=/usr/bin/less #Pager to use if none specified in shorewall[6].conf
|
DEFAULT_PAGER=/usr/bin/less #Pager to use if none specified in shorewall[6].conf
|
||||||
|
STOPSERVICEFILE=stop_service.debian #Name of script to stop systemd service that honours `SAFESTOP`.
|
||||||
|
|||||||
19
Shorewall-core/stop_service.debian
Normal file
19
Shorewall-core/stop_service.debian
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
PRODUCT=$1
|
||||||
|
|
||||||
|
. /etc/default/${PRODUCT}
|
||||||
|
|
||||||
|
if [ "$SAFESTOP" = 1 ]; then
|
||||||
|
COMMAND=stop
|
||||||
|
else
|
||||||
|
COMMAND=clear
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${PRODUCT}" = shorewall6 ]; then
|
||||||
|
EXEC="/sbin/shorewall -6"
|
||||||
|
else
|
||||||
|
EXEC="/sbin/${PRODUCT}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec ${EXEC} ${OPTIONS} ${COMMAND}
|
||||||
@@ -134,6 +134,7 @@ fi
|
|||||||
|
|
||||||
remove_directory ${SHAREDIR}/shorewall
|
remove_directory ${SHAREDIR}/shorewall
|
||||||
remove_file ~/.shorewallrc
|
remove_file ~/.shorewallrc
|
||||||
|
remove_file ${SBINDIR}/shorewall
|
||||||
|
|
||||||
#
|
#
|
||||||
# Report Success
|
# Report Success
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ Wants=network-pre.target
|
|||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
EnvironmentFile=-/etc/sysconfig/shorewall-init
|
EnvironmentFile=-/etc/sysconfig/shorewall-init
|
||||||
StandardOutput=syslog
|
StandardOutput=journal
|
||||||
ExecStart=/sbin/shorewall-init start
|
ExecStart=/sbin/shorewall-init start
|
||||||
ExecStop=/sbin/shorewall-init stop
|
ExecStop=/sbin/shorewall-init stop
|
||||||
|
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
#
|
#
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Shorewall firewall (bootup security)
|
Description=Shorewall firewall (bootup security)
|
||||||
|
Documentation=man:shorewall-init(8)
|
||||||
Before=network.target
|
Before=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
|||||||
@@ -13,8 +13,8 @@
|
|||||||
|
|
||||||
. /lib/lsb/init-functions
|
. /lib/lsb/init-functions
|
||||||
|
|
||||||
SRWL='/sbin/shorewall -l'
|
SRWL=/sbin/shorewall
|
||||||
SRWL_OPTS="-tvv"
|
SRWL_OPTS="-ltvv"
|
||||||
test -n ${INITLOG:=/var/log/shorewall-lite-init.log}
|
test -n ${INITLOG:=/var/log/shorewall-lite-init.log}
|
||||||
|
|
||||||
[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
|
[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ Conflicts=iptables.service firewalld.service
|
|||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
EnvironmentFile=-/etc/sysconfig/shorewall-lite
|
EnvironmentFile=-/etc/sysconfig/shorewall-lite
|
||||||
StandardOutput=syslog
|
StandardOutput=journal
|
||||||
ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall-lite $OPTIONS stop
|
ExecStop=/sbin/shorewall-lite $OPTIONS stop
|
||||||
|
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
#
|
#
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Shorewall IPv4 firewall (lite)
|
Description=Shorewall IPv4 firewall (lite)
|
||||||
|
Documentation=man:shorewall-lite(8)
|
||||||
Wants=network-online.target
|
Wants=network-online.target
|
||||||
After=network-online.target
|
After=network-online.target
|
||||||
Conflicts=iptables.service firewalld.service
|
Conflicts=iptables.service firewalld.service
|
||||||
@@ -16,7 +17,7 @@ RemainAfterExit=yes
|
|||||||
EnvironmentFile=-/etc/default/shorewall-lite
|
EnvironmentFile=-/etc/default/shorewall-lite
|
||||||
StandardOutput=syslog
|
StandardOutput=syslog
|
||||||
ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall-lite $OPTIONS clear
|
ExecStop=/usr/share/shorewall/stop_service shorewall-lite
|
||||||
ExecReload=/sbin/shorewall-lite $OPTIONS reload $RELOADOPTIONS
|
ExecReload=/sbin/shorewall-lite $OPTIONS reload $RELOADOPTIONS
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|||||||
@@ -20,22 +20,23 @@ DEFAULTS ACCEPT
|
|||||||
|
|
||||||
# The following should have a ttl of 255 and must be allowed to transit a bridge
|
# The following should have a ttl of 255 and must be allowed to transit a bridge
|
||||||
@1 - - ipv6-icmp router-solicitation
|
@1 - - ipv6-icmp router-solicitation
|
||||||
@1 - - ipv6-icmp router-advertisement
|
|
||||||
@1 - - ipv6-icmp neighbour-solicitation
|
@1 - - ipv6-icmp neighbour-solicitation
|
||||||
@1 - - ipv6-icmp neighbour-advertisement
|
@1 - - ipv6-icmp neighbour-advertisement
|
||||||
@1 - - ipv6-icmp 137 # Redirect
|
|
||||||
@1 - - ipv6-icmp 141 # Inverse neighbour discovery solicitation
|
@1 - - ipv6-icmp 141 # Inverse neighbour discovery solicitation
|
||||||
@1 - - ipv6-icmp 142 # Inverse neighbour discovery advertisement
|
@1 - - ipv6-icmp 142 # Inverse neighbour discovery advertisement
|
||||||
|
|
||||||
# The following should have a link local source address and must be allowed to transit a bridge
|
# The following must have a link local source address and must be allowed to transit a bridge
|
||||||
@1 fe80::/10 - ipv6-icmp 130 # Listener query
|
@1 fe80::/10 - ipv6-icmp 130 # Listener query
|
||||||
@1 fe80::/10 - ipv6-icmp 131 # Listener report
|
@1 fe80::/10 - ipv6-icmp 131 # Listener report
|
||||||
@1 fe80::/10 - ipv6-icmp 132 # Listener done
|
@1 fe80::/10 - ipv6-icmp 132 # Listener done
|
||||||
|
@1 fe80::/10 - ipv6-icmp router-advertisement
|
||||||
|
@1 :: - ipv6-icmp 143 # Listener report v2
|
||||||
@1 fe80::/10 - ipv6-icmp 143 # Listener report v2
|
@1 fe80::/10 - ipv6-icmp 143 # Listener report v2
|
||||||
|
|
||||||
# The following should be received with a ttl of 255 and must be allowed to transit a bridge
|
# The following should be received with a ttl of 255 and must be allowed to transit a bridge
|
||||||
@1 - - ipv6-icmp 148 # Certificate path solicitation
|
@1 :: - ipv6-icmp 148 # Certificate path solicitation
|
||||||
@1 - - ipv6-icmp 149 # Certificate path advertisement
|
@1 fe80::/10 - ipv6-icmp 148 # Certificate path solicitation
|
||||||
|
@1 fe80::/10 - ipv6-icmp 149 # Certificate path advertisement
|
||||||
|
|
||||||
# The following should have a link local source address and a ttl of 1 and must be allowed to transit a bridge
|
# The following should have a link local source address and a ttl of 1 and must be allowed to transit a bridge
|
||||||
@1 fe80::/10 - ipv6-icmp 151 # Multicast router advertisement
|
@1 fe80::/10 - ipv6-icmp 151 # Multicast router advertisement
|
||||||
|
|||||||
12
Shorewall/Macros/macro.NFS
Normal file
12
Shorewall/Macros/macro.NFS
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
#
|
||||||
|
# Shorewall -- /usr/share/shorewall/macro.NFS
|
||||||
|
#
|
||||||
|
# This macro handles NFS v4.1+ traffic with default ports.
|
||||||
|
# You should only allow NFS traffic between hosts you fully trust.
|
||||||
|
#
|
||||||
|
###############################################################################
|
||||||
|
#ACTION SOURCE DEST PROTO DPORT SPORT ORIGDEST RATE USER
|
||||||
|
|
||||||
|
PARAM - - tcp 111 # portmapper, rpcbind
|
||||||
|
PARAM - - tcp 2049 # nfs
|
||||||
|
PARAM - - tcp 20048 # mountd
|
||||||
8
Shorewall/Macros/macro.TorMetrics
Normal file
8
Shorewall/Macros/macro.TorMetrics
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
#
|
||||||
|
# Shorewall --/usr/share/shorewall/macro.TorMetrics
|
||||||
|
#
|
||||||
|
# Macro for handling Tor Onion Network traffic
|
||||||
|
#
|
||||||
|
##############################################################################################################################################################
|
||||||
|
#ACTION SOURCE DEST PROTO DPORT SPORT ORIGDEST RATE USER MARK CONNLIMIT TIME HEADERS SWITCH HELPER
|
||||||
|
PARAM - - tcp 9035
|
||||||
@@ -7478,9 +7478,9 @@ sub have_address_variables() {
|
|||||||
#
|
#
|
||||||
# Generate setting of run-time global shell variables
|
# Generate setting of run-time global shell variables
|
||||||
#
|
#
|
||||||
sub set_global_variables( $$ ) {
|
sub set_global_variables( $$$ ) {
|
||||||
|
|
||||||
my ( $setall, $conditional ) = @_;
|
my ( $setall, $conditional, $call_generate_all_acasts ) = @_;
|
||||||
|
|
||||||
if ( $conditional ) {
|
if ( $conditional ) {
|
||||||
my ( $interface, @interfaces );
|
my ( $interface, @interfaces );
|
||||||
@@ -7513,16 +7513,17 @@ sub set_global_variables( $$ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ( $setall ) {
|
if ( $setall ) {
|
||||||
emit $interfaceaddr{$_} for sortkeysiftest %interfaceaddr;
|
if ( $conditional ) {
|
||||||
emit $interfacenets{$_} for sortkeysiftest %interfacenets;
|
emit $interfaceaddr{$_} for sortkeysiftest %interfaceaddr;
|
||||||
|
emit $interfacenets{$_} for sortkeysiftest %interfacenets;
|
||||||
|
}
|
||||||
|
|
||||||
unless ( have_capability( 'ADDRTYPE' ) ) {
|
unless ( have_capability( 'ADDRTYPE' ) ) {
|
||||||
|
|
||||||
if ( $family == F_IPV4 ) {
|
if ( $family == F_IPV4 ) {
|
||||||
emit 'ALL_BCASTS="$(get_all_bcasts) 255.255.255.255"';
|
emit 'ALL_BCASTS="$(get_all_bcasts) 255.255.255.255"';
|
||||||
emit $interfacebcasts{$_} for sortkeysiftest %interfacebcasts;
|
emit $interfacebcasts{$_} for sortkeysiftest %interfacebcasts;
|
||||||
} else {
|
} else {
|
||||||
generate_all_acasts;
|
emit $call_generate_all_acasts;
|
||||||
emit $interfaceacasts{$_} for sortkeysiftest %interfaceacasts;
|
emit $interfaceacasts{$_} for sortkeysiftest %interfaceacasts;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -276,12 +276,18 @@ sub generate_script_2() {
|
|||||||
|
|
||||||
emit "}\n"; # End of initialize()
|
emit "}\n"; # End of initialize()
|
||||||
|
|
||||||
|
#
|
||||||
|
# Conditionally emit the 'generate_all_acasts() function
|
||||||
|
#
|
||||||
|
my $call_generate_all_acasts = $family == F_IPV6 && ! have_capability( 'ADDRTYPE' ) ? generate_all_acasts : '';
|
||||||
|
|
||||||
emit( '' ,
|
emit( '' ,
|
||||||
'#' ,
|
'#' ,
|
||||||
'# Set global variables holding detected IP information' ,
|
'# Set global variables holding detected IP information' ,
|
||||||
'#' ,
|
'#' ,
|
||||||
'detect_configuration()',
|
'detect_configuration()',
|
||||||
'{' );
|
'{'
|
||||||
|
);
|
||||||
|
|
||||||
my $global_variables = have_global_variables;
|
my $global_variables = have_global_variables;
|
||||||
my $optional_interfaces = find_interfaces_by_option( 'optional' );
|
my $optional_interfaces = find_interfaces_by_option( 'optional' );
|
||||||
@@ -312,7 +318,7 @@ sub generate_script_2() {
|
|||||||
|
|
||||||
if ( $global_variables == ( ALL_COMMANDS | NOT_RESTORE ) ) {
|
if ( $global_variables == ( ALL_COMMANDS | NOT_RESTORE ) ) {
|
||||||
verify_required_interfaces(0);
|
verify_required_interfaces(0);
|
||||||
set_global_variables(0, 0);
|
set_global_variables( $family == F_IPV6, 0, $call_generate_all_acasts );
|
||||||
handle_optional_interfaces;
|
handle_optional_interfaces;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -326,7 +332,7 @@ sub generate_script_2() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
verify_required_interfaces(1);
|
verify_required_interfaces(1);
|
||||||
set_global_variables(1,1);
|
set_global_variables(1, 1, $call_generate_all_acasts );
|
||||||
handle_optional_interfaces;
|
handle_optional_interfaces;
|
||||||
|
|
||||||
if ( $global_variables & NOT_RESTORE ) {
|
if ( $global_variables & NOT_RESTORE ) {
|
||||||
|
|||||||
@@ -884,7 +884,7 @@ sub initialize($;$$$$) {
|
|||||||
TC_SCRIPT => '',
|
TC_SCRIPT => '',
|
||||||
EXPORT => 0,
|
EXPORT => 0,
|
||||||
KLUDGEFREE => '',
|
KLUDGEFREE => '',
|
||||||
VERSION => '5.2.7-Beta1',
|
VERSION => '5.2.8-RC1',
|
||||||
CAPVERSION => 50207 ,
|
CAPVERSION => 50207 ,
|
||||||
BLACKLIST_LOG_TAG => '',
|
BLACKLIST_LOG_TAG => '',
|
||||||
RELATED_LOG_TAG => '',
|
RELATED_LOG_TAG => '',
|
||||||
@@ -1507,7 +1507,7 @@ sub qt1( $ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Delete the test chains
|
# Delete the test chains and IP sets
|
||||||
#
|
#
|
||||||
sub cleanup_iptables() {
|
sub cleanup_iptables() {
|
||||||
qt1( "$iptables $iptablesw -F $sillyname" );
|
qt1( "$iptables $iptablesw -F $sillyname" );
|
||||||
@@ -1530,6 +1530,12 @@ sub cleanup_iptables() {
|
|||||||
qt1( "$iptables $iptablesw -t raw -X $sillyname" );
|
qt1( "$iptables $iptablesw -t raw -X $sillyname" );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
my $ipset = $config{IPSET} || 'ipset';
|
||||||
|
$ipset = which( $ipset ) unless $ipset =~ '/';
|
||||||
|
if ( $ipset && -x $ipset ) {
|
||||||
|
qt( "$ipset -X $sillyname" );
|
||||||
|
}
|
||||||
|
|
||||||
$sillyname = $sillyname1 = '';
|
$sillyname = $sillyname1 = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1574,7 +1580,7 @@ sub cleanup() {
|
|||||||
unlink ( $perlscriptname ), $perlscriptname = undef if $perlscriptname;
|
unlink ( $perlscriptname ), $perlscriptname = undef if $perlscriptname;
|
||||||
unlink ( @tempfiles ), @tempfiles = () if @tempfiles;
|
unlink ( @tempfiles ), @tempfiles = () if @tempfiles;
|
||||||
#
|
#
|
||||||
# Delete temporary chains
|
# Delete temporary chains and IP sets
|
||||||
#
|
#
|
||||||
cleanup_iptables if $sillyname;
|
cleanup_iptables if $sillyname;
|
||||||
}
|
}
|
||||||
@@ -5683,6 +5689,11 @@ sub process_shorewall_conf( $$ ) {
|
|||||||
$globals{CONFIGDIR} = $configfile = $file;
|
$globals{CONFIGDIR} = $configfile = $file;
|
||||||
$globals{CONFIGDIR} =~ s/$product.conf//;
|
$globals{CONFIGDIR} =~ s/$product.conf//;
|
||||||
|
|
||||||
|
if ( $export ) {
|
||||||
|
use Sys::Hostname;
|
||||||
|
$globals{CONFIGDIR} = join( ':', hostname, $globals{CONFIGDIR} );
|
||||||
|
}
|
||||||
|
|
||||||
if ( -r _ ) {
|
if ( -r _ ) {
|
||||||
open_file $file;
|
open_file $file;
|
||||||
|
|
||||||
@@ -5811,9 +5822,10 @@ sub get_capabilities($)
|
|||||||
fatal_error "Can't find $toolname executable" unless $iptables = which $toolname;
|
fatal_error "Can't find $toolname executable" unless $iptables = which $toolname;
|
||||||
}
|
}
|
||||||
#
|
#
|
||||||
# Determine if iptables supports the -w option
|
# Determine if iptables supports the -w option unless we already have
|
||||||
|
# existing capabilities
|
||||||
#
|
#
|
||||||
$iptablesw = qt1( "$iptables -w -L -n") ? '-w' : '';
|
$iptablesw = qt1( "$iptables -w -n -L INPUT") ? '-w' : '' unless $_[0];
|
||||||
|
|
||||||
my $iptables_restore=$iptables . '-restore';
|
my $iptables_restore=$iptables . '-restore';
|
||||||
|
|
||||||
|
|||||||
@@ -149,14 +149,13 @@ sub validate_4address( $$ ) {
|
|||||||
|
|
||||||
unless ( valid_4address $addr ) {
|
unless ( valid_4address $addr ) {
|
||||||
fatal_error "Invalid IP Address ($addr)" unless $allow_name;
|
fatal_error "Invalid IP Address ($addr)" unless $allow_name;
|
||||||
fatal_error "Unknown Host ($addr)" unless @addrs = gethostbyname( $addr );
|
my ( $err, @addr_structs ) = Socket::getaddrinfo( $addr, 0, {
|
||||||
|
family => Socket::AF_INET,
|
||||||
|
protocol => Socket::IPPROTO_TCP,
|
||||||
|
} );
|
||||||
|
fatal_error "Unknown Host ($addr)" if $err != 0;
|
||||||
|
|
||||||
if ( defined wantarray ) {
|
@addrs = translate_addr_structs( @addr_structs );
|
||||||
shift @addrs for (1..4);
|
|
||||||
for ( @addrs ) {
|
|
||||||
$_ = ( inet_ntoa( $_ ) );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
defined wantarray ? wantarray ? @addrs : $addrs[0] : undef;
|
defined wantarray ? wantarray ? @addrs : $addrs[0] : undef;
|
||||||
@@ -164,14 +163,14 @@ sub validate_4address( $$ ) {
|
|||||||
|
|
||||||
sub resolve_4dnsname( $ ) {
|
sub resolve_4dnsname( $ ) {
|
||||||
my $net = $_[0];
|
my $net = $_[0];
|
||||||
my @addrs;
|
|
||||||
|
|
||||||
fatal_error "Unknown Host ($net)" unless @addrs = gethostbyname( $net );
|
my ( $err, @addr_structs ) = Socket::getaddrinfo( $net, 0, {
|
||||||
|
family => Socket::AF_INET,
|
||||||
|
protocol => Socket::IPPROTO_TCP,
|
||||||
|
} );
|
||||||
|
fatal_error "Unknown Host ($net)" if $err != 0;
|
||||||
|
|
||||||
shift @addrs for (1..4);
|
my @addrs = translate_addr_structs( @addr_structs );
|
||||||
for ( @addrs ) {
|
|
||||||
$_ = ( inet_ntoa( $_ ) );
|
|
||||||
}
|
|
||||||
|
|
||||||
@addrs;
|
@addrs;
|
||||||
}
|
}
|
||||||
@@ -508,15 +507,13 @@ sub validate_6address( $$ ) {
|
|||||||
|
|
||||||
unless ( valid_6address $addr ) {
|
unless ( valid_6address $addr ) {
|
||||||
fatal_error "Invalid IPv6 Address ($addr)" unless $allow_name;
|
fatal_error "Invalid IPv6 Address ($addr)" unless $allow_name;
|
||||||
require Socket6;
|
my ( $err, @addr_structs ) = Socket::getaddrinfo( $addr, 0, {
|
||||||
fatal_error "Unknown Host ($addr)" unless (@addrs = Socket6::gethostbyname2( $addr, Socket6::AF_INET6()));
|
family => Socket::AF_INET6,
|
||||||
|
protocol => Socket::IPPROTO_TCP,
|
||||||
|
} );
|
||||||
|
fatal_error "Unknown Host ($addr)" if $err != 0;
|
||||||
|
|
||||||
if ( defined wantarray ) {
|
@addrs = translate_addr_structs( @addr_structs );
|
||||||
shift @addrs for (1..4);
|
|
||||||
for ( @addrs ) {
|
|
||||||
$_ = Socket6::inet_ntop( Socket6::AF_INET6(), $_ );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
defined wantarray ? wantarray ? @addrs : $addrs[0] : undef;
|
defined wantarray ? wantarray ? @addrs : $addrs[0] : undef;
|
||||||
@@ -524,15 +521,14 @@ sub validate_6address( $$ ) {
|
|||||||
|
|
||||||
sub resolve_6dnsname( $ ) {
|
sub resolve_6dnsname( $ ) {
|
||||||
my $net = $_[0];
|
my $net = $_[0];
|
||||||
my @addrs;
|
|
||||||
|
|
||||||
require Socket6;
|
my ( $err, @addr_structs ) = Socket::getaddrinfo( $net, 0, {
|
||||||
fatal_error "Unknown Host ($net)" unless (@addrs = Socket6::gethostbyname2( $net, Socket6::AF_INET6()));
|
family => Socket::AF_INET6,
|
||||||
|
protocol => Socket::IPPROTO_TCP,
|
||||||
|
} );
|
||||||
|
fatal_error "Unknown Host ($net)" if $err != 0;
|
||||||
|
|
||||||
shift @addrs for (1..4);
|
my @addrs = translate_addr_structs( @addr_structs );
|
||||||
for ( @addrs ) {
|
|
||||||
$_ = Socket6::inet_ntop( Socket6::AF_INET6(), $_ );
|
|
||||||
}
|
|
||||||
|
|
||||||
@addrs;
|
@addrs;
|
||||||
}
|
}
|
||||||
@@ -661,6 +657,19 @@ sub validate_6host( $$ ) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub translate_addr_structs {
|
||||||
|
my @addr_structs = @_;
|
||||||
|
|
||||||
|
my @addrs;
|
||||||
|
foreach my $addr_struct ( @addr_structs ) {
|
||||||
|
my ( $err, $ip_addr ) = Socket::getnameinfo( $addr_struct->{addr},
|
||||||
|
Socket::NI_NUMERICHOST, Socket::NIx_NOSERV );
|
||||||
|
push @addrs, $ip_addr if $err == 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return @addrs;
|
||||||
|
}
|
||||||
|
|
||||||
my %ipv6_icmp_types = ( any => 'any',
|
my %ipv6_icmp_types = ( any => 'any',
|
||||||
'destination-unreachable' => 1,
|
'destination-unreachable' => 1,
|
||||||
'no-route' => '1/0',
|
'no-route' => '1/0',
|
||||||
|
|||||||
@@ -72,6 +72,9 @@ our %flow_keys = ( 'src' => 1,
|
|||||||
# out_bandwidth => <value> ,
|
# out_bandwidth => <value> ,
|
||||||
# number => <number>,
|
# number => <number>,
|
||||||
# classify => 0|1
|
# classify => 0|1
|
||||||
|
# flow => Comma-separated flow tupple
|
||||||
|
# classify => 0|1
|
||||||
|
# pfifo => 0|1
|
||||||
# tablenumber => <next u32 table to be allocated for this device>
|
# tablenumber => <next u32 table to be allocated for this device>
|
||||||
# default => <default class mark value>
|
# default => <default class mark value>
|
||||||
# redirected => [ <dev1>, <dev2>, ... ]
|
# redirected => [ <dev1>, <dev2>, ... ]
|
||||||
@@ -80,6 +83,13 @@ our %flow_keys = ( 'src' => 1,
|
|||||||
# qdisc => htb|hfsc
|
# qdisc => htb|hfsc
|
||||||
# guarantee => <total RATE of classes seen so far>
|
# guarantee => <total RATE of classes seen so far>
|
||||||
# name => <interface>
|
# name => <interface>
|
||||||
|
# filters => [ filter, ... ]
|
||||||
|
# linklayer => <type> (optional)
|
||||||
|
# overhead => <number>
|
||||||
|
# mtu => <number>
|
||||||
|
# tsize => <number>
|
||||||
|
# filterpri => <number> (initially 0)
|
||||||
|
# connmark => 0|1
|
||||||
# }
|
# }
|
||||||
#
|
#
|
||||||
our @tcdevices;
|
our @tcdevices;
|
||||||
@@ -139,12 +149,14 @@ sub initialize( $ ) {
|
|||||||
sub rate_to_kbit( $ ) {
|
sub rate_to_kbit( $ ) {
|
||||||
my $rate = $_[0];
|
my $rate = $_[0];
|
||||||
|
|
||||||
return 0 if $rate eq '-';
|
return 0 if $rate eq '-';
|
||||||
return $1 if $rate =~ /^((\d+)(\.\d+)?)kbit$/i;
|
return $1 if $rate =~ /^((\d+)(\.\d+)?)kbit$/i;
|
||||||
return $1 * 1000 if $rate =~ /^((\d+)(\.\d+)?)mbit$/i;
|
return $1 * 1000 if $rate =~ /^((\d+)(\.\d+)?)mbit$/i;
|
||||||
return $1 * 8000 if $rate =~ /^((\d+)(\.\d+)?)mbps$/i;
|
return $1 * 1000000 if $rate =~ /^((\d+)(\.\d+)?)gbit$/i;
|
||||||
return $1 * 8 if $rate =~ /^((\d+)(\.\d+)?)kbps$/i;
|
return $1 * 8000000 if $rate =~ /^((\d+)(\.\d+)?)gbps$/i;
|
||||||
return ($1/125) if $rate =~ /^((\d+)(\.\d+)?)(bps)?$/;
|
return $1 * 8000 if $rate =~ /^((\d+)(\.\d+)?)mbps$/i;
|
||||||
|
return $1 * 8 if $rate =~ /^((\d+)(\.\d+)?)kbps$/i;
|
||||||
|
return ($1/125) if $rate =~ /^((\d+)(\.\d+)?)(bps)?$/;
|
||||||
fatal_error "Invalid Rate ($rate)";
|
fatal_error "Invalid Rate ($rate)";
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -202,7 +214,7 @@ sub process_in_bandwidth( $ ) {
|
|||||||
} else {
|
} else {
|
||||||
if ( $in_band =~ /:/ ) {
|
if ( $in_band =~ /:/ ) {
|
||||||
( $in_band, $burst ) = split /:/, $in_rate, 2;
|
( $in_band, $burst ) = split /:/, $in_rate, 2;
|
||||||
fatal_error "Invalid burst ($burst)" unless $burst =~ /^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
|
fatal_error "Invalid burst ($burst)" unless $burst =~ /^\d+(k|kb|m|mb|g|gb|gbit|mbit|kbit|b)?$/;
|
||||||
$in_burst = $burst;
|
$in_burst = $burst;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -314,7 +326,7 @@ sub process_simple_device() {
|
|||||||
my $command = "run_tc qdisc add dev $physical root handle $number: tbf rate ${out_bandwidth}kbit";
|
my $command = "run_tc qdisc add dev $physical root handle $number: tbf rate ${out_bandwidth}kbit";
|
||||||
|
|
||||||
if ( supplied $burst ) {
|
if ( supplied $burst ) {
|
||||||
fatal_error "Invalid burst ($burst)" unless $burst =~ /^\d+(?:\.\d+)?(k|kb|m|mb|mbit|kbit|b)?$/;
|
fatal_error "Invalid burst ($burst)" unless $burst =~ /^\d+(?:\.\d+)?(k|kb|m|mb|g|gb|gbit|mbit|kbit|b)?$/;
|
||||||
$command .= " burst $burst";
|
$command .= " burst $burst";
|
||||||
} else {
|
} else {
|
||||||
$command .= ' burst 10kb';
|
$command .= ' burst 10kb';
|
||||||
@@ -330,12 +342,12 @@ sub process_simple_device() {
|
|||||||
$command .= ' mpu 64'; #Assume Ethernet
|
$command .= ' mpu 64'; #Assume Ethernet
|
||||||
|
|
||||||
if ( supplied $peak ) {
|
if ( supplied $peak ) {
|
||||||
fatal_error "Invalid peak ($peak)" unless $peak =~ /^\d+(?:\.\d+)?(k|kb|m|mb|mbit|kbit|b)?$/;
|
fatal_error "Invalid peak ($peak)" unless $peak =~ /^\d+(?:\.\d+)?(k|kb|m|mb|g|gb|gbit|mbit|kbit|b)?$/;
|
||||||
$command .= " peakrate $peak";
|
$command .= " peakrate $peak";
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( supplied $minburst ) {
|
if ( supplied $minburst ) {
|
||||||
fatal_error "Invalid minburst ($minburst)" unless $minburst =~ /^\d+(?:\.\d+)?(k|kb|m|mb|mbit|kbit|b)?$/;
|
fatal_error "Invalid minburst ($minburst)" unless $minburst =~ /^\d+(?:\.\d+)?(k|kb|m|mb|g|gb|gbit|mbit|kbit|b)?$/;
|
||||||
$command .= " minburst $minburst";
|
$command .= " minburst $minburst";
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2392,7 +2404,6 @@ sub setup_tc( $ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ( $config{MANGLE_ENABLED} ) {
|
if ( $config{MANGLE_ENABLED} ) {
|
||||||
|
|
||||||
if ( $convert ) {
|
if ( $convert ) {
|
||||||
my $have_tcrules;
|
my $have_tcrules;
|
||||||
|
|
||||||
|
|||||||
@@ -75,7 +75,6 @@ our @EXPORT = ( qw( NOTHING
|
|||||||
all_interfaces
|
all_interfaces
|
||||||
all_real_interfaces
|
all_real_interfaces
|
||||||
all_plain_interfaces
|
all_plain_interfaces
|
||||||
interface_is_plain
|
|
||||||
all_bridges
|
all_bridges
|
||||||
managed_interfaces
|
managed_interfaces
|
||||||
unmanaged_interfaces
|
unmanaged_interfaces
|
||||||
@@ -178,7 +177,8 @@ our %reservedName = ( all => 1,
|
|||||||
# number => <ordinal position in the interfaces file>
|
# number => <ordinal position in the interfaces file>
|
||||||
# physical => <physical interface name>
|
# physical => <physical interface name>
|
||||||
# base => <shell variable base representing this interface>
|
# base => <shell variable base representing this interface>
|
||||||
# wildcard => undef|1 # Wildcard Name
|
# wildcard => undef|1 # Wildcard Logical Name
|
||||||
|
# physwild => undef|1 # Wildcard Physical Name
|
||||||
# zones => { zone1 => 1, ... }
|
# zones => { zone1 => 1, ... }
|
||||||
# origin => <where defined>
|
# origin => <where defined>
|
||||||
# }
|
# }
|
||||||
@@ -431,9 +431,9 @@ sub initialize( $$ ) {
|
|||||||
loopback => BINARY_IF_OPTION,
|
loopback => BINARY_IF_OPTION,
|
||||||
maclist => SIMPLE_IF_OPTION + IF_OPTION_HOST,
|
maclist => SIMPLE_IF_OPTION + IF_OPTION_HOST,
|
||||||
nets => IPLIST_IF_OPTION + IF_OPTION_ZONEONLY + IF_OPTION_VSERVER,
|
nets => IPLIST_IF_OPTION + IF_OPTION_ZONEONLY + IF_OPTION_VSERVER,
|
||||||
noanycast => SIMPLE_IF_OPTION + IF_OPTION_WILDOK,
|
|
||||||
nodbl => SIMPLE_IF_OPTION,
|
nodbl => SIMPLE_IF_OPTION,
|
||||||
nosmurfs => SIMPLE_IF_OPTION + IF_OPTION_HOST,
|
nosmurfs => SIMPLE_IF_OPTION + IF_OPTION_HOST,
|
||||||
|
omitanycast => SIMPLE_IF_OPTION + IF_OPTION_WILDOK,
|
||||||
optional => SIMPLE_IF_OPTION,
|
optional => SIMPLE_IF_OPTION,
|
||||||
proxyndp => BINARY_IF_OPTION,
|
proxyndp => BINARY_IF_OPTION,
|
||||||
required => SIMPLE_IF_OPTION,
|
required => SIMPLE_IF_OPTION,
|
||||||
@@ -1374,7 +1374,7 @@ sub process_interface( $$ ) {
|
|||||||
$hostoptions{$option} = $value if $hostopt;
|
$hostoptions{$option} = $value if $hostopt;
|
||||||
} elsif ( $type == ENUM_IF_OPTION ) {
|
} elsif ( $type == ENUM_IF_OPTION ) {
|
||||||
if ( $option eq 'arp_ignore' ) {
|
if ( $option eq 'arp_ignore' ) {
|
||||||
fatal_error q(The 'arp_ignore' option may not be used with a wild-card interface name) if $wildcard;
|
fatal_error q(The 'arp_ignore' option may not be used with a wild-card interface name) if $physwild;
|
||||||
if ( defined $value ) {
|
if ( defined $value ) {
|
||||||
if ( $value =~ /^[1-3,8]$/ ) {
|
if ( $value =~ /^[1-3,8]$/ ) {
|
||||||
$options{arp_ignore} = $value;
|
$options{arp_ignore} = $value;
|
||||||
@@ -1491,7 +1491,7 @@ sub process_interface( $$ ) {
|
|||||||
|
|
||||||
if ( $options{bridge} ) {
|
if ( $options{bridge} ) {
|
||||||
require_capability( 'PHYSDEV_MATCH', 'The "bridge" option', 's');
|
require_capability( 'PHYSDEV_MATCH', 'The "bridge" option', 's');
|
||||||
fatal_error "Bridges may not have wildcard names" if $wildcard;
|
fatal_error "Bridges may not have wildcard names" if $physwild;
|
||||||
$hostoptions{routeback} = $options{routeback} = 1 unless supplied $options{routeback};
|
$hostoptions{routeback} = $options{routeback} = 1 unless supplied $options{routeback};
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1721,6 +1721,7 @@ sub known_interface($)
|
|||||||
physical => $physical ,
|
physical => $physical ,
|
||||||
base => $interfaceref->{base} ,
|
base => $interfaceref->{base} ,
|
||||||
wildcard => $interfaceref->{wildcard} ,
|
wildcard => $interfaceref->{wildcard} ,
|
||||||
|
physwild => $interfaceref->{physwild} ,
|
||||||
zones => $interfaceref->{zones} ,
|
zones => $interfaceref->{zones} ,
|
||||||
};
|
};
|
||||||
return $interfaceref;
|
return $interfaceref;
|
||||||
@@ -2400,10 +2401,13 @@ sub generate_all_acasts() {
|
|||||||
my $interfaceref = $interfaces{$interface};
|
my $interfaceref = $interfaces{$interface};
|
||||||
my $physical = $interfaceref->{physical};
|
my $physical = $interfaceref->{physical};
|
||||||
|
|
||||||
|
next if ( $interfaceref->{options}{port} ||
|
||||||
|
$interfaceref->{options}{unmanaged} );
|
||||||
|
|
||||||
if ( $interfaceref->{physwild} ) {
|
if ( $interfaceref->{physwild} ) {
|
||||||
$physical =~ s/\+/*/;
|
$physical =~ s/\+/*/;
|
||||||
|
|
||||||
if ( $interfaceref->{options}{noanycast} ) {
|
if ( $interfaceref->{options}{omitanycast} ) {
|
||||||
if ( $physical eq '*' ) {
|
if ( $physical eq '*' ) {
|
||||||
@wildnoacasts = ( '*' );
|
@wildnoacasts = ( '*' );
|
||||||
} else {
|
} else {
|
||||||
@@ -2417,7 +2421,7 @@ sub generate_all_acasts() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if ( $interfaceref->{options}{noanycast} ) {
|
if ( $interfaceref->{options}{omitanycast} ) {
|
||||||
push @noacasts, $physical;
|
push @noacasts, $physical;
|
||||||
} else {
|
} else {
|
||||||
push @acasts, $physical;
|
push @acasts, $physical;
|
||||||
@@ -2425,16 +2429,16 @@ sub generate_all_acasts() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
unless( @noacasts || @wildnoacasts ) {
|
return 'ALL_ACASTS="$(get_all_acasts)"' unless @noacasts || @wildnoacasts;
|
||||||
emit( 'ALL_ACASTS="$(get_all_acasts)"' );
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
@wildacasts = '*' unless @wildacasts;
|
@wildacasts = '*' unless @wildacasts;
|
||||||
|
|
||||||
emit( 'local iface',
|
emit( "#\n# Populate the ALL_ACASTS variable\n#",
|
||||||
'',
|
'generate_all_acasts()',
|
||||||
'ALL_ACASTS=',
|
'{' );
|
||||||
|
push_indent;
|
||||||
|
|
||||||
|
emit( 'ALL_ACASTS=',
|
||||||
'',
|
'',
|
||||||
'for iface in $(find_all_interfaces1); do' );
|
'for iface in $(find_all_interfaces1); do' );
|
||||||
|
|
||||||
@@ -2467,22 +2471,29 @@ sub generate_all_acasts() {
|
|||||||
|
|
||||||
emit( join( '|', @wildnoacasts) . ')',
|
emit( join( '|', @wildnoacasts) . ')',
|
||||||
' ;;' );
|
' ;;' );
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
@wildacasts = ( '*' );
|
@wildacasts = ( '*' );
|
||||||
}
|
}
|
||||||
|
|
||||||
emit( join( '|', @wildacasts ) . ')',
|
if ( @wildacasts ) {
|
||||||
' if [ -n "$ALL_ACASTS" ]; then',
|
emit( join( '|', @wildacasts ) . ')',
|
||||||
' ALL_ACASTS="$ALL_ACASTS $(get_interface_acasts $iface)"',
|
' if [ -n "$ALL_ACASTS" ]; then',
|
||||||
' else',
|
' ALL_ACASTS="$ALL_ACASTS $(get_interface_acasts $iface)"',
|
||||||
' ALL_ACASTS="$(get_interface_acasts $iface)"',
|
' else',
|
||||||
' fi',
|
' ALL_ACASTS="$(get_interface_acasts $iface)"',
|
||||||
' ;;' );
|
' fi',
|
||||||
|
' ;;' );
|
||||||
|
}
|
||||||
|
|
||||||
pop_indent;
|
pop_indent;
|
||||||
emit( 'esac');
|
emit( 'esac');
|
||||||
pop_indent;
|
pop_indent;
|
||||||
emit( 'done');
|
emit( 'done');
|
||||||
|
pop_indent;
|
||||||
|
emit( "}\n" );
|
||||||
|
|
||||||
|
return 'generate_all_acasts';
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|||||||
@@ -47,7 +47,7 @@
|
|||||||
#
|
#
|
||||||
use strict;
|
use strict;
|
||||||
use FindBin;
|
use FindBin;
|
||||||
use lib "$FindBin::Bin";
|
use lib "$FindBin::Bin"; # Required to allow modules to reside in ${BASEDIR}/Shorewall/
|
||||||
use Shorewall::Compiler;
|
use Shorewall::Compiler;
|
||||||
use Getopt::Long;
|
use Getopt::Long;
|
||||||
|
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
5.2.8-Beta2
|
5.2.8-base
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
# $2 = Yes: check for STARTUP_ENABLED
|
# $2 = Yes: check for STARTUP_ENABLED
|
||||||
# $3 = Yes: Check for LOGFILE
|
# $3 = Yes: Check for LOGFILE
|
||||||
#
|
#
|
||||||
get_config() {
|
std_get_config() {
|
||||||
local prog
|
local prog
|
||||||
local lib
|
local lib
|
||||||
|
|
||||||
@@ -216,6 +216,8 @@ get_config() {
|
|||||||
echo " WARNING: The program specified in SHOREWALL_SHELL does not exist or is not executable; falling back to /bin/sh" >&2
|
echo " WARNING: The program specified in SHOREWALL_SHELL does not exist or is not executable; falling back to /bin/sh" >&2
|
||||||
SHOREWALL_SHELL=/bin/sh
|
SHOREWALL_SHELL=/bin/sh
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
SHOREWALL_SHELL=/bin/sh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "$IP" ]; then
|
if [ -n "$IP" ]; then
|
||||||
@@ -332,7 +334,7 @@ get_config() {
|
|||||||
|
|
||||||
[ -x "$g_pager" ] || fatal_error "PAGER $g_pager is not executable"
|
[ -x "$g_pager" ] || fatal_error "PAGER $g_pager is not executable"
|
||||||
|
|
||||||
g_pager="| $g_pager"
|
g_pager="2>&1 | $g_pager"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@@ -379,36 +381,33 @@ uptodate() {
|
|||||||
[ -x $1 ] || return 1
|
[ -x $1 ] || return 1
|
||||||
|
|
||||||
local dir
|
local dir
|
||||||
local busybox
|
|
||||||
local find
|
local find
|
||||||
|
local quit
|
||||||
|
local maxdepth
|
||||||
|
|
||||||
find=$(mywhich find)
|
find=$(mywhich find)
|
||||||
|
|
||||||
[ -n "${find}" ] || return 1
|
[ -n "${find}" ] || return 1
|
||||||
[ -h "${find}" ] && busybox=Yes
|
|
||||||
find="${find} -L"
|
if [ -h "${find}" ]; then
|
||||||
|
#
|
||||||
|
# 'Find' is provided by Busybox and doesn't support -quit.
|
||||||
|
#
|
||||||
|
quit=
|
||||||
|
else
|
||||||
|
quit=-quit
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$AUTOMAKE" = recursive ]; then
|
||||||
|
maxdepth=
|
||||||
|
elif [ -z "$AUTOMAKE" ]; then
|
||||||
|
maxdepth="-maxdepth 1"
|
||||||
|
else
|
||||||
|
maxdepth="-maxdepth $AUTOMAKE"
|
||||||
|
fi
|
||||||
|
|
||||||
for dir in $g_shorewalldir $(split $CONFIG_PATH); do
|
for dir in $g_shorewalldir $(split $CONFIG_PATH); do
|
||||||
if [ -n "${busybox}" ]; then
|
if [ -n "$(${find} -L ${dir} ${maxdepth} -newer $1 -print ${quit})" ]; then
|
||||||
#
|
|
||||||
# Busybox 'find' doesn't support -quit.
|
|
||||||
#
|
|
||||||
if [ $AUTOMAKE = recursive ]; then
|
|
||||||
if [ -n "$(${find} ${dir} -newer $1 -print)" ]; then
|
|
||||||
return 1;
|
|
||||||
fi
|
|
||||||
elif [ -n "$(${find} ${dir} -maxdepth $AUTOMAKE -type f -newer $1 -print)" ]; then
|
|
||||||
return 1;
|
|
||||||
fi
|
|
||||||
elif [ "$AUTOMAKE" = recursive ]; then
|
|
||||||
if [ -n "$(${find} ${dir} -newer $1 -print -quit)" ]; then
|
|
||||||
return 1;
|
|
||||||
fi
|
|
||||||
elif [ -z "$AUTOMAKE" ]; then
|
|
||||||
if [ -n "$(${find} ${dir} -maxdepth 1 -type f -newer $1 -print -quit)" ]; then
|
|
||||||
return 1;
|
|
||||||
fi
|
|
||||||
elif [ -n "$(${find} ${dir} -maxdepth $AUTOMAKE -type f -newer $1 -print -quit)" ]; then
|
|
||||||
return 1;
|
return 1;
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
@@ -566,7 +565,7 @@ compiler() {
|
|||||||
#
|
#
|
||||||
# Start Command Executor
|
# Start Command Executor
|
||||||
#
|
#
|
||||||
start_command() {
|
std_start_command() {
|
||||||
local finished
|
local finished
|
||||||
finished=0
|
finished=0
|
||||||
local rc
|
local rc
|
||||||
@@ -965,7 +964,7 @@ update_command() {
|
|||||||
#
|
#
|
||||||
# Reload/Restart Command Executor
|
# Reload/Restart Command Executor
|
||||||
#
|
#
|
||||||
restart_command() {
|
std_restart_command() {
|
||||||
local finished
|
local finished
|
||||||
finished=0
|
finished=0
|
||||||
local rc
|
local rc
|
||||||
|
|||||||
@@ -628,7 +628,33 @@ loc eth2 -</programlisting>
|
|||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>noanycast</term>
|
<term><emphasis role="bold">nodbl</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Added in Shorewall 5.0.8. When specified, dynamic
|
||||||
|
blacklisting is disabled on the interface. Beginning with
|
||||||
|
Shorewall 5.0.10, <emphasis role="bold">nodbl</emphasis> is
|
||||||
|
equivalent to <emphasis
|
||||||
|
role="bold">dbl=none</emphasis>.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">nosmurfs</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>IPv4 only. Filter packets for smurfs (packets with a
|
||||||
|
broadcast address as the source).</para>
|
||||||
|
|
||||||
|
<para>Smurfs will be optionally logged based on the setting of
|
||||||
|
SMURF_LOG_LEVEL in <ulink
|
||||||
|
url="shorewall.conf.html">shorewall.conf</ulink>(5). After
|
||||||
|
logging, the packets are dropped.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>omitanycast</term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>IPv6 only. Added in Shorewall 5.2.8.</para>
|
<para>IPv6 only. Added in Shorewall 5.2.8.</para>
|
||||||
@@ -639,12 +665,12 @@ loc eth2 -</programlisting>
|
|||||||
|
|
||||||
<orderedlist numeration="loweralpha">
|
<orderedlist numeration="loweralpha">
|
||||||
<listitem>
|
<listitem>
|
||||||
<para> Packets with these destination IP addresses are
|
<para>Packets with these destination IP addresses are
|
||||||
dropped by REJECT rules.</para>
|
dropped by REJECT rules.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para> Packets with these source IP addresses are dropped
|
<para>Packets with these source IP addresses are dropped
|
||||||
by the 'nosmurfs' interface option and by the 'dropSmurfs'
|
by the 'nosmurfs' interface option and by the 'dropSmurfs'
|
||||||
action.</para>
|
action.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
@@ -677,32 +703,6 @@ loc eth2 -</programlisting>
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis role="bold">nodbl</emphasis></term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>Added in Shorewall 5.0.8. When specified, dynamic
|
|
||||||
blacklisting is disabled on the interface. Beginning with
|
|
||||||
Shorewall 5.0.10, <emphasis role="bold">nodbl</emphasis> is
|
|
||||||
equivalent to <emphasis
|
|
||||||
role="bold">dbl=none</emphasis>.</para>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis role="bold">nosmurfs</emphasis></term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>IPv4 only. Filter packets for smurfs (packets with a
|
|
||||||
broadcast address as the source).</para>
|
|
||||||
|
|
||||||
<para>Smurfs will be optionally logged based on the setting of
|
|
||||||
SMURF_LOG_LEVEL in <ulink
|
|
||||||
url="shorewall.conf.html">shorewall.conf</ulink>(5). After
|
|
||||||
logging, the packets are dropped.</para>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">optional</emphasis></term>
|
<term><emphasis role="bold">optional</emphasis></term>
|
||||||
|
|
||||||
|
|||||||
@@ -207,9 +207,6 @@
|
|||||||
the IP addresses configured on the interface named in the DEST
|
the IP addresses configured on the interface named in the DEST
|
||||||
column and substitute them in this column.</para>
|
column and substitute them in this column.</para>
|
||||||
|
|
||||||
<para>Finally, you may also specify a comma-separated list of
|
|
||||||
ranges and/or addresses in this column.</para>
|
|
||||||
|
|
||||||
<para>DNS Names names are not allowed.</para>
|
<para>DNS Names names are not allowed.</para>
|
||||||
|
|
||||||
<para>Normally, Netfilter will attempt to retain the source
|
<para>Normally, Netfilter will attempt to retain the source
|
||||||
@@ -805,21 +802,16 @@
|
|||||||
<term>IPv4 Example 6:</term>
|
<term>IPv4 Example 6:</term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>SNAT outgoing connections on eth0 from 192.168.1.0/24 in
|
<para>SNAT outgoing connections on eth0 from 192.168.1.0/24 randomly
|
||||||
round-robin fashion between addresses 1.1.1.1, 1.1.1.3, and 1.1.1.9
|
to addresses 1.1.1.1, 1.1.1.3, and 1.1.1.9 (Shorewall 5.0.0 and
|
||||||
(Shorewall 4.5.9 and later).</para>
|
later).</para>
|
||||||
|
|
||||||
<programlisting>/etc/shorewall/tcrules:
|
<programlisting>/etc/shorewall/snat:
|
||||||
|
|
||||||
#ACTION SOURCE DEST PROTO DPORT SPORT USER TEST
|
|
||||||
1-3:CF 192.168.1.0/24 eth0 ; state=NEW
|
|
||||||
|
|
||||||
/etc/shorewall/snat:
|
|
||||||
|
|
||||||
#ACTION SOURCE DEST
|
#ACTION SOURCE DEST
|
||||||
SNAT(1.1.1.1) 192.168.1.0/24 eth0 { mark=1:C }
|
SNAT(1.1.1.1) 192.168.1.0/24 eth0 { probability=0.33 }
|
||||||
SNAT(1.1.1.3) 192.168.1.0/24 eth0 { mark=2:C }
|
SNAT(1.1.1.3) 192.168.1.0/24 eth0 { probability=0.50 }
|
||||||
SNAT(1.1.1.9) 192.168.1.0/24 eth0 { mark=3:C }</programlisting>
|
SNAT(1.1.1.9) 192.168.1.0/24 eth0</programlisting>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|||||||
@@ -54,6 +54,14 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">gbps</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabytes per second.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">kbit</emphasis></term>
|
<term><emphasis role="bold">kbit</emphasis></term>
|
||||||
|
|
||||||
@@ -70,6 +78,14 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">gbit</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabits per second.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">bps</emphasis> or <emphasis
|
<term><emphasis role="bold">bps</emphasis> or <emphasis
|
||||||
role="bold">number</emphasis></term>
|
role="bold">number</emphasis></term>
|
||||||
|
|||||||
@@ -61,6 +61,14 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">gbps</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabytes per second.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">kbit</emphasis></term>
|
<term><emphasis role="bold">kbit</emphasis></term>
|
||||||
|
|
||||||
@@ -77,6 +85,14 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">gbit</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabits per second.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">bps</emphasis> or <emphasis
|
<term><emphasis role="bold">bps</emphasis> or <emphasis
|
||||||
role="bold">number</emphasis></term>
|
role="bold">number</emphasis></term>
|
||||||
|
|||||||
@@ -59,6 +59,14 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">gbps</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabytes per second.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">kbit</emphasis></term>
|
<term><emphasis role="bold">kbit</emphasis></term>
|
||||||
|
|
||||||
@@ -75,6 +83,14 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><emphasis role="bold">gbit</emphasis></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabits per second.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">bps</emphasis> or <emphasis
|
<term><emphasis role="bold">bps</emphasis> or <emphasis
|
||||||
role="bold">number</emphasis></term>
|
role="bold">number</emphasis></term>
|
||||||
@@ -88,7 +104,7 @@
|
|||||||
<term>k or kb</term>
|
<term>k or kb</term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Kilo bytes.</para>
|
<para>Kilobytes.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
@@ -99,6 +115,14 @@
|
|||||||
<para>Megabytes.</para>
|
<para>Megabytes.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>g or gb</term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Gigabytes.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
</variablelist>
|
</variablelist>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ Conflicts=iptables.service firewalld.service
|
|||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
EnvironmentFile=-/etc/sysconfig/shorewall
|
EnvironmentFile=-/etc/sysconfig/shorewall
|
||||||
StandardOutput=syslog
|
StandardOutput=journal
|
||||||
ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall $OPTIONS stop
|
ExecStop=/sbin/shorewall $OPTIONS stop
|
||||||
ExecReload=/sbin/shorewall $OPTIONS reload $RELOADOPTIONS
|
ExecReload=/sbin/shorewall $OPTIONS reload $RELOADOPTIONS
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
#
|
#
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Shorewall IPv4 firewall
|
Description=Shorewall IPv4 firewall
|
||||||
|
Documentation=man:shorewall(8)
|
||||||
Wants=network-online.target
|
Wants=network-online.target
|
||||||
After=network-online.target
|
After=network-online.target
|
||||||
Conflicts=iptables.service firewalld.service
|
Conflicts=iptables.service firewalld.service
|
||||||
@@ -16,7 +17,7 @@ RemainAfterExit=yes
|
|||||||
EnvironmentFile=-/etc/default/shorewall
|
EnvironmentFile=-/etc/default/shorewall
|
||||||
StandardOutput=syslog
|
StandardOutput=syslog
|
||||||
ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall $OPTIONS clear
|
ExecStop=/usr/share/shorewall/stop_service shorewall
|
||||||
ExecReload=/sbin/shorewall $OPTIONS reload $RELOADOPTIONS
|
ExecReload=/sbin/shorewall $OPTIONS reload $RELOADOPTIONS
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|||||||
@@ -149,7 +149,9 @@ if [ $configure -eq 1 ]; then
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
remove_file ${SBINDIR}/$PRODUCT
|
if [ $PRODUCT = shorewall6 ]; then
|
||||||
|
remove_file ${SBINDIR}/shorewall6
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -h ${SHAREDIR}/$PRODUCT/init ]; then
|
if [ -h ${SHAREDIR}/$PRODUCT/init ]; then
|
||||||
FIREWALL=$(readlink -m -q ${SHAREDIR}/$PRODUCT/init)
|
FIREWALL=$(readlink -m -q ${SHAREDIR}/$PRODUCT/init)
|
||||||
|
|||||||
@@ -13,8 +13,8 @@
|
|||||||
|
|
||||||
. /lib/lsb/init-functions
|
. /lib/lsb/init-functions
|
||||||
|
|
||||||
SRWL='/sbin/shorewall6-lite -6'
|
SRWL=/sbin/shorewall
|
||||||
SRWL_OPTS="-tvv"
|
SRWL_OPTS="-6ltvv"
|
||||||
test -n ${INITLOG:=/var/log/shorewall6-lite-init.log}
|
test -n ${INITLOG:=/var/log/shorewall6-lite-init.log}
|
||||||
|
|
||||||
[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
|
[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ Conflicts=ip6tables.service firewalld.service
|
|||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
EnvironmentFile=-/etc/sysconfig/shorewall6-lite
|
EnvironmentFile=-/etc/sysconfig/shorewall6-lite
|
||||||
StandardOutput=syslog
|
StandardOutput=journal
|
||||||
ExecStart=/sbin/shorewall -6l $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall -6l $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall -6l $OPTIONS stop
|
ExecStop=/sbin/shorewall -6l $OPTIONS stop
|
||||||
ExecReload=/sbin/shorewall -6l $OPTIONS reload $RELOADOPTIONS
|
ExecReload=/sbin/shorewall -6l $OPTIONS reload $RELOADOPTIONS
|
||||||
|
|||||||
@@ -5,6 +5,7 @@
|
|||||||
#
|
#
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Shorewall IPv6 firewall (lite)
|
Description=Shorewall IPv6 firewall (lite)
|
||||||
|
Documentation=man:shorewall6-lite(8)
|
||||||
Wants=network-online.target
|
Wants=network-online.target
|
||||||
After=network-online.target
|
After=network-online.target
|
||||||
After=shorewall-lite.service
|
After=shorewall-lite.service
|
||||||
@@ -16,7 +17,7 @@ RemainAfterExit=yes
|
|||||||
EnvironmentFile=-/etc/default/shorewall6-lite
|
EnvironmentFile=-/etc/default/shorewall6-lite
|
||||||
StandardOutput=syslog
|
StandardOutput=syslog
|
||||||
ExecStart=/sbin/shorewall6-lite $OPTIONS start
|
ExecStart=/sbin/shorewall6-lite $OPTIONS start
|
||||||
ExecStop=/sbin/shorewall6-lite $OPTIONS clear
|
ExecStop=/usr/share/shorewall/stop_service shorewall6-lite
|
||||||
ExecReload=/sbin/shorewall6-lite $OPTIONS reload
|
ExecReload=/sbin/shorewall6-lite $OPTIONS reload
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|||||||
@@ -12,8 +12,8 @@
|
|||||||
|
|
||||||
. /lib/lsb/init-functions
|
. /lib/lsb/init-functions
|
||||||
|
|
||||||
SRWL='/sbin/shorewall -6'
|
SRWL=/sbin/shorewall
|
||||||
SRWL_OPTS="-tvv"
|
SRWL_OPTS="-6tvv"
|
||||||
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
|
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
|
||||||
test -n ${INITLOG:=/var/log/shorewall6-init.log}
|
test -n ${INITLOG:=/var/log/shorewall6-init.log}
|
||||||
|
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ Conflicts=ip6tables.service firewalld.service
|
|||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
EnvironmentFile=-/etc/sysconfig/shorewall6
|
EnvironmentFile=-/etc/sysconfig/shorewall6
|
||||||
StandardOutput=syslog
|
StandardOutput=journal
|
||||||
ExecStart=/sbin/shorewall -6 $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall -6 $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall -6 $OPTIONS stop
|
ExecStop=/sbin/shorewall -6 $OPTIONS stop
|
||||||
ExecReload=/sbin/shorewall -6 $OPTIONS reload $RELOADOPTIONS
|
ExecReload=/sbin/shorewall -6 $OPTIONS reload $RELOADOPTIONS
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
#
|
#
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Shorewall IPv6 firewall
|
Description=Shorewall IPv6 firewall
|
||||||
|
Documentation=man:shorewall6(8)
|
||||||
Wants=network-online.target
|
Wants=network-online.target
|
||||||
After=network-online.target
|
After=network-online.target
|
||||||
After=shorewall.service
|
After=shorewall.service
|
||||||
@@ -17,7 +18,7 @@ RemainAfterExit=yes
|
|||||||
EnvironmentFile=-/etc/default/shorewall6
|
EnvironmentFile=-/etc/default/shorewall6
|
||||||
StandardOutput=syslog
|
StandardOutput=syslog
|
||||||
ExecStart=/sbin/shorewall -6 $OPTIONS start $STARTOPTIONS
|
ExecStart=/sbin/shorewall -6 $OPTIONS start $STARTOPTIONS
|
||||||
ExecStop=/sbin/shorewall -6 $OPTIONS clear
|
ExecStop=/usr/share/shorewall/stop_service shorewall6
|
||||||
ExecReload=/sbin/shorewall -6 $OPTIONS reload $RELOADOPTIONS
|
ExecReload=/sbin/shorewall -6 $OPTIONS reload $RELOADOPTIONS
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|||||||
@@ -39,7 +39,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -41,7 +41,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -31,7 +31,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled <quote>
|
Texts. A copy of the license is included in the section entitled <quote>
|
||||||
<ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink>
|
<ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink>
|
||||||
</quote>.</para>
|
</quote>.</para>
|
||||||
|
|||||||
@@ -56,7 +56,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled <quote>
|
Texts. A copy of the license is included in the section entitled <quote>
|
||||||
<ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink>
|
<ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink>
|
||||||
</quote>.</para>
|
</quote>.</para>
|
||||||
@@ -2458,4 +2458,4 @@ loc $FW ACCEPT </programlisting>
|
|||||||
avec les deux politiques fix<69>es ci-dessus.</para>
|
avec les deux politiques fix<69>es ci-dessus.</para>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
</article>
|
</article>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -47,7 +47,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -56,7 +56,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
@@ -712,4 +712,4 @@ tar -xzvf /mnt/package2.lrp
|
|||||||
<para>Voir <quote><ulink url="fallback.htm">Fallback and
|
<para>Voir <quote><ulink url="fallback.htm">Fallback and
|
||||||
Uninstall</ulink></quote>.</para>
|
Uninstall</ulink></quote>.</para>
|
||||||
</section>
|
</section>
|
||||||
</article>
|
</article>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink type="" url="Copyright.htm">GNU Free Documentation
|
<quote><ulink type="" url="Copyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -30,7 +30,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -41,7 +41,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -39,7 +39,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -30,7 +30,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -43,7 +43,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -31,7 +31,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
@@ -547,6 +547,18 @@
|
|||||||
<command>remote-reload</command> command (e.g., <command>shorewall
|
<command>remote-reload</command> command (e.g., <command>shorewall
|
||||||
remote-reload -c gateway</command>).</para>
|
remote-reload -c gateway</command>).</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Shorewall6-lite works with Shorewall6 in the same way that
|
||||||
|
Shorewall-lite works with Shorewall. Beginning with Shorewall
|
||||||
|
5.0.0, running 'shorewall <cmd>" is the same as running
|
||||||
|
"shorewall-lite <cmd>" when Shorewall is not installed.. To
|
||||||
|
continue to use the "shorewall6" command after switching to
|
||||||
|
Shoerwall6-lite, you need to add this to your .profile (or to
|
||||||
|
.bashrc if root's shell is bash):</para>
|
||||||
|
|
||||||
|
<programlisting> alias shorewall6=shorewall6-lite</programlisting>
|
||||||
|
</listitem>
|
||||||
</orderedlist>
|
</orderedlist>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -31,7 +31,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -25,7 +25,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled
|
Texts. A copy of the license is included in the section entitled
|
||||||
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
||||||
License</ulink></quote>.</para>
|
License</ulink></quote>.</para>
|
||||||
|
|||||||
@@ -29,7 +29,7 @@
|
|||||||
<para>Permission is granted to copy, distribute and/or modify this
|
<para>Permission is granted to copy, distribute and/or modify this
|
||||||
document under the terms of the GNU Free Documentation License, Version
|
document under the terms of the GNU Free Documentation License, Version
|
||||||
1.2 or any later version published by the Free Software Foundation; with
|
1.2 or any later version published by the Free Software Foundation; with
|
||||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
||||||
Texts. A copy of the license is included in the section entitled <quote>
|
Texts. A copy of the license is included in the section entitled <quote>
|
||||||
<ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink>
|
<ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink>
|
||||||
</quote>.</para>
|
</quote>.</para>
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user