Update of /cvsroot/leaf/src/bering-uclibc4/source/shorewall
In directory sfp-cvsdas-2.v30.ch3.sourceforge.com:/tmp/cvs-serv13137
Modified Files:
buildtool.cfg shorewall-config.diff shorewall-lrp.diff
Log Message:
log to syslog-ng instead of (broken) ulogd
Index: shorewall-config.diff
===================================================================
RCS file:
/cvsroot/leaf/src/bering-uclibc4/source/shorewall/shorewall-config.diff,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** shorewall-config.diff 26 Jun 2010 19:50:58 -0000 1.3
--- shorewall-config.diff 1 Nov 2010 13:11:53 -0000 1.4
***************
*** 1,74 ****
! diff -urN shorewall-4.4.10.orig/configfiles/interfaces
shorewall-4.4.10/configfiles/interfaces
! --- shorewall-4.4.10.orig/configfiles/interfaces 2010-06-09
00:57:45.000000000 +0200
! +++ shorewall-4.4.10/configfiles/interfaces 2010-06-26 10:18:30.000000000
+0200
@@ -8,3 +8,5 @@
#
###############################################################################
#ZONE INTERFACE BROADCAST OPTIONS
! +net eth0 detect dhcp
! +loc eth1 detect dhcp
! diff -urN shorewall-4.4.10.orig/configfiles/policy
shorewall-4.4.10/configfiles/policy
! --- shorewall-4.4.10.orig/configfiles/policy 2010-06-09 00:57:45.000000000
+0200
! +++ shorewall-4.4.10/configfiles/policy 2010-06-26 10:20:17.000000000
+0200
@@ -9,3 +9,11 @@
###############################################################################
#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT:
# LEVEL BURST MASK
! +loc net ACCEPT
! +net all DROP ULOG
! +# If you want open access to the Internet from your Firewall
! +# remove the comment from the following line.
! +#fw net ACCEPT
! +# THE FOLLOWING POLICY MUST BE LAST
! +#
! +all all REJECT ULOG
! diff -urN shorewall-4.4.10.orig/configfiles/zones
shorewall-4.4.10/configfiles/zones
! --- shorewall-4.4.10.orig/configfiles/zones 2010-06-09 00:57:45.000000000
+0200
! +++ shorewall-4.4.10/configfiles/zones 2010-06-18 16:50:41.000000000
+0200
@@ -10,3 +10,6 @@
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
! +net ipv4
! +loc ipv4
! +#dmz ipv4
! diff -urN shorewall-4.4.10.orig/configfiles/rules
shorewall-4.4.10/configfiles/rules
! --- shorewall-4.4.10.orig/configfiles/rules 2010-06-09 00:57:45.000000000
+0200
! +++ shorewall-4.4.10/configfiles/rules 2010-06-26 10:21:00.000000000
+0200
@@ -12,3 +12,28 @@
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW
! +# Accept DNS connections from the firewall to the network
! +# and from the local network to the firewall (in case dnsmasq is
running)
! +DNS/ACCEPT fw net
! +DNS/ACCEPT loc fw
! +
! +# Accept SSH connections from the local network for administration
! +#
! +SSH/ACCEPT loc fw
! +
! +# Allow Ping to Firewall
! +#
! +Ping/ACCEPT net fw
! +Ping/ACCEPT loc fw
! +#
! +# Allow all ICMP types (including ping) from firewall
! +ACCEPT fw loc icmp
! +ACCEPT fw net icmp
! +# Allow local network to access weblet/webconf
! +#
! +HTTP/ACCEPT loc fw
! +HTTPS/ACCEPT loc fw
! +# timeserver (allow syncing with time servers (default: pool.ntp.org))
! +NTP/ACCEPT fw net
! +# timeserver (allow LAN clients to sync with the time service on the router)
! +# NTP/ACCEPT loc fw
! diff -urN shorewall-4.4.10.orig/configfiles/masq
shorewall-4.4.10/configfiles/masq
! --- shorewall-4.4.10.orig/configfiles/masq 2010-06-09 00:57:45.000000000
+0200
! +++ shorewall-4.4.10/configfiles/masq 2010-06-26 10:53:53.000000000 +0200
@@ -9,3 +9,4 @@
###############################################################################
! #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC
MARK USER/
#
GROUP
! +eth0 192.168.1.0/24
--- 1,74 ----
! diff -urN shorewall-4.4.14.orig/configfiles/interfaces
shorewall-4.4.14/configfiles/interfaces
! --- shorewall-4.4.14.orig/configfiles/interfaces 2010-10-28
20:41:38.000000000 +0200
! +++ shorewall-4.4.14/configfiles/interfaces 2010-11-01 14:02:23.668564971
+0100
@@ -8,3 +8,5 @@
#
###############################################################################
#ZONE INTERFACE BROADCAST OPTIONS
! +net eth0 detect dhcp
! +loc eth1 detect dhcp
! diff -urN shorewall-4.4.14.orig/configfiles/policy
shorewall-4.4.14/configfiles/policy
! --- shorewall-4.4.14.orig/configfiles/policy 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/configfiles/policy 2010-11-01 14:03:19.137259196
+0100
@@ -9,3 +9,11 @@
###############################################################################
#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT:
# LEVEL BURST MASK
! +loc net ACCEPT
! +net all DROP info
! +# If you want open access to the Internet from your Firewall
! +# remove the comment from the following line.
! +#fw net ACCEPT
! +# THE FOLLOWING POLICY MUST BE LAST
! +#
! +all all REJECT info
! diff -urN shorewall-4.4.14.orig/configfiles/zones
shorewall-4.4.14/configfiles/zones
! --- shorewall-4.4.14.orig/configfiles/zones 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/configfiles/zones 2010-11-01 14:04:00.533286029
+0100
@@ -10,3 +10,6 @@
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
! +net ipv4
! +loc ipv4
! +#dmz ipv4
! diff -urN shorewall-4.4.14.orig/configfiles/rules
shorewall-4.4.14/configfiles/rules
! --- shorewall-4.4.14.orig/configfiles/rules 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/configfiles/rules 2010-11-01 14:05:20.808595550
+0100
@@ -12,3 +12,28 @@
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW
! +# Accept DNS connections from the firewall to the network
! +# and from the local network to the firewall (in case dnsmasq is
running)
! +DNS/ACCEPT fw net
! +DNS/ACCEPT loc fw
! +
! +# Accept SSH connections from the local network for administration
! +#
! +SSH/ACCEPT loc fw
! +
! +# Allow Ping to Firewall
! +#
! +Ping/ACCEPT net fw
! +Ping/ACCEPT loc fw
! +#
! +# Allow all ICMP types (including ping) from firewall
! +ACCEPT fw loc icmp
! +ACCEPT fw net icmp
! +# Allow local network to access weblet/webconf
! +#
! +HTTP/ACCEPT loc fw
! +HTTPS/ACCEPT loc fw
! +# timeserver (allow syncing with time servers (default: pool.ntp.org))
! +NTP/ACCEPT fw net
! +# timeserver (allow LAN clients to sync with the time service on the router)
! +# NTP/ACCEPT loc fw
! diff -urN shorewall-4.4.14.orig/configfiles/masq
shorewall-4.4.14/configfiles/masq
! --- shorewall-4.4.14.orig/configfiles/masq 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/configfiles/masq 2010-11-01 14:05:33.768600383 +0100
@@ -9,3 +9,4 @@
###############################################################################
! #INTERFACE:DEST SOURCE ADDRESS PROTO PORT(S)
IPSEC MARK USER/
#
GROUP
! +eth0 192.168.1.0/24
Index: buildtool.cfg
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc4/source/shorewall/buildtool.cfg,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** buildtool.cfg 29 Oct 2010 15:08:35 -0000 1.11
--- buildtool.cfg 1 Nov 2010 13:11:53 -0000 1.12
***************
*** 53,57 ****
This is the perl-based version of shorewall.
Homepage: http://www.shorewall.net
! Requires: iptables.lrp ulogd.lrp perl.lrp
LEAF package by __PACKAGER__, __BUILDDATE__
--- 53,57 ----
This is the perl-based version of shorewall.
Homepage: http://www.shorewall.net
! Requires: iptables.lrp perl.lrp
LEAF package by __PACKAGER__, __BUILDDATE__
Index: shorewall-lrp.diff
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc4/source/shorewall/shorewall-lrp.diff,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** shorewall-lrp.diff 31 Oct 2010 17:40:11 -0000 1.6
--- shorewall-lrp.diff 1 Nov 2010 13:11:53 -0000 1.7
***************
*** 1,26 ****
! diff -urN shorewall-4.4.13.orig/configfiles/start
shorewall-4.4.13/configfiles/start
! --- shorewall-4.4.13.orig/configfiles/start 2010-09-21 16:50:13.000000000
+0200
! +++ shorewall-4.4.13/configfiles/start 2010-09-22 07:52:30.457642562
+0200
@@ -10,4 +10,7 @@
# information.
#
###############################################################################
! +for file in /etc/shorewall/start.d/* ; do
! + run_user_exit $file
! +done
return 0
! diff -urN shorewall-4.4.13.orig/configfiles/stop
shorewall-4.4.13/configfiles/stop
! --- shorewall-4.4.13.orig/configfiles/stop 2010-09-21 16:50:13.000000000
+0200
! +++ shorewall-4.4.13/configfiles/stop 2010-09-22 07:52:51.898139541 +0200
@@ -10,3 +10,6 @@
# information.
#
###############################################################################
! +for file in /etc/shorewall/stop.d/* ; do
! + run_user_exit $file
! +done
diff -urN shorewall-4.4.14.orig/init.debian.sh shorewall-4.4.14/init.debian.sh
--- shorewall-4.4.14.orig/init.debian.sh 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/init.debian.sh 2010-10-29 16:57:22.684567020 +0200
@@ -1,70 +1,17 @@
#!/bin/sh
--- 1,27 ----
! diff -urN shorewall-4.4.14.orig/configfiles/start
shorewall-4.4.14/configfiles/start
! --- shorewall-4.4.14.orig/configfiles/start 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/configfiles/start 2010-11-01 13:45:44.748612667
+0100
@@ -10,4 +10,7 @@
# information.
#
###############################################################################
! +for file in /etc/shorewall/start.d/* ; do
! + run_user_exit $file
! +done
return 0
! diff -urN shorewall-4.4.14.orig/configfiles/stop
shorewall-4.4.14/configfiles/stop
! --- shorewall-4.4.14.orig/configfiles/stop 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/configfiles/stop 2010-11-01 13:46:08.552579946 +0100
@@ -10,3 +10,6 @@
# information.
#
###############################################################################
! +for file in /etc/shorewall/stop.d/* ; do
! + run_user_exit $file
! +done
! \ Kein Zeilenumbruch am Dateiende.
diff -urN shorewall-4.4.14.orig/init.debian.sh shorewall-4.4.14/init.debian.sh
--- shorewall-4.4.14.orig/init.debian.sh 2010-10-28 20:41:38.000000000
+0200
! +++ shorewall-4.4.14/init.debian.sh 2010-11-01 13:46:48.264595751 +0100
@@ -1,70 +1,17 @@
#!/bin/sh
------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
leaf-cvs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-cvs-commits
