- All other examples already correct (--tos, --state)
- Went from deprecated in iptables 1.4.3 (Mar 2009)
to not working in iptables 1.4.13 (Jul 2011)
- Thanks to Alexander Prokopyev
- Variables that can now be set by environment variables:
FIREHOL_ESTABLISHED_ACTIVATION_ACCEPT
FIREHOL_FORWARD_ACTIVATION_POLICY
FIREHOL_INPUT_ACTIVATION_POLICY
FIREHOL_OUTPUT_ACTIVATION_POLICY
FIREHOL_AUTOSAVE
FIREHOL_LOAD_KERNEL_MODULES
FIREHOL_NAT
FIREHOL_ROUTING
- This can still _only_ be set by an environment variable:
WAIT_FOR_IFACE
With the following additional choices, firehol can be made to run
on an openwrt system:
awk if gawk is not available
insmod if modprobe is not available
nothing if renice is not available
Via Tomas Jacik <tomas.jacik@sunfox.cz>
- added ipv6 regex while searching for RESERVED adresses
- fixed msn port
- added OpenVPN port
- added Nagios NRPE daemon port
- added default firehol setting probing for debian based systems
- added wizzard support wlan
- added wait for interface feature
Unlike the original patch, this does not source /etc/default/firehol,
instead we honour the WAIT_FOR_IFACE environment variable if it is set.
The debian init script needs to export it, as it does for the sanewall
package.
Using a combination of git attributes, ident and export-subst.
- Scripts use Format: to emit tag or commit when exported
or file Id if direct from git
- configure script uses same mechanisms but cannot do a make dist
- Brought bolierplate in line for both scripts
- Use Official GPL stanza in firehol.in
From: Jari Aalto <jari.aalto@cante.net>
- Point to the mailing list for announcements
- Single copy of the version information boilerplate
Conflicts:
sbin/firehol.in
- Can still be installed just by copying firehol/firehol.in
- CVS versions will not work any longer, so now following
http://semver.org/
- Git commit hooks included to enforce version numbering
across the various files, NEWS, ChangeLog, configure.ac and
sbin/firehol.in
- Replace HTML website copy with DocBook manual