[Routingtools-cvs] tools/rc.d firewall,1.31,1.32 shaper,1.29,1.30

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/routingtools/tools/rc.d
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20877/rc.d

Modified Files:
	firewall shaper 
Log Message:
- Removed CVS-Tags in files as it will confuse branching and merging as
  planned for the future of this project


Index: firewall
===================================================================
RCS file: /cvsroot/routingtools/tools/rc.d/firewall,v
retrieving revision 1.31
retrieving revision 1.32
diff -C2 -d -r1.31 -r1.32
*** firewall	18 Jun 2004 19:37:19 -0000	1.31
--- firewall	26 Jul 2005 19:45:58 -0000	1.32
***************
*** 3,8 ****
  # Modifications allowed - see GPL.
  #
- # $Id$
- #
  # Author:  Kai Krakow <hur...@ka...>, 1998-2002
  #          http://www.kaishome.de/
--- 3,6 ----
***************
*** 351,466 ****
  test "$return" = "$rc_done" || exit 1
  exit 0
- 
- #-----------------------------------------------------------------------------
- #
- # $Source$
- #
- # $Log$
- # Revision 1.31  2004/06/18 19:37:19  hurikhan
- # * Only load ipt_unclean in kernel 2.4, skip otherwise (detected by uname)
- #
- # Revision 1.30  2004/06/18 17:49:10  hurikhan
- # * include new SuSE init script semantics
- #
- # Revision 1.29  2004/06/08 13:11:54  hurikhan
- # - improve RedHat detection (fresh installs of newer SuSE version was incorrectly detected)
- #
- # Revision 1.28  2004/02/13 17:51:27  hurikhan
- # - changed rp_filter behavior
- # - made use of iptables module for using shorthand --syn instead of specifying long --tcp-flags
- #
- # Revision 1.27  2003/11/15 13:20:54  hurikhan
- # - block unclean packets in first place so they never get forwarded to
- #   NAT client, even if they belong to a known established connection
- #
- # Revision 1.26  2003/11/12 23:18:35  hurikhan
- # - tuned reject icmp messages
- # - added a connection rate limiter
- # - ability to block hostile hosts/nets
- #
- # Revision 1.25  2003/09/23 09:43:11  hurikhan
- # - added mss clamping to forwarding rules to make big packets passing the
- #   NAT router successfully
- #
- # Revision 1.24  2003/08/24 12:38:43  hurikhan
- # - added IPSec to firewall rules
- #
- # Revision 1.23  2003/04/19 21:48:40  hurikhan
- # - policy should be applied to outgoing packets to work ;-)
- #
- # Revision 1.22  2003/04/11 17:26:34  hurikhan
- # - typo
- #
- # Revision 1.21  2003/04/11 16:55:24  hurikhan
- # - changed logging
- #
- # Revision 1.20  2003/04/11 16:46:48  hurikhan
- # - more stateful connection tracking
- #
- # Revision 1.19  2003/04/11 16:23:47  hurikhan
- # - added connection tracking
- # - inserted a rule to drop new connections without SYN set
- #
- # Revision 1.18  2003/04/05 17:29:21  hurikhan
- # - open NAT server ports on firewall
- #
- # Revision 1.17  2003/04/04 17:55:07  hurikhan
- # - MAC matching should work now
- #
- # Revision 1.16  2003/04/04 17:44:04  hurikhan
- # - delete LogForward rule on "service stop"
- #
- # Revision 1.15  2003/04/04 17:40:00  hurikhan
- # - fixed a typo
- #
- # Revision 1.14  2003/04/04 12:38:47  hurikhan
- # - added forward blocking based on MAC address
- # - added to use some yet unused config values
- #
- # Revision 1.13  2003/04/04 11:44:16  hurikhan
- # - ooops, removed too much
- #
- # Revision 1.12  2003/03/18 20:35:12  hurikhan
- # - splitted configuration and init scripts
- #
- # Revision 1.11  2002/12/21 13:17:17  hurikhan
- # - moved mangle table status to shaper script
- #
- # Revision 1.10  2002/12/21 12:59:01  hurikhan
- # - added meta info to be used with RedHat's chkconfig
- #
- # Revision 1.9  2002/12/16 02:31:09  deelkar
- # - added missing status output of mangle table
- #
- # Revision 1.8  2002/12/14 14:49:48  hurikhan
- # - removed "ftp-data" from list of opened ports (should be handled by the
- #   state module)
- #
- # Revision 1.7  2002/12/10 22:13:43  hurikhan
- # - removed accept filter for icmp as firewall is stateful (icmp errors of
- #   related connections are always accepted)
- #
- # Revision 1.6  2002/12/03 21:26:06  hurikhan
- # - do not status mangle table, will be used by new htb traffic shaper
- #
- # Revision 1.5  2002/12/03 21:08:56  hurikhan
- # - retabbed status section (tab width 4)
- #
- # Revision 1.4  2002/12/02 09:26:44  deelkar
- # - added "status" option
- #
- # Revision 1.3  2002/11/15 21:34:28  hurikhan
- # - do not invoke 'tr' command
- #
- # Revision 1.2  2002/11/15 20:44:39  hurikhan
- # - renamed configuration values (more descriptive now)
- # - support for multiple nat servers
- # - added more configuration values (not working currently)
- # 	- list of opened ports
- # 	- list of rejected ports
- # 	- list of trusted hosts
- #
- # Revision 1.1  2002/10/28 09:30:40  hurikhan
- # - first version checkin
- #
- #-----------------------------------------------------------------------------
--- 349,350 ----

Index: shaper
===================================================================
RCS file: /cvsroot/routingtools/tools/rc.d/shaper,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** shaper	25 Jun 2005 15:06:54 -0000	1.29
--- shaper	26 Jul 2005 19:45:58 -0000	1.30
***************
*** 3,11 ****
  # Modifications allowed - see GPL.
  #
- # $Id$
- #
- # Version: 1.0.0
- # - first HTB implementation
- #
  ### BEGIN INIT INFO
  # Provides:          shaper
--- 3,6 ----
***************
*** 285,393 ****
  test "$return" = "$rc_done" || exit 1
  exit 0
- 
- #-----------------------------------------------------------------------------
- #
- # $Source$
- #
- # $Log$
- # Revision 1.29  2005/06/25 15:06:54  hurikhan
- # * Tune device queue len for better packet control to about 5 secs length
- #
- # Revision 1.28  2005/05/26 20:56:11  hurikhan
- # - fixed the packet markers to classify all tcp packets correctly that are
- #   needed for the 3-way tcp connection handshake
- # - this leads to highly improved p2p filesharing performance
- # - tuned the default bandwidth settings a little bit
- #
- # Revision 1.27  2004/06/18 17:49:10  hurikhan
- # * include new SuSE init script semantics
- #
- # Revision 1.26  2004/06/08 13:11:54  hurikhan
- # - improve RedHat detection (fresh installs of newer SuSE version was incorrectly detected)
- #
- # Revision 1.25  2004/02/13 17:41:55  hurikhan
- # - do not use tcp timestamps (reduces packet size and is useless here)
- # - enable tcp window scaling for more performance
- #
- # Revision 1.24  2004/01/19 18:25:13  hurikhan
- # - reworked packet marking filter (thus reducing DSL modem lockups I had)
- # - tuned shaper settings
- # - reworked bandwidth tree
- #
- # Revision 1.23  2003/04/17 06:20:14  hurikhan
- # - do not remark already marked packets (this seems to be
- #   the long awaited performance boost)
- #
- # Revision 1.22  2003/04/16 18:17:46  hurikhan
- # - disabled ECN as it is still problematic with some routers out there
- # - tuned the priority classes
- #
- # Revision 1.21  2003/04/08 06:22:09  hurikhan
- # - changed some filter settings
- # - changed rule order
- #
- # Revision 1.20  2003/04/07 13:00:18  hurikhan
- # - ignore other TCP flags when checking (only look at RST|SYN|ACK)
- #
- # Revision 1.19  2003/04/07 12:56:55  hurikhan
- # - added more TCP flags to be checked (SYN, ACK, SYNACK, RST)
- #
- # Revision 1.18  2003/04/07 12:22:17  hurikhan
- # - really match ACK instead of tcp packet size <64
- #
- # Revision 1.17  2003/04/05 21:43:06  hurikhan
- # - respect TOS field in filter rules for shaping
- #
- # Revision 1.16  2003/04/05 21:33:03  hurikhan
- # - tuned the settings a little bit more
- #
- # Revision 1.15  2003/04/05 21:25:39  hurikhan
- # - added to handle tcp and udp ports in shaper
- #
- # Revision 1.14  2003/04/05 21:06:05  hurikhan
- # - completed ingress policing
- #
- # Revision 1.13  2003/04/05 19:53:37  hurikhan
- # - prepared inclusion of ingress policing (not working yet)
- #
- # Revision 1.12  2003/04/04 17:38:57  hurikhan
- # - added "" around $ISDN_SLAVE in if clause
- #
- # Revision 1.11  2003/03/23 22:00:06  hurikhan
- # - added SFQ to class tree
- #
- # Revision 1.10  2003/03/18 20:35:14  hurikhan
- # - splitted configuration and init scripts
- #
- # Revision 1.9  2003/01/30 17:54:47  deelkar
- # - squashed another bug in the ISDN part
- #
- # Revision 1.8  2003/01/30 16:54:16  deelkar
- #  - fixed dumb typo bug
- #
- # Revision 1.7  2003/01/30 16:38:39  deelkar
- #  - added rudimentary channelbundling support, currently untested,
- #    needs a restart of the shaper every time the slave device is
- #    connected/disconnected.
- #
- # Revision 1.6  2002/12/21 13:17:17  hurikhan
- # - moved mangle table status to shaper script
- #
- # Revision 1.5  2002/12/21 12:59:01  hurikhan
- # - added meta info to be used with RedHat's chkconfig
- #
- # Revision 1.4  2002/12/04 17:25:08  hurikhan
- # - replaced IPCHAINS with IPTABLES ;-)
- #
- # Revision 1.3  2002/12/04 17:24:04  hurikhan
- # - remove iptable on shutdown
- # - changed one comment header
- #
- # Revision 1.2  2002/12/04 17:17:46  hurikhan
- # - added NNTP as interactive traffic
- # - changed file sharing ports
- #
- # Revision 1.1  2002/12/04 01:17:48  hurikhan
- # - added first version of HTB traffic shaper
- #
- #-----------------------------------------------------------------------------
--- 280,281 ----