Initial client code and rules for Linux firewalls
Made the following changes to the clientside code to support Linux firewalls: - Made os_fwconfig_line() actually do something. - getfwconfig() adds an 'IPS' hash to the fwinfo hash. This contains the IP address for each host, much like how the 'MACS' hash contains the MAC address for each host. This is needed because ebtables (which is needed for ARP proxying) doesn't resolve hostnames. Rules are stored in firewall/iptables-fw-rules. Syntax is similar to fw-rules, but without the rule number (since iptables doesn't use rule numbers). These should be equivalent to our ipfw-based rules, but I haven't tested every case yet to confirm this. I'm sure some changes will be necessary.
Showing with 758 additions and 11 deletions