From 1497029359d50830e34df867486b04f082c4ba37 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Wed, 21 Jan 2009 20:54:00 +0000
Subject: [PATCH] Update FTP article to use current column names

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9320 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 docs/FTP.xml             | 33 +++++++++++++++++----------------
 docs/Modularization.xml  |  6 ++++++
 docs/traffic_shaping.xml | 16 ++++++++--------
 3 files changed, 31 insertions(+), 24 deletions(-)

diff --git a/docs/FTP.xml b/docs/FTP.xml
index 2279e46e9..af5fca1d0 100644
--- a/docs/FTP.xml
+++ b/docs/FTP.xml
@@ -311,9 +311,10 @@ xt_tcpudp               3328  0
     the control connection looking for PASV and PORT commands as well as PASV
     responses. If you run an FTP server on a nonstandard port or you need to
     access such a server, you must therefore let the helpers know by
-    specifying the port in /etc/shorewall/modules entries for the helpers. You
-    should create /etc/shorewall/modules by copying
-    /usr/share/shorewall/modules.<caution>
+    specifying the port in <filename>/etc/shorewall/modules</filename> entries
+    for the helpers. You should create<filename>
+    /etc/shorewall/modules</filename> by copying
+    <filename>/usr/share/shorewall/modules</filename>.<caution>
         <para>You must have modularized FTP connection tracking support in
         order to use FTP on a non-standard port.</para>
       </caution></para>
@@ -375,8 +376,8 @@ options nf_nat_ftp</programlisting>
     <para>Otherwise, for FTP you need exactly <emphasis
     role="bold">one</emphasis> rule:</para>
 
-    <programlisting>#ACTION      SOURCE     DESTINATION    PROTO     PORT(S)    SOURCE      ORIGINAL
-#                                                           PORT(S)     DESTINATION
+    <programlisting>#ACTION      SOURCE     DESTINATION    PROTO     DEST       SOURCE      ORIGINAL
+#                                                PORT(S)    PORT(S)     DESTINATION
 ACCEPT or    &lt;<emphasis>source</emphasis>&gt;   &lt;<emphasis>destination</emphasis>&gt;  tcp       21         -           &lt;external IP addr&gt; if
 DNAT                                                                    ACTION = DNAT</programlisting>
 
@@ -385,10 +386,10 @@ DNAT                                                                    ACTION =
     specific IP address to be forwarded to your server.</para>
 
     <para>Note that you do <emphasis role="bold">NOT </emphasis>need a rule
-    with 20 (ftp-data) in the PORT(S) column. If you post your rules on the
-    mailing list and they show 20 in the PORT(S) column, I will know that you
-    haven't read this article and I will either ignore your post or tell you
-    to RTFM.</para>
+    with 20 (ftp-data) in the DEST PORT(S) column. If you post your rules on
+    the mailing list and they show 20 in the DEST PORT(S) column, we will know
+    that you haven't read this article and will either ignore your post or
+    tell you to RTFM.</para>
 
     <para>Shorewall includes an FTP macro that simplifies creation of FTP
     rules. The macro source is in
@@ -402,14 +403,14 @@ DNAT                                                                    ACTION =
         <para>Suppose that you run an FTP server on 192.168.1.5 in your local
         zone using the standard port (21). You need this rule:</para>
 
-        <programlisting>#ACTION      SOURCE     DESTINATION     PROTO     PORT(S)    SOURCE      ORIGINAL
-#                                                            PORT(S)     DESTINATION
+        <programlisting>#ACTION      SOURCE     DESTINATION     PROTO     DEST       SOURCE      ORIGINAL
+#                                                 PORT(S)    PORT(S)     DESTINATION
 FTP/DNAT      net       loc:192.168.1.5</programlisting>
       </example><example id="Example4">
         <title>Allow your DMZ FTP access to the Internet</title>
 
-        <programlisting>#ACTION      SOURCE     DESTINATION     PROTO     PORT(S)    SOURCE      ORIGINAL
-#                                                            PORT(S)     DESTINATION
+        <programlisting>#ACTION      SOURCE     DESTINATION     PROTO     DEST       SOURCE      ORIGINAL
+#                                                 PORT(S)    PORT(S)     DESTINATION
 FTP/ACCEPT   dmz        net</programlisting>
       </example></para>
 
@@ -423,11 +424,11 @@ FTP/ACCEPT   dmz        net</programlisting>
     <para>I see this problem occasionally with the FTP server in my DMZ. My
     solution is to add the following rule:</para>
 
-    <programlisting>#ACTION      SOURCE     DESTINATION     PROTO     PORT(S)    SOURCE      ORIGINAL
-#                                                            PORT(S)     DESTINATION
+    <programlisting>#ACTION      SOURCE     DESTINATION     PROTO     DEST       SOURCE      ORIGINAL
+#                                                 PORT(S)    PORT(S)     DESTINATION
 ACCEPT:info  dmz        net             tcp       -          20</programlisting>
 
     <para>The above rule accepts and logs all active mode connections from my
     DMZ to the net.</para>
   </section>
-</article>
\ No newline at end of file
+</article>
diff --git a/docs/Modularization.xml b/docs/Modularization.xml
index 52ca063a1..6ff8acbc8 100644
--- a/docs/Modularization.xml
+++ b/docs/Modularization.xml
@@ -231,5 +231,11 @@
         </tbody>
       </tgroup>
     </informaltable>
+
+    <para>Note that in Shorewall 4, the optional libraries (with the exception
+    of <filename>lib.dynamiczones</filename>) are included in the
+    Shorewall-shell package while the required libraries and
+    <filename>lib.dynamiczones</filename> are included in the Shorewall-common
+    package.</para>
   </section>
 </article>
diff --git a/docs/traffic_shaping.xml b/docs/traffic_shaping.xml
index 7d75f5cbc..f966f909c 100644
--- a/docs/traffic_shaping.xml
+++ b/docs/traffic_shaping.xml
@@ -991,6 +991,14 @@ SAVE     0.0.0.0/0      0.0.0.0/0       all        -             -        -
     <section id="Real">
       <title>Real life examples</title>
 
+      <section>
+        <title>A Shorewall User's Experience</title>
+
+        <para>Chuck Kollars has provided <ulink
+        url="http://www.ckollars.org/shaping.html">an excellent
+        writeup</ulink> about his traffic shaping experiences.</para>
+      </section>
+
       <section id="Wondershaper">
         <title>Configuration to replace Wondershaper</title>
 
@@ -1629,14 +1637,6 @@ class htb 1:120 parent 1:1 leaf 120: prio 2 quantum 1900 rate 76000bit ceil 2300
 </programlisting>
   </section>
 
-  <section>
-    <title>A Complete Working Example</title>
-
-    <para>Chuck Kollars has provided <ulink
-    url="http://www.ckollars.org/shaping.html">an excellent writeup</ulink>
-    about his traffic shaping experiences.</para>
-  </section>
-
   <section id="External">
     <title id="tcstart">Using your own tc script</title>