More snat documentation changes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2025-01-09 15:18:12 +01:00 · 2016-10-28 14:56:44 -07:00 · 2016-10-28 14:56:44 -07:00 · 174f46f3e6
commit 174f46f3e6
parent 4d77d673e8
3 changed files with 41 additions and 11 deletions
--- a/docs/shorewall_setup_guide.xml
+++ b/docs/shorewall_setup_guide.xml
@ -1373,8 +1373,9 @@ Destination    Gateway     Genmask         Flags MSS Window irtt Iface

          <member>SNAT is configured in Shorewall using the <filename><ulink
          url="manpages/shorewall-masq.html">/etc/shorewall/masq</ulink></filename>
-          file (/etc/shorewall/snat when running Shorewall 5.0.14 or
-          later):</member>
+          file (<ulink
+          url="manpages/shorewall-snat.html">/etc/shorewall/snat</ulink> when
+          running Shorewall 5.0.14 or later):</member>
        </simplelist>

        <programlisting>#INTERFACE     SOURCE               ADDRESS
--- a/docs/three-interface.xml
+++ b/docs/three-interface.xml
@ -194,6 +194,17 @@
 /usr/share/doc/packages/shorewall/Samples/three-interfaces/policy
 /usr/share/doc/packages/shorewall/Samples/three-interfaces/rules
 /usr/share/doc/packages/shorewall/Samples/three-interfaces/zones
+~#</programlisting>
+
+        <para>When running Shorewall 5.0.14 or later:</para>
+
+        <programlisting>~# rpm -ql shorewall | fgrep three-interfaces
+/usr/share/doc/packages/shorewall/Samples/three-interfaces
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/interfaces
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/policy
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/rules
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/snat
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/zones
 ~#</programlisting>
      </listitem>

@ -667,14 +678,18 @@ root@lists:~# </programlisting>

    <para><inlinegraphic fileref="images/BD21298_.gif" format="GIF"/></para>

-    <para>If your external IP is static, you can enter it in the third column
-    in the <filename
+    <para>If your external <acronym>IP</acronym> is static then, if you are
+    running Shorewall 5.0.13 or earlier, you can enter our static IP in the
+    third column in the <filename
    class="directory">/etc/shorewall/</filename><filename>masq</filename>
    entry if you like although your firewall will work fine if you leave that
-    column empty. Entering your static IP in column 3 makes processing
-    outgoing packets a little more efficient. When running Shorewall 5.0.14 or
-    later, the rule in /etc/shorewall/snat must be change from a MASQUERADE
-    rule to an SNAT rule.</para>
+    column empty (Masquerade). Entering your static <acronym>IP</acronym> in
+    column 3 (SNAT) makes the processing of outgoing packets a little more
+    efficient.</para>
+
+    <para>When running Shorewall 5.0.14 or later, the rule in
+    /etc/shorewall/snat must be change from a MASQUERADE rule to an SNAT
+    rule.</para>

    <programlisting>#ACTION                      SOURCE                DEST         PROTO      PORT
 <emphasis role="bold">SNAT(<replaceable>static-ip</replaceable>)</emphasis>              ...</programlisting>
--- a/docs/two-interface.xml
+++ b/docs/two-interface.xml
@ -172,6 +172,17 @@
 /usr/share/doc/packages/shorewall/Samples/two-interfaces/policy
 /usr/share/doc/packages/shorewall/Samples/two-interfaces/rules
 /usr/share/doc/packages/shorewall/Samples/two-interfaces/zones
+~#</programlisting>
+
+            <para>When running Shorewall 5.0.14 or later:</para>
+
+            <programlisting>~# rpm -ql shorewall | fgrep three-interfaces
+/usr/share/doc/packages/shorewall/Samples/three-interfaces
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/interfaces
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/policy
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/rules
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/snat
+/usr/share/doc/packages/shorewall/Samples/three-interfaces/zones
 ~#</programlisting>
          </listitem>

@ -618,13 +629,16 @@ root@lists:~# </programlisting>

    <para><inlinegraphic fileref="images/BD21298_.gif" format="GIF"/></para>

-    <para>If your external <acronym>IP</acronym> is static, you can enter it
-    in the third column in the <filename
+    <para>If your external <acronym>IP</acronym> is static then, if you are
+    running Shorewall 5.0.13 or earlier, you can enter our static IP in the
+    third column in the <filename
    class="directory">/etc/shorewall/</filename><filename>masq</filename>
    entry if you like although your firewall will work fine if you leave that
    column empty (Masquerade). Entering your static <acronym>IP</acronym> in
    column 3 (SNAT) makes the processing of outgoing packets a little more
-    efficient. When running Shorewall 5.0.14 or later, the rule in
+    efficient.</para>
+
+    <para>When running Shorewall 5.0.14 or later, the rule in
    /etc/shorewall/snat must be change from a MASQUERADE rule to an SNAT
    rule.</para>