extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-25 00:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Second cut at removing references to Documentation.htm

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6775 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-07-04 00:18:10 +00:00
parent fe5af63b14
commit 34101c0766
17 changed files with 53 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
docs/FAQ.xml
View File

@ -855,7 +855,7 @@ to debug/develop the newnat interface.</programlisting></para>
<para><emphasis role="bold">Answer</emphasis>: Add the
<firstterm>routeback</firstterm> option to <filename
class="devicefile">br0</filename> in <ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>.</para>
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink>.</para>
<para>For more information on this type of configuration, see the <ulink
url="SimpleBridge.html">Shorewall Simple Bridge
@ -895,8 +895,8 @@ to debug/develop the newnat interface.</programlisting></para>
messages. It always uses the LOG_KERN (kern) facility (see <quote>man
openlog</quote>) and you get to choose the log level (again, see
<quote>man syslog</quote>) in your <ulink
url="Documentation.htm#Policy">policies</ulink> and <ulink
url="Documentation.htm#Rules">rules</ulink>. The destination for
url="manpages/shorewall-policy.html">policies</ulink> and <ulink
url="manpages/shorewall-rules.html">rules</ulink>. The destination for
messages logged by syslog is controlled by
<filename>/etc/syslog.conf</filename> (see <quote>man
syslog.conf</quote>). When you have changed /etc/syslog.conf, be sure to
@ -1159,10 +1159,10 @@ DROP net fw udp 10619</programlisting>
<listitem>
<para>You have a <ulink
url="Documentation.htm#Policy">policy</ulink> that specifies a log
url="manpages/shorewall-policy.html">policy</ulink> that specifies a log
level and this packet is being logged under that policy. If you
intend to ACCEPT this traffic then you need a <ulink
url="Documentation.htm#Rules">rule</ulink> to that effect.</para>
url="manpages/shorewall-rules.html">rule</ulink> to that effect.</para>
<para>Beginning with Shorewall 3.3.3, packets logged out of these
chains may have a source and/or destination that is not in any
@ -1177,11 +1177,11 @@ DROP net fw udp 10619</programlisting>
<listitem>
<para>Either you have a <ulink
url="Documentation.htm#Policy">policy</ulink> for <emphasis
url="manpages/shorewall-policy.html">policy</ulink> for <emphasis
role="bold">&lt;zone1&gt;</emphasis> to <emphasis
role="bold">&lt;zone2&gt;</emphasis> that specifies a log level
and this packet is being logged under that policy or this packet
matches a <ulink url="Documentation.htm#Rules">rule</ulink> that
matches a <ulink url="manpages/shorewall-rules.html">rule</ulink> that
includes a log level.</para>
</listitem>
</varlistentry>
@ -1207,7 +1207,7 @@ DROP net fw udp 10619</programlisting>
<listitem>
<para>The packet is being logged under the <emphasis
role="bold">maclist</emphasis> <ulink
url="Documentation.htm#Interfaces">interface
url="manpages/shorewall-interfaces.html">interface
option</ulink>.</para>
</listitem>
</varlistentry>
@ -1218,7 +1218,7 @@ DROP net fw udp 10619</programlisting>
<listitem>
<para>The packet is being logged under the <emphasis
role="bold">logunclean</emphasis> <ulink
url="Documentation.htm#Interfaces">interface
url="manpages/shorewall-interfaces.html">interface
option</ulink>.</para>
</listitem>
</varlistentry>
@ -1229,7 +1229,7 @@ DROP net fw udp 10619</programlisting>
<listitem>
<para>The packet is being logged under the <emphasis
role="bold">dropunclean</emphasis> <ulink
url="Documentation.htm#Interfaces">interface option</ulink> as
url="manpages/shorewall-interfaces.html">interface option</ulink> as
specified in the <emphasis role="bold">LOGUNCLEAN</emphasis>
setting in <ulink url="Documentation.htm#Conf">
<filename>/etc/shorewall/shorewall.conf</filename>
@ -1260,7 +1260,7 @@ DROP net fw udp 10619</programlisting>
interfaces are the same, then you probably need the <emphasis
role="bold">routeback</emphasis> option on that interface in
<filename> <ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink>
</filename> or you need the <emphasis
role="bold">routeback</emphasis> option in the relevant entry in
<filename> <ulink
@ -1294,7 +1294,7 @@ DROP net fw udp 10619</programlisting>
<listitem>
<para>The packet is being logged because it failed the checks
implemented by the <emphasis role="bold">tcpflags</emphasis>
<ulink url="Documentation.htm#Interfaces">interface
<ulink url="manpages/shorewall-interfaces.html">interface
option</ulink>.</para>
</listitem>
</varlistentry>
@ -1607,7 +1607,7 @@ Creating input Chains...
connected through eth0 and the local zone is defined as all hosts
connected through <filename class="devicefile">eth1</filename>. If you
are running Shorewall 1.4.10 or later, you can consider setting the
<ulink url="Documentation.htm#Interfaces"> <emphasis
<ulink url="manpages/shorewall-interfaces.html"> <emphasis
role="bold">detectnets</emphasis> interface option</ulink> on your local
interface (<filename class="devicefile">eth1</filename> in the above
example). That will cause Shorewall to restrict the local zone to only
@ -1878,7 +1878,7 @@ iptables: Invalid argument
url="blacklisting_support.htm">blacklisting</ulink> facility.
Shorewall versions 2.0.0 and later filter these packets under the
<firstterm>nosmurfs</firstterm> interface option in <ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>.</para>
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink>.</para>
</listitem>
</varlistentry>
@ -1888,7 +1888,7 @@ iptables: Invalid argument
<listitem>
<para><emphasis role="bold">Answer</emphasis>: Yes, if the <ulink
url="Documentation.htm#Interfaces">routefilter interface
url="manpages/shorewall-interfaces.html">routefilter interface
option</ulink> is selected.</para>
</listitem>
</varlistentry>

8
docs/Introduction.xml
View File

@ -150,7 +150,7 @@ dmz ipv4
<para>The simplest way to define the hosts in a zone is to associate the
zone with a network interface using the <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>
file. In the three-interface sample, the three zones are defined using
that file as follows:</para>
@ -165,7 +165,7 @@ dmz eth2 detect</programlisting>
important to note that the composition of a zone is defined in terms of a
combination of addresses <emphasis role="bold">and</emphasis> interfaces.
When using the <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>
file to define a zone, all addresses are included; when you want to define
a zone that contains a limited subset of the IPv4 address space, you use
the <ulink
@ -177,7 +177,7 @@ dmz eth2 detect</programlisting>
<listitem>
<para>You express your default policy for connections from one zone
to another zone in the <ulink
url="Documentation.htm#Policy"><filename
url="manpages/shorewall-policy.html"><filename
class="directory">/etc/shorewall/</filename><filename>policy</filename></ulink>
file. The basic choices for policy are:</para>
@ -203,7 +203,7 @@ dmz eth2 detect</programlisting>
<listitem>
<para>You define exceptions to these default policies in the <ulink
url="Documentation.htm#Rules"><filename
url="manpages/shorewall-rules.html"><filename
class="directory">/etc/shorewall/</filename><filename>rules</filename></ulink>
file.</para>
</listitem>

2
docs/MAC_Validation.xml
View File

@ -79,7 +79,7 @@
<listitem>
<para>The <emphasis role="bold">maclist</emphasis> interface option in
<ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>.
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink>.
When this option is specified, all new connection requests arriving on
the interface are subject to MAC verification.</para>
</listitem>

2
docs/Macros.xml
View File

@ -53,7 +53,7 @@
<para>Shorewall macros allow a symbolic name to be associated with a
series of one or more iptables rules. The symbolic name may appear in the
ACTION column of an <filename><ulink
url="Documentation.htm#Rules">/etc/shorewall/rules</ulink></filename> file
url="manpages/shorewall-rules.html">/etc/shorewall/rules</ulink></filename> file
entry and in the TARGET column of an action in which case, the traffic
matching that rules file entry will be passed to the series of iptables
rules named by the macro.</para>

2
docs/NAT.xml
View File

@ -48,7 +48,7 @@
<para><emphasis role="bold">If all you want to do is forward ports to
servers behind your firewall, you do NOT want to use one-to-one NAT.
Port forwarding can be accomplished with simple entries in the <ulink
url="Documentation.htm#Rules">rules file</ulink>.</emphasis></para>
url="manpages/shorewall-rules.html">rules file</ulink>.</emphasis></para>
</important>
<para>One-to-one NAT is a way to make systems behind a firewall and

2
docs/OPENVPN.xml
View File

@ -426,7 +426,7 @@ verb 3</programlisting>
<listitem>
<para>Specify the <emphasis role="bold">routeback</emphasis> option on
the <filename class="devicefile">tun+</filename> device in <ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>.</para>
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink>.</para>
</listitem>
</orderedlist>

2
docs/blacklisting_support_ru.xml
View File

@ -98,7 +98,7 @@
<para>Интерфейсы, для которых входящие пакеты проверяются на соответствие чёрному списку, задаются с помощью опции
<quote>blacklist</quote>
в файле <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>.</para>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>.</para>
</listitem>
<listitem>

12
docs/dhcp.xml
View File

@ -57,7 +57,7 @@
<listitem>
<para>Specify the <quote>dhcp</quote> option on each interface to be
served by your server in the <filename><ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink></filename>
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink></filename>
file. This will generate rules that will allow DHCP to and from your
firewall system.</para>
</listitem>
@ -84,7 +84,7 @@
<listitem>
<para>Specify the <quote>dhcp</quote> option for this interface in the
<ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>
file.&nbsp;This will generate rules that will allow DHCP to and from
your firewall system.</para>
</listitem>
@ -93,7 +93,7 @@
<para>If you know that the dynamic address is always going to be in
the same subnet, you can specify the subnet address in the interface's
entry in the <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>
file.</para>
</listitem>
@ -101,7 +101,7 @@
<para>If you don't know the subnet address in advance, you should
specify <quote>detect</quote> for the interface's subnet address in
the <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>
file and start Shorewall after the interface has started.</para>
</listitem>
@ -130,7 +130,7 @@
<listitem>
<para>Specify the <quote>dhcp</quote> option for the bridge interface
in the <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>
file.&nbsp;This will generate rules that will allow DHCP to and from
your firewall system as well as through the bridge.</para>
</listitem>
@ -143,7 +143,7 @@
<itemizedlist>
<listitem>
<para>Specify the "dhcp" option (in <filename><ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink></filename>)
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink></filename>)
on the interface facing the DHCP server and on the interfaces to be
relayed.</para>
</listitem>

2
docs/netmap.xml
View File

@ -124,7 +124,7 @@
<listitem>
<para>A firewall interface. This interface must have been defined in
<ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>.</para>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>.</para>
</listitem>
</varlistentry>

10
docs/shorewall_logging.xml
View File

@ -52,7 +52,7 @@
<listitem>
<para>The packet is part of an established connecection. While the
packet can be logged using LOG rules in the ESTABLISHED section of
<ulink url="Documentation.htm#Rules">/etc/shorewall/rules</ulink>,
<ulink url="manpages/shorewall-rules.html">/etc/shorewall/rules</ulink>,
that is not recommended because of the large amount of information
that may be logged.</para>
</listitem>
@ -62,14 +62,14 @@
established connection (such as a <ulink url="FTP.html">data
connection associated with an FTP control connection</ulink>). These
packets may be logged using LOG rules in the RELATED section of <ulink
url="Documentation.htm#Rules">/etc/shorewall/rules</ulink>.</para>
url="manpages/shorewall-rules.html">/etc/shorewall/rules</ulink>.</para>
</listitem>
<listitem>
<para>The packet is rejected because of an option in <ulink
url="Documentation.htm#Conf">/etc/shorewall/shorewall.conf</ulink> or
<ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>.
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink>.
These packets can be logged by setting the appropriate logging-related
option in <ulink
url="Documentation.htm#Conf">/etc/shorewall/shorewall.conf</ulink>.</para>
@ -77,7 +77,7 @@
<listitem>
<para>The packet matches a rule in <ulink
url="Documentation.htm#Rules">/etc/shorewall/rules</ulink>. By
url="manpages/shorewall-rules.html">/etc/shorewall/rules</ulink>. By
including a syslog level (see below) in the ACTION column of a rule
(e.g., <quote>ACCEPT<emphasis role="bold">:info</emphasis> net $FW tcp
22</quote>), the connection attempt will be logged at that
@ -87,7 +87,7 @@
<listitem>
<para>The packet doesn't match a rule so it is handled by a policy
defined in <ulink
url="Documentation.htm#Policy">/etc/shorewall/policy</ulink>. These
url="manpages/shorewall-policy.html">/etc/shorewall/policy</ulink>. These
may be logged by specifying a syslog level in the LOG LEVEL column of
the policy's entry (e.g., <quote>loc net ACCEPT <emphasis
role="bold">info</emphasis></quote>).</para>

10
docs/shorewall_setup_guide.xml
View File

@ -207,14 +207,14 @@ dmz ipv4</programlisting>
<listitem>
<para>You express your default policy for connections from one zone to
another zone in the <filename><ulink
url="Documentation.htm#Policy">/etc/shorewall/policy</ulink></filename>
url="manpages/shorewall-policy.html">/etc/shorewall/policy</ulink></filename>
file.</para>
</listitem>
<listitem>
<para>You define exceptions to those default policies in the
<filename><ulink
url="Documentation.htm#Rules">/etc/shorewall/rules</ulink></filename>.</para>
url="manpages/shorewall-rules.html">/etc/shorewall/rules</ulink></filename>.</para>
</listitem>
</itemizedlist>
@ -343,7 +343,7 @@ all all REJECT info</programlisting>
<para>The simplest way to define zones is to associate the zone name
(previously defined in /etc/shorewall/zones) with a network interface.
This is done in the <ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink> file.
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink> file.
The firewall illustrated above has three network interfaces. Where
Internet connectivity is through a cable or DSL <quote>Modem</quote>, the
<emphasis>External Interface</emphasis> will be the Ethernet adapter that
@ -413,7 +413,7 @@ all all REJECT info</programlisting>
<para>The Shorewall default configuration does not define the contents of
any zone. To define the above configuration using the <ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces </ulink>file,
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces </ulink>file,
that file would might contain:</para>
<programlisting>#ZONE INTERFACE BROADCAST OPTIONS
@ -1407,7 +1407,7 @@ eth0 192.168.201.0/29 192.0.2.176</programlisting>
system <quote>Local 3</quote>. You could allow connections to the
internet to her server by adding the following entry in
<filename><ulink
url="Documentation.htm#Rules">/etc/shorewall/rules</ulink></filename>:</para>
url="manpages/shorewall-rules.html">/etc/shorewall/rules</ulink></filename>:</para>
<programlisting>#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL
# PORT(S) PORT(S) DEST

4
docs/standalone.xml
View File

@ -244,13 +244,13 @@ net ipv4</programlisting>
<listitem>
<para>You express your default policy for connections from one zone to
another zone in the <ulink
url="Documentation.htm#Policy"><filename>/etc/shorewall/policy</filename></ulink>
url="manpages/shorewall-policy.html"><filename>/etc/shorewall/policy</filename></ulink>
file.</para>
</listitem>
<listitem>
<para>You define exceptions to those default policies in the <ulink
url="Documentation.htm#Rules"><filename>/etc/shorewall/rules</filename></ulink>
url="manpages/shorewall-rules.html"><filename>/etc/shorewall/rules</filename></ulink>
file.</para>
</listitem>
</itemizedlist>

4
docs/standalone_ru.xml
View File

@ -250,13 +250,13 @@ net ipv4</programlisting>
<listitem>
<para>Вы отражаете Вашу политику по умолчанию для соединений из одной
зоны в другую в файле<ulink
url="Documentation.htm#Policy"><filename>/etc/shorewall/policy</filename></ulink>.</para>
url="manpages/shorewall-policy.html"><filename>/etc/shorewall/policy</filename></ulink>.</para>
</listitem>
<listitem>
<para>Вы определяете исключения из политики по умолчанию в файле
<ulink
url="Documentation.htm#Rules"><filename>/etc/shorewall/rules</filename></ulink>.</para>
url="manpages/shorewall-rules.html"><filename>/etc/shorewall/rules</filename></ulink>.</para>
</listitem>
</itemizedlist>

4
docs/three-interface_ru.xml
View File

@ -270,13 +270,13 @@ dmz ipv4</programlisting>
<listitem>
<para>Вы отражаете Вашу политику по умолчанию для соединений из одной
зоны в другую в файле<ulink
url="Documentation.htm#Policy"><filename>/etc/shorewall/policy</filename></ulink>.</para>
url="manpages/shorewall-policy.html"><filename>/etc/shorewall/policy</filename></ulink>.</para>
</listitem>
<listitem>
<para>Вы определяете исключения из политики по умолчанию в файле
<ulink
url="Documentation.htm#Rules"><filename>/etc/shorewall/rules</filename></ulink>.</para>
url="manpages/shorewall-rules.html"><filename>/etc/shorewall/rules</filename></ulink>.</para>
</listitem>
</itemizedlist>

4
docs/troubleshoot.xml
View File

@ -214,7 +214,7 @@ gateway:~/test # </programlisting>A look at /var/lib/shorewall/restore at line
configuration if you specify the <emphasis
role="bold">arp_filter</emphasis> option or the <emphasis
role="bold">arp_ignore</emphasis> option in <filename><ulink
url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink></filename>
url="manpages/shorewall-interfaces.html">/etc/shorewall/interfaces</ulink></filename>
for all interfaces connected to the common hub/switch. <emphasis
role="bold">Using such a setup with a production firewall is strongly
recommended against</emphasis>.</para>
@ -467,7 +467,7 @@ Ping/DROP net all</programlisting>
zone to or from the destination zone or you haven't set the
<emphasis role="bold">routeback</emphasis> option for the
interface in <ulink
url="Documentation.htm#Interfaces"><filename>/etc/shorewall/interfaces</filename></ulink>.</para>
url="manpages/shorewall-interfaces.html"><filename>/etc/shorewall/interfaces</filename></ulink>.</para>
</listitem>
<listitem>

4
docs/two-interface.xml
View File

@ -249,14 +249,14 @@ loc ipv4</programlisting>Zones are defined in the <ulink
<listitem>
<para>You express your default policy for connections from one zone
to another zone in the <ulink
url="Documentation.htm#Policy"><filename
url="manpages/shorewall-policy.html"><filename
class="directory">/etc/shorewall/</filename><filename>policy</filename></ulink>
file.</para>
</listitem>
<listitem>
<para>You define exceptions to those default policies in the <ulink
url="Documentation.htm#Rules"><filename
url="manpages/shorewall-rules.html"><filename
class="directory">/etc/shorewall/</filename><filename>rules</filename></ulink>
file.</para>
</listitem>

4
docs/two-interface_ru.xml
View File

@ -257,13 +257,13 @@ loc ipv4</programlisting>
<listitem>
<para>Вы отражаете Вашу политику по умолчанию для соединений из одной
зоны в другую в файле<ulink
url="Documentation.htm#Policy"><filename>/etc/shorewall/policy</filename></ulink>.</para>
url="manpages/shorewall-policy.html"><filename>/etc/shorewall/policy</filename></ulink>.</para>
</listitem>
<listitem>
<para>Вы определяете исключения из политики по умолчанию в файле
<ulink
url="Documentation.htm#Rules"><filename>/etc/shorewall/rules</filename></ulink>.</para>
url="manpages/shorewall-rules.html"><filename>/etc/shorewall/rules</filename></ulink>.</para>
</listitem>
</itemizedlist>