More Doc updates

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1956 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-docs2/FAQ.xml

@@ -1751,7 +1751,7 @@ alias ipt_pkttype off</programlisting>
         <listitem>
           <para>Netfilter/iptables doesn't fully support IPSEC in the 2.6
           Kernels -- kernel and iptables patches are available and the details
-          may be found at the <ulink url="IPSEC-2.6.htm">Shorewall IPSEC-2.6
+          may be found at the <ulink url="IPSEC-2.6.html">Shorewall IPSEC-2.6
           page</ulink>.</para>
         </listitem>
 

Shorewall-docs2/IPSEC-2.6.xml

@@ -536,6 +536,9 @@ sainfo <emphasis role="bold">anonymous</emphasis>
 spdflush;</programlisting>
       </blockquote>
 
+      <para>If system A is running kernel 2.6.10 or later then it must also be
+      running ipsec-tools (racoon) 0.5rc1 or later.</para>
+
       <para>On the mobile system (system B), it is not possible to create a
       static IPSEC configuration because the IP address of the laptop's
       internet connection isn't static. I have created an 'ipsecvpn' script

Shorewall-docs2/ProxyARP.xml

@@ -15,10 +15,10 @@
       </author>
     </authorgroup>
 
-    <pubdate>2004-12-16</pubdate>
+    <pubdate>2005-02-11</pubdate>
 
     <copyright>
-      <year>2001-2004</year>
+      <year>2001-2005</year>
 
       <holder>Thomas M. Eastep</holder>
     </copyright>
@@ -127,7 +127,7 @@
 
     <graphic align="center" fileref="images/proxyarp1.png" />
 
-    <para>It the diagram above, <filename class="devicefile">eth1</filename>
+    <para>In the diagram above, <filename class="devicefile">eth1</filename>
     has been given the address 130.252.100.17, the same as
     <filename>eth0</filename>. Note though that the VLSM is 32 so there is no
     network associated with this address. This is the approach <ulink

Shorewall-docs2/errata.xml

@@ -13,7 +13,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2005-02-01</pubdate>
+    <pubdate>2005-02-11</pubdate>
 
     <copyright>
       <year>2001-2005</year>
@@ -112,6 +112,22 @@
   <section>
     <title>Problems in Version 2.0</title>
 
+    <section>
+      <title>Shorewall 2.0.15-2.0.16</title>
+
+      <itemizedlist>
+        <listitem>
+          <para>If the "rejNotSyn" action is invoked, an error occurs at
+          startup.</para>
+        </listitem>
+      </itemizedlist>
+
+      <para>Corrected in <ulink
+      url="http://shorewall.net/pub/shorewall/errata/2.0.16/firewall">this
+      firewall script</ulink> which may be installed in
+      /usr/share/shorewall/firewall as described above.</para>
+    </section>
+
     <section>
       <title>Shorewall 2.0.12</title>
 

Shorewall-docs2/three-interface.xml

@@ -15,10 +15,10 @@
       </author>
     </authorgroup>
 
-    <pubdate>2004-09-12</pubdate>
+    <pubdate>2005-02-12</pubdate>
 
     <copyright>
-      <year>2002-2004</year>
+      <year>2002-2005</year>
 
       <holder>Thomas M. Eastep</holder>
     </copyright>
@@ -603,13 +603,8 @@ fw         net         ACCEPT</programlisting>
     <para><inlinegraphic fileref="images/BD21298_.gif" format="GIF" /></para>
 
     <para>If you are using the Debian package, please check your
-    <filename>shorewall.conf</filename> file to ensure that the following are
-    set correctly; if they are not, change them appropriately: <itemizedlist>
-        <listitem>
-          <para><varname>NAT_ENABLED=Yes</varname> (Shorewall versions earlier
-          than 1.4.6)</para>
-        </listitem>
-
+    <filename>shorewall.conf</filename> file to ensure that the following is
+    set correctly; if it is not, change it appropriately: <itemizedlist>
         <listitem>
           <para><varname>IP_FORWARDING=On</varname></para>
         </listitem>
@@ -764,8 +759,8 @@ AllowDNS  fw        dmz:10.10.11.1             </programlisting></para>
 
     <para>In the rules shown above, <quote>AllowDNS</quote> is an example of a
     <emphasis>defined action</emphasis>. Shorewall includes a number of
-    defined actions and <ulink url="Actions.html">you can add
-    your own</ulink>. To see the list of actions included with your version of
+    defined actions and <ulink url="Actions.html">you can add your
+    own</ulink>. To see the list of actions included with your version of
     Shorewall, look in the file
     <filename>/usr/share/shorewall/actions.std</filename>. Those actions that
     accept connection requests have names that begin with
@@ -975,4 +970,4 @@ ACCEPT    net       fw                  tcp        80       </programlisting><it
     Features</ulink> page -- it contains helpful tips about Shorewall features
     than make administering your firewall easier.</para>
   </section>
-</article>
+</article>

Shorewall-docs2/two-interface.xml

@@ -12,7 +12,7 @@
       <surname>Eastep</surname>
     </author>
 
-    <pubdate>2004-09-06</pubdate>
+    <pubdate>2005-02-02</pubdate>
 
     <copyright>
       <year>2002</year>
@@ -21,6 +21,8 @@
 
       <year>2004</year>
 
+      <year>2005</year>
+
       <holder>Thomas M. Eastep</holder>
     </copyright>
 
@@ -578,14 +580,9 @@ fw         net         ACCEPT</programlisting> The above policy will:
     <para><inlinegraphic fileref="images/BD21298_.gif" format="GIF" /></para>
 
     <para>If you are using the Debian package, please check your
-    <filename>shorewall.conf</filename> file to ensure that the following are
-    set correctly; if they are not, change them appropriately: <itemizedlist
+    <filename>shorewall.conf</filename> file to ensure that the following is
+    set correctly; if it is not, change it appropriately: <itemizedlist
         spacing="compact">
-        <listitem>
-          <para><varname>NAT_ENABLED=Yes</varname> (Shorewall versions earlier
-          than 1.4.6)</para>
-        </listitem>
-
         <listitem>
           <para><varname>IP_FORWARDING=On</varname></para>
         </listitem>
@@ -727,8 +724,8 @@ AllowDNS   fw        net</programlisting>This rule allows
 
     <para>In the rule shown above, <quote>AllowDNS</quote> is an example of a
     <emphasis>defined action</emphasis>. Shorewall includes a number of
-    defined actions and <ulink url="Actions.html">you can add
-    your own</ulink>. To see the list of actions included with your version of
+    defined actions and <ulink url="Actions.html">you can add your
+    own</ulink>. To see the list of actions included with your version of
     Shorewall, look in the file
     <filename>/usr/share/shorewall/actions.std</filename>. Those actions that
     accept connection requests have names that begin with
@@ -985,4 +982,4 @@ eth0                 wlan0</programlisting>
     requires the rules listed in the <ulink url="samba.htm">Shorewall/Samba
     documentation</ulink>.</para>
   </section>
-</article>
+</article>