From 46644a03361e813598feeb60111398f4ba58a2aa Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Wed, 21 Jul 2010 11:48:51 -0700
Subject: [PATCH] Add instructions for disabling existing firewalls

---
 docs/standalone.xml      | 17 +++++++++++++++++
 docs/three-interface.xml | 17 +++++++++++++++++
 docs/two-interface.xml   | 17 +++++++++++++++++
 3 files changed, 51 insertions(+)

diff --git a/docs/standalone.xml b/docs/standalone.xml
index 3705a2281..274443559 100644
--- a/docs/standalone.xml
+++ b/docs/standalone.xml
@@ -577,6 +577,23 @@ SSH(ACCEPT) net       $FW           </programlisting>
     other connections as desired.</para>
   </section>
 
+  <section>
+    <title>Disabling your existing Firewall</title>
+
+    <para>Before starting Shorewall for the first time, it's a good idea to
+    stop your existing firewall. On Redhat/CentOS/Fedora:</para>
+
+    <programlisting><command>service iptables stop</command></programlisting>
+
+    <para>If you are running SuSE, use Yast or Yast2 to stop
+    SuSEFirewall.</para>
+
+    <para>Once you have Shorewall running to your satisfaction, you should
+    totally disable your existing firewall. On /Redhat/CentOS/Fedora:</para>
+
+    <programlisting><command>chkconfig --del iptables</command></programlisting>
+  </section>
+
   <section id="Starting">
     <title>Starting and Stopping Your Firewall</title>
 
diff --git a/docs/three-interface.xml b/docs/three-interface.xml
index 32ee8d93c..416bf8430 100644
--- a/docs/three-interface.xml
+++ b/docs/three-interface.xml
@@ -1092,6 +1092,23 @@ ACCEPT    net       $FW                 tcp        80       </programlisting><it
     </itemizedlist>
   </section>
 
+  <section>
+    <title>Disabling your existing Firewall</title>
+
+    <para>Before starting Shorewall for the first time, it's a good idea to
+    stop your existing firewall. On Redhat/CentOS/Fedora:</para>
+
+    <programlisting><command>service iptables stop</command></programlisting>
+
+    <para>If you are running SuSE, use Yast or Yast2 to stop
+    SuSEFirewall.</para>
+
+    <para>Once you have Shorewall running to your satisfaction, you should
+    totally disable your existing firewall. On /Redhat/CentOS/Fedora:</para>
+
+    <programlisting><command>chkconfig --del iptables</command></programlisting>
+  </section>
+
   <section id="Starting">
     <title>Starting and Stopping Your Firewall</title>
 
diff --git a/docs/two-interface.xml b/docs/two-interface.xml
index 670d5798b..5c33da7dc 100644
--- a/docs/two-interface.xml
+++ b/docs/two-interface.xml
@@ -1012,6 +1012,23 @@ ACCEPT     loc       $FW     tcp       80          #Allow Weblet to work</progra
     </itemizedlist>
   </section>
 
+  <section>
+    <title>Disabling your existing Firewall</title>
+
+    <para>Before starting Shorewall for the first time, it's a good idea to
+    stop your existing firewall. On Redhat/CentOS/Fedora:</para>
+
+    <programlisting><command>service iptables stop</command></programlisting>
+
+    <para>If you are running SuSE, use Yast or Yast2 to stop
+    SuSEFirewall.</para>
+
+    <para>Once you have Shorewall running to your satisfaction, you should
+    totally disable your existing firewall. On /Redhat/CentOS/Fedora:</para>
+
+    <programlisting><command>chkconfig --del iptables</command></programlisting>
+  </section>
+
   <section id="Starting">
     <title>Starting and Stopping Your Firewall</title>