extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-25 09:03:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update Config file basics doc for 3.0

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2608 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-08-31 18:58:40 +00:00
parent 7ca53ce6b8
commit 4a9a0467f7
1 changed files with 40 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
Shorewall-docs2/configuration_file_basics.xml
View File

@ -34,6 +34,13 @@
</legalnotice> </legalnotice>
</articleinfo> </articleinfo>
<caution>
<para><emphasis role="bold">This article applies to Shorewall 3.0 and
later. If you are running a version of Shorewall earlier than Shorewall
3.0.0 then please see the documentation for that
release.</emphasis></para>
</caution>
<caution> <caution>
<para>If you copy or edit your configuration files on a system running <para>If you copy or edit your configuration files on a system running
Microsoft Windows, you must run them through <ulink Microsoft Windows, you must run them through <ulink
@ -167,20 +174,12 @@
<listitem> <listitem>
<para><filename>/etc/shorewall/actions</filename> and <para><filename>/etc/shorewall/actions</filename> and
<filename>/usr/share/shorewall/action.template</filename> - define <filename>/usr/share/shorewall/action.template</filename>.</para>
your own actions for rules in /etc/shorewall/rules (Shorewall 1.4.9
and later).</para>
</listitem> </listitem>
<listitem> <listitem>
<para><filename>/etc/shorewall/providers</filename> - defines an <para><filename>/etc/shorewall/providers</filename> - defines an
alternate routing table.(Shorewall 2.3.2 and later).</para> alternate routing table.</para>
</listitem>
<listitem>
<para><filename>/etc/shorewall/routes</filename> - see <ulink
url="Shorewall_and_Routing.html#RouteTarget">here</ulink> (Shorewall
2.3.2 and later,experimental)</para>
</listitem> </listitem>
<listitem> <listitem>
@ -189,10 +188,15 @@
</listitem> </listitem>
<listitem> <listitem>
<para><filename>/usr/share/shorewall/actions.*</filename> - Details <para><filename>/usr/share/shorewall/action.*</filename> - Details
of actions defined by Shorewall.</para> of actions defined by Shorewall.</para>
</listitem> </listitem>
<listitem>
<para><filename>/usr/share/shorewall/macro.*</filename> - Details of
macros defined by Shorewall.</para>
</listitem>
<listitem> <listitem>
<para><filename>/usr/share/rfc1918</filename> — Defines the behavior <para><filename>/usr/share/rfc1918</filename> — Defines the behavior
of the 'norfc1918' interface option in of the 'norfc1918' interface option in
@ -450,6 +454,31 @@ smtp,www,pop3,imap #Services running on the firewall</programlisting>
</itemizedlist> </itemizedlist>
</section> </section>
<section id="Exclusion">
<title>Exclusion Lists</title>
<para>Shorewall 3.0 differs from earlier versions in that in most contexts
where a comma-separated list of addresses is accepted, an
<firstterm>exclusion list</firstterm> may also be included. An exclusion
list is a comma-separated list of addresses that begins with "!".</para>
<para>Example:</para>
<programlisting>!192.168.1.3,192.168.1.12,192.168.1.32/27</programlisting>
<para>The above list refers to "All addresses except 192.168.1.3,
192.168.1.12 and 192.168.1.32-192.168.1.63.</para>
<para>Exclusion lists can also be added after a network address.</para>
<para>Example:</para>
<programlisting>192.168.1.0/24!192.168.1.3,192.168.1.12,192.168.1.32/27</programlisting>
<para>The above list refers to "All addresses in 192.168.1.0-192.168.1.255
except 192.168.1.3, 192.168.1.12 and 192.168.1.32-192.168.1.63.</para>
</section>
<section id="IPRanges"> <section id="IPRanges">
<title>IP Address Ranges</title> <title>IP Address Ranges</title>