Slight re-org of Xen docs

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3644 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

docs/CompiledPrograms.xml

@@ -159,6 +159,10 @@
               class="directory">/etc/init.d</filename> — they require the
               soon-to-be-released Shorewall-minimal Debian package.</member>
             </simplelist>
+
+            <para>If <emphasis role="bold">-d</emphasis> is not specified, the
+            compiled program is generally not suitable for being installed in
+            <filename class="directory">/etc/init.d</filename>.</para>
           </listitem>
         </varlistentry>
 

docs/Documentation_Index.xml

@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2006-02-27</pubdate>
+    <pubdate>2006-03-10</pubdate>
 
     <copyright>
       <year>2001-2006</year>
@@ -738,7 +738,19 @@
     </listitem>
 
     <listitem>
-      <para><ulink url="Xen.html">Xen and Shorewall</ulink></para>
+      <para>Xen</para>
+
+      <itemizedlist>
+        <listitem>
+          <para><ulink url="XenMyWay.html">Xen the way that I use
+          it</ulink></para>
+        </listitem>
+
+        <listitem>
+          <para><ulink url="Xen.html">Tight Firewall in Xen
+          Dom0</ulink></para>
+        </listitem>
+      </itemizedlist>
     </listitem>
   </orderedlist>
 </article>

docs/Xen.xml

@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2006-02-02</pubdate>
+    <pubdate>2006-03-10</pubdate>
 
     <copyright>
       <year>2006</year>
@@ -101,9 +101,18 @@
     (the Extended) Dom0 to isolate the server(s) from the other local systems
     (including Dom0).</para>
 
+    <caution>
+      <para>I find Xen Domain 0 to be an arcane environment in which to try to
+      use Netfilter (and hence Shorewall). As the number of interfaces and
+      bridges increase, complexity increases geometrically. I recommend
+      following this guide only if you really need to place a public server in
+      your local network. Otherwise, the <ulink url="XenMyWay.html">way that I
+      use Xen</ulink> is much more straight-forward.</para>
+    </caution>
+
     <para>Here is an example. In this example, we will assume that the system
     is behind a second firewall that restricts incoming traffic so that we
-    only have to worry about protecting the local lan from the systems running
+    only have to worry about protecting the local LAN from the systems running
     in the DomU's.</para>
 
     <section>

docs/myfiles.xml

@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2006-01-21</pubdate>
+    <pubdate>2006-03-10</pubdate>
 
     <copyright>
       <year>2001-2006</year>
@@ -89,18 +89,7 @@
         <para>use SNAT through 206.124.146.179 for&nbsp;my Wife's Windows XP
         system <quote><emphasis>Tarry</emphasis></quote> and our SUSE 10.0
         laptop <quote><emphasis>Tipper</emphasis></quote> which connects
-        through the Wireless Access Point (wap) via a Wireless Bridge
+        through the Wireless Access Point (wap).</para>
-        (wet).<note>
-            <para>While the distance between the WAP and where I usually use
-            the laptop isn't very far (50 feet or so), using a WAC11 (CardBus
-            wireless card) has proved very unsatisfactory (lots of lost
-            connections). By replacing the WAC11 with the WET11 wireless
-            bridge, I have virtually eliminated these problems (Being an old
-            radio tinkerer (K7JPV), I was also able to eliminate the
-            disconnects by hanging a piece of aluminum foil on the family room
-            wall. Needless to say, my wife Tarry rejected that as a permanent
-            solution :-).</para>
-          </note></para>
       </listitem>
     </itemizedlist>
 

docs/starting_and_stopping_shorewall.xml

@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2006-02-27</pubdate>
+    <pubdate>2006-03-07</pubdate>
 
     <copyright>
       <year>2004</year>
@@ -650,12 +650,25 @@
           system.</para>
 
           <para>When -d &lt;distribution&gt; is given, the script is built for
-          execution on the distribution specified by &lt;distro&gt;.
+          installation in <filename class="directory">/etc/init.d</filename>
-          Currently, 'suse' is the only valid &lt;distro&gt;. Usually
+          on the distribution specified by &lt;distro&gt;. Currently supported
-          specified together with -e.</para>
+          values for &lt;distro&gt;are:</para>
+
+          <simplelist>
+            <member>redhat (also good for Fedora Core and CentOS)</member>
+
+            <member>debian (Requires the soon to be released Shorewall-minimal
+            package to be run on Debian)</member>
+
+            <member>suse</member>
+          </simplelist>
+
+          <para>Usually specified together with -e. If not specified, the
+          output file is not suitable for installation into <filename
+          class="directory">/etc/init.d/</filename></para>
 
           <para>Example:<blockquote>
-              <para><command>shorewall compile -ed suse foo</command></para>
+              <para><command>shorewall compile -ed redhat foo</command></para>
             </blockquote>Additional distributions are expected to be supported
           shortly.</para>
 
@@ -690,6 +703,10 @@
           <para>When the '-e' option is specified during compilation, the
           program may be installed in /etc/init.d/ and serve as the firewall
           on a system without Shorewall installed.</para>
+
+          <para>For additional information about the
+          <command>compile</command> command, see <ulink
+          url="CompiledPrograms.html">this article</ulink>.</para>
         </listitem>
       </varlistentry>