From 778c39aaffe87929fa7eb1fdc2f8368d95e29a86 Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 31 Jul 2007 20:47:16 +0000 Subject: [PATCH] A couple of doc/manpage updates git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7012 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- docs/XenMyWay-Routed.xml | 7 ++++--- manpages/shorewall-tos.xml | 4 ++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/XenMyWay-Routed.xml b/docs/XenMyWay-Routed.xml index 71c1137bd..1f6b5b466 100644 --- a/docs/XenMyWay-Routed.xml +++ b/docs/XenMyWay-Routed.xml @@ -495,11 +495,12 @@ OMAK=<IP address at our second home> echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal - /etc/shorewall/interfaces: + /etc/shorewall/interfaces (don't specify + the BROADCAST addresses if you are using Shorewall-perl): #ZONE INTERFACE BROADCAST OPTIONS net $EXT_IF 206.124.146.255 dhcp,norfc1918,logmartians,blacklist,tcpflags,nosmurfs -dmz $DMZ_IF 192.168.0.255 logmartians +dmz $DMZ_IF 206.124.146.255 logmartians loc $INT_IF 192.168.1.255 dhcp,routeback,logmartians loc $TEST_IF - wifi $WIFI_IF 192.168.3.255 dhcp,maclist @@ -521,7 +522,7 @@ vpn tun+ - rule before the SNAT rules generated by entries in /etc/shorewall/nat above. - #INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC + #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC +$EXT_IF:192.168.1.1 0.0.0.0/0 192.168.1.254 $EXT_IF 192.168.0.0/22 206.124.146.179 #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE diff --git a/manpages/shorewall-tos.xml b/manpages/shorewall-tos.xml index 764411ba0..d0b0fa5ac 100644 --- a/manpages/shorewall-tos.xml +++ b/manpages/shorewall-tos.xml @@ -28,13 +28,13 @@ SOURCE - - {all[zone[:address]|all|$FW} (Shorewall-shell) - Name of a zone declared in Name of a zone declared in shorewall-zones(5), all or $FW.