mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-08 08:44:05 +01:00
More manpage updates
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5259 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
4be135fbbf
commit
7d2419dd21
@ -31,13 +31,14 @@
|
|||||||
#
|
#
|
||||||
# Commands are:
|
# Commands are:
|
||||||
#
|
#
|
||||||
# shorewall start Starts the firewall
|
|
||||||
# shorewall restart Restarts the firewall
|
# shorewall restart Restarts the firewall
|
||||||
# shorewall stop Stops the firewall
|
# shorewall stop Stops the firewall
|
||||||
# shorewall reset Resets iptables packet and
|
# shorewall reset Resets iptables packet and
|
||||||
# byte counts
|
# byte counts
|
||||||
# shorewall clear Remove all Shorewall chains
|
# shorewall clear Remove all Shorewall chains
|
||||||
# and rules/policies.
|
# and rules/policies.
|
||||||
|
# shorewall add <iface>[:<host>] zone Adds a host or subnet to a zone
|
||||||
|
# shorewall delete <iface>[:<host>] zone Deletes a host or subnet from a zone
|
||||||
#
|
#
|
||||||
# Mutual exclusion -- These functions are jackets for the mutual exclusion
|
# Mutual exclusion -- These functions are jackets for the mutual exclusion
|
||||||
# routines in $FUNCTIONS. They invoke
|
# routines in $FUNCTIONS. They invoke
|
||||||
|
|||||||
@ -21,7 +21,8 @@
|
|||||||
<refsect1>
|
<refsect1>
|
||||||
<title>Description</title>
|
<title>Description</title>
|
||||||
|
|
||||||
<para>This file is used to define Proxy ARP.</para>
|
<para>This file is used to define Proxy ARP. There is one entry in this
|
||||||
|
file for each IP address to be proxied.</para>
|
||||||
|
|
||||||
<para>The columns in the file are as follows.</para>
|
<para>The columns in the file are as follows.</para>
|
||||||
|
|
||||||
@ -40,7 +41,8 @@
|
|||||||
<emphasis>interface</emphasis></term>
|
<emphasis>interface</emphasis></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Local interface where system is connected.</para>
|
<para>Local interface where system with the ip address in ADDRESS is
|
||||||
|
connected.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|||||||
@ -21,19 +21,13 @@
|
|||||||
<refsect1>
|
<refsect1>
|
||||||
<title>Description</title>
|
<title>Description</title>
|
||||||
|
|
||||||
<para>Rules in this file govern connection establishment. By default,
|
<para>Entries in this file govern connection establishment. By default,
|
||||||
subsequent requests and responses are automatically allowed using
|
subsequent requests and responses are automatically allowed using
|
||||||
connection tracking. For any particular (source,dest) pair of zones, the
|
connection tracking. For any particular (source,dest) pair of zones, the
|
||||||
rules are evaluated in the order in which they appear in this file and the
|
rules are evaluated in the order in which they appear in this file and the
|
||||||
first terminating match is the one that determines the disposition of the
|
first terminating match is the one that determines the disposition of the
|
||||||
request. All rules are terminating except LOG and QUEUE rules.</para>
|
request. All rules are terminating except LOG and QUEUE rules.</para>
|
||||||
|
|
||||||
<para>In most places where an IP address or subnet is allowed, you can
|
|
||||||
preceed the address/subnet with "!" (e.g., !192.168.1.0/24) to indicate
|
|
||||||
that the rule matches all addresses except the address/subnet given.
|
|
||||||
Notice that no white space is permitted between "!" and the
|
|
||||||
address/subnet.</para>
|
|
||||||
|
|
||||||
<warning>
|
<warning>
|
||||||
<para>If you masquerade or use SNAT from a local system to the internet,
|
<para>If you masquerade or use SNAT from a local system to the internet,
|
||||||
you cannot use an ACCEPT rule to allow traffic from the internet to that
|
you cannot use an ACCEPT rule to allow traffic from the internet to that
|
||||||
@ -347,7 +341,7 @@
|
|||||||
rewritten.</para>
|
rewritten.</para>
|
||||||
|
|
||||||
<para>If the <emphasis role="bold">ACTION</emphasis> names an
|
<para>If the <emphasis role="bold">ACTION</emphasis> names an
|
||||||
<emphasis>action</emphasis> defined in <ulink
|
<emphasis>action</emphasis> declared in <ulink
|
||||||
url="shorewall-actions.html">shorewall-actions</ulink>(5) or in
|
url="shorewall-actions.html">shorewall-actions</ulink>(5) or in
|
||||||
/usr/share/shorewall/actions.std then:</para>
|
/usr/share/shorewall/actions.std then:</para>
|
||||||
|
|
||||||
@ -397,7 +391,7 @@
|
|||||||
role="bold">+</emphasis><emphasis>ipset</emphasis>}</term>
|
role="bold">+</emphasis><emphasis>ipset</emphasis>}</term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Source hosts to which the rule applies. May be a zone defined
|
<para>Source hosts to which the rule applies. May be a zone declared
|
||||||
in /etc/shorewall/zones, <emphasis role="bold">$FW</emphasis> to
|
in /etc/shorewall/zones, <emphasis role="bold">$FW</emphasis> to
|
||||||
indicate the firewall itself, <emphasis role="bold">all</emphasis>,
|
indicate the firewall itself, <emphasis role="bold">all</emphasis>,
|
||||||
<emphasis role="bold">all+</emphasis>, <emphasis
|
<emphasis role="bold">all+</emphasis>, <emphasis
|
||||||
@ -526,7 +520,7 @@
|
|||||||
role="bold">+</emphasis><emphasis>ipset</emphasis>}]</term>
|
role="bold">+</emphasis><emphasis>ipset</emphasis>}]</term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Location of Server. May be a zone defined in <ulink
|
<para>Location of Server. May be a zone declared in <ulink
|
||||||
url="shorewall-zones.html">shorewall-zones</ulink>(5), $<emphasis
|
url="shorewall-zones.html">shorewall-zones</ulink>(5), $<emphasis
|
||||||
role="bold">FW</emphasis> to indicate the firewall itself, <emphasis
|
role="bold">FW</emphasis> to indicate the firewall itself, <emphasis
|
||||||
role="bold">all</emphasis>. <emphasis role="bold">all+</emphasis> or
|
role="bold">all</emphasis>. <emphasis role="bold">all+</emphasis> or
|
||||||
|
|||||||
@ -20,10 +20,19 @@ Texts. A copy of the license is included in the section entitled “<span
|
|||||||
class="quote"><a href="GnuCopyright.htm" target="_self">GNU Free
|
class="quote"><a href="GnuCopyright.htm" target="_self">GNU Free
|
||||||
Documentation License</a></span>”.<br>
|
Documentation License</a></span>”.<br>
|
||||||
</p>
|
</p>
|
||||||
<p>2007-01-14<br>
|
<p>2007-01-18<br>
|
||||||
</p>
|
</p>
|
||||||
<hr style="width: 100%; height: 2px;"> <span style="font-weight: bold;">Warning:
|
<hr style="width: 100%; height: 2px;"> <span style="font-weight: bold;">Warning:
|
||||||
</span>These manpages are for Shorewall 3.4.0 only.<br>
|
</span>These manpages are for Shorewall 3.4.0 only.<br>
|
||||||
|
<br>
|
||||||
|
<span style="font-weight: bold;">Note:</span> The docbook to manpage
|
||||||
|
translation tool that we are using has some indentation issues which
|
||||||
|
require us to choose between correct output of the <span
|
||||||
|
style="font-weight: bold;">man</span> command and correctly-indented
|
||||||
|
HTML. We've chosen in favor of the <span style="font-weight: bold;">man</span>
|
||||||
|
command so some of the manpages accessed through the links below have
|
||||||
|
indentation problems. We're working to resolve these issues and ask for
|
||||||
|
your patience.<br>
|
||||||
<h2>Section 5 - Files<br>
|
<h2>Section 5 - Files<br>
|
||||||
</h2>
|
</h2>
|
||||||
<div style="margin-left: 40px;"><a href="shorewall-accounting.html">accounting</a><br>
|
<div style="margin-left: 40px;"><a href="shorewall-accounting.html">accounting</a><br>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user