Add comments to the zones and policy files

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1933 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall2/changelog.txt

@@ -1,3 +1,7 @@
+Changes since 2.2.0
+
+1) Add examples to the zones and policy files.
+
 Changes since 2.0.3
 
 1) Fix security vulnerability involving temporary files/directories.

Shorewall2/policy

@@ -66,13 +66,23 @@
 #			and the size of an acceptable burst. If not specified,
 #			TCP connections are not limited.
 #
-#	As shipped, the default policies are:
+#	Example:
 #
 #	a) All connections from the local network to the internet are allowed
 #	b) All connections from the internet are ignored but logged at syslog
 #	   level KERNEL.INFO.
 #	d) All other connection requests are rejected and logged at level
 #	   KERNEL.INFO.
+#
+#	#SOURCE		DEST		POLICY		LOG
+#	#						LEVEL
+#	loc		net		ACCEPT
+#	net		all		DROP		info
+#	#
+#	# THE FOLLOWING POLICY MUST BE LAST
+#	#	
+#	all		all		REJECT		info 
+#
 ###############################################################################
 #SOURCE		DEST		POLICY		LOG		LIMIT:BURST
 #						LEVEL

Shorewall2/releasenotes.txt

@@ -1,5 +1,10 @@
-Shorewall 2.2.0
+Shorewall 2.2.1
 
+-----------------------------------------------------------------------
+Problems corrected in version 2.2.1
+
+1) The /etc/shorewall/policy file contained a misleading comment and
+   both that file and the /etc/shorewall/zones file lacked examples.
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0 to Shorewall 2.2:
 

Shorewall2/zones

@@ -12,5 +12,14 @@
 #
 # See http://www.shorewall.net/Documentation.htm#Nested
 #
+# Example zones:
+#
+#    You have a three interface firewall with internet, local and DMZ interfaces.
+#
+#	#ZONE	DISPLAY		COMMENTS
+#	net	Internet	The big bad Internet
+#	loc	Local		Local Network
+#	dmz	DMZ		Demilitarized zone.
+#
 #ZONE			DISPLAY		COMMENTS
 #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE