extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-25 09:03:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct typos in IPSEC article.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-04-28 08:12:41 -07:00
parent a997d6507d
commit 83d8d497d7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/IPSEC-2.6.xml
View File

@ -796,7 +796,7 @@ all all REJECT info
on the firewall that must be accessible to road warriors. The reason for on the firewall that must be accessible to road warriors. The reason for
the second step is that the policy does not by default allow unrestricted the second step is that the policy does not by default allow unrestricted
access to the firewall itself. Finally, you should protect an exploit access to the firewall itself. Finally, you should protect an exploit
where an attacker can exploit your LT2P server do to a hole in the way where an attacker can exploit your LT2P server due to a hole in the way
that L2TP interacts with UDP connection tracking.</para> that L2TP interacts with UDP connection tracking.</para>
<blockquote> <blockquote>
@ -806,7 +806,7 @@ all all REJECT info
# PORT(S) PORT(S) # PORT(S) PORT(S)
SECTION ESTABLISHED SECTION ESTABLISHED
# Prevent IPSEC bypass by hosts behind a NAT gateway # Prevent IPSEC bypass by hosts behind a NAT gateway
L2TP/(REJECT) net $FW L2TP(REJECT) net $FW
REJECT $FW net udp - 1701 REJECT $FW net udp - 1701
# l2tp over the IPsec VPN # l2tp over the IPsec VPN
ACCEPT vpn $FW udp 1701 ACCEPT vpn $FW udp 1701