extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-25 12:13:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updates for routestopped -> stoppedrules

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-10-05 07:51:43 -07:00
parent 0385b2cd37
commit 89122c0d55
10 changed files with 65 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/CompiledPrograms.xml
View File

@ -186,8 +186,8 @@
configuring Shorewall on the firewall system itself</emphasis>). configuring Shorewall on the firewall system itself</emphasis>).
It's a good idea to include the IP address of the administrative It's a good idea to include the IP address of the administrative
system in the <ulink system in the <ulink
url="manpages/shorewall-routestopped.html"><filename>routestopped</filename> url="manpages/shorewall-stoppedrules.html"><filename>stoppedrules
file</ulink>.</para> </filename> file</ulink>.</para>
<para>It is important to understand that with Shorewall Lite, <para>It is important to understand that with Shorewall Lite,
the firewall's export directory on the administrative system the firewall's export directory on the administrative system
@ -493,7 +493,7 @@ clean:
<para>Be sure that the IP address of the administrative system is <para>Be sure that the IP address of the administrative system is
included in the firewall's export directory included in the firewall's export directory
<filename>routestopped</filename> file.</para> <filename>stoppedrules</filename> file.</para>
<programlisting><command>shorewall stop</command></programlisting> <programlisting><command>shorewall stop</command></programlisting>
@ -514,7 +514,7 @@ clean:
<para>It's a good idea to include the IP address of the <para>It's a good idea to include the IP address of the
administrative system in the firewall system's <ulink administrative system in the firewall system's <ulink
url="manpages/shorewall-routestopped.html"><filename>routestopped</filename> url="manpages/shorewall-stoppedrules.html"><filename>stoppedrules</filename>
file</ulink>.</para> file</ulink>.</para>
<para>Also, edit the <filename>shorewall.conf</filename> file in <para>Also, edit the <filename>shorewall.conf</filename> file in

8
docs/FAQ.xml
View File

@ -2029,7 +2029,7 @@ Dec 15 16:47:30 heath-desktop last message repeated 2 times</programlisting>
ADMINISABSENTMINDED in <ulink ADMINISABSENTMINDED in <ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink> (5) and the url="manpages/shorewall.conf.html">shorewall.conf</ulink> (5) and the
contents of <ulink contents of <ulink
url="manpages/shorewall-routestopped.html">shorewall-routestopped</ulink> url="manpages/shorewall-stoppedrules.html">shorewall-stoppedrules</ulink>
(5). To totally open the firewall, use the <command>clear</command> (5). To totally open the firewall, use the <command>clear</command>
command.</para> command.</para>
</section> </section>
@ -2138,8 +2138,8 @@ Creating input Chains...
<para><command>/sbin/shorewall stop</command> places the firewall in a <para><command>/sbin/shorewall stop</command> places the firewall in a
<firstterm>safe state</firstterm>, the details of which depend on your <firstterm>safe state</firstterm>, the details of which depend on your
<filename>/etc/shorewall/routestopped</filename> file (<ulink <filename>/etc/shorewall/stoppedrules</filename> file (<ulink
url="manpages/shorewall-routestopped.html">shorewall-routestopped</ulink>(5)) url="manpages/shorewall-stoppedrules.html">shorewall-stoppedrules</ulink>(5))
and on the setting of ADMINISABSENTMINDED in and on the setting of ADMINISABSENTMINDED in
<filename>/etc/shorewall/shorewall.conf</filename> (<ulink <filename>/etc/shorewall/shorewall.conf</filename> (<ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink>(5)).</para> url="manpages/shorewall.conf.html">shorewall.conf</ulink>(5)).</para>
@ -3065,7 +3065,7 @@ Shorewall has detected the following iptables/netfilter capabilities:
Persistent SNAT: Available Persistent SNAT: Available
gateway:~# </programlisting> gateway:~# </programlisting>
<para></para> <para/>
</section> </section>
<section id="faq19"> <section id="faq19">

2
docs/Manpages.xml
View File

@ -37,7 +37,7 @@
<warning> <warning>
<para>These manpages are for Shorewall 5.0 and later only. They describe <para>These manpages are for Shorewall 5.0 and later only. They describe
features and options not available on earlier releases. The manpages for features and options not available on earlier releases. The manpages for
Shorewall 4.4-4.6 are available<ulink url="/Manpages4/Manpages.html"> Shorewall 4.4-4.6 are available<ulink url="/manpages4/Manpages.html">
here</ulink>.</para> here</ulink>.</para>
</warning> </warning>

2
docs/Manpages6.xml
View File

@ -38,7 +38,7 @@
<para>These manpages are for Shorewall6 5.0 and later only. They describe <para>These manpages are for Shorewall6 5.0 and later only. They describe
features and options not available on earlier releases.The manpages for features and options not available on earlier releases.The manpages for
Shorewall 4.4-4.6 are available <ulink Shorewall 4.4-4.6 are available <ulink
url="/Manpages4/Manpages.html">here</ulink>.</para> url="/manpages4/Manpages.html">here</ulink>.</para>
</warning> </warning>
<section id="Section5"> <section id="Section5">

6
docs/Shorewall-Lite.xml
View File

@ -191,7 +191,7 @@
configuring Shorewall on the firewall system itself</emphasis>). configuring Shorewall on the firewall system itself</emphasis>).
It's a good idea to include the IP address of the administrative It's a good idea to include the IP address of the administrative
system in the <ulink system in the <ulink
url="manpages/shorewall-routestopped.html"><filename>routestopped</filename> url="manpages/shorewall-stoppedrules.html"><filename>stoppedrules</filename>
file</ulink>.</para> file</ulink>.</para>
<para>It is important to understand that with Shorewall Lite, <para>It is important to understand that with Shorewall Lite,
@ -412,7 +412,7 @@
<para>Be sure that the IP address of the administrative system is <para>Be sure that the IP address of the administrative system is
included in the firewall's export directory included in the firewall's export directory
<filename>routestopped</filename> file.</para> <filename>stoppedrules</filename> file.</para>
<programlisting><command>shorewall stop</command></programlisting> <programlisting><command>shorewall stop</command></programlisting>
@ -433,7 +433,7 @@
<para>It's a good idea to include the IP address of the <para>It's a good idea to include the IP address of the
administrative system in the firewall system's <ulink administrative system in the firewall system's <ulink
url="manpages/shorewall-routestopped.html"><filename>routestopped</filename> url="manpages/shorewall-stoppedrules.html"><filename>stoppedrules</filename>
file</ulink>.</para> file</ulink>.</para>
<para>Also, edit the <filename>shorewall.conf</filename> file in <para>Also, edit the <filename>shorewall.conf</filename> file in

4
docs/ipsets.xml
View File

@ -146,8 +146,10 @@ ACCEPT net:+sshok $FW tcp 22</programlisting></para>
<listitem> <listitem>
<para>You cannot use an ipset in <ulink <para>You cannot use an ipset in <ulink
url="manpages/shorewall-stoppedulres.html">shorewall-stoppedrules</ulink>
(5) (<ulink
url="manpages/shorewall-routestopped.html">shorewall-routestopped</ulink> url="manpages/shorewall-routestopped.html">shorewall-routestopped</ulink>
(5).</para> (5)).</para>
</listitem> </listitem>
<listitem> <listitem>

4
docs/shorewall_extension_scripts.xml
View File

@ -174,8 +174,8 @@ esac</programlisting><caution>
indeterminate. So if you have ADMINISABSENTMINDED=No in <ulink indeterminate. So if you have ADMINISABSENTMINDED=No in <ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink>(8) and url="manpages/shorewall.conf.html">shorewall.conf</ulink>(8) and
output on an interface is not allowed by <ulink output on an interface is not allowed by <ulink
url="manpages/shorewall.conf.html">routestopped</ulink>(8) then url="manpages/shorewall-stoppedrules.html">stoppedrules</ulink>(8)
the isuasable script must blow it's own holes in the firewall then the isuasable script must blow it's own holes in the firewall
before probing.</para> before probing.</para>
</caution></para> </caution></para>
</listitem> </listitem>

15
docs/shorewall_setup_guide.xml
View File

@ -2400,9 +2400,9 @@ foobar.net. 86400 IN A 192.0.2.177
<para>The firewall is started using the <quote>shorewall start</quote> <para>The firewall is started using the <quote>shorewall start</quote>
command and stopped using <quote>shorewall stop</quote>. When the firewall command and stopped using <quote>shorewall stop</quote>. When the firewall
is stopped, routing is enabled on those hosts that have an entry in is stopped, routing is enabled on those hosts that have an ACCEPT entry in
<filename><ulink <filename><ulink
url="manpages/shorewall-routestopped.html">/etc/shorewall/routestopped</ulink></filename>. url="manpages/shorewall-stoppedrules.html">/etc/shorewall/stoppedrules</ulink></filename>.
A running firewall may be restarted using the <quote>shorewall A running firewall may be restarted using the <quote>shorewall
restart</quote> command. If you want to totally remove any trace of restart</quote> command. If you want to totally remove any trace of
Shorewall from your Netfilter configuration, use <quote>shorewall Shorewall from your Netfilter configuration, use <quote>shorewall
@ -2411,15 +2411,16 @@ foobar.net. 86400 IN A 192.0.2.177
<para><inlinegraphic fileref="images/BD21298_.gif"/></para> <para><inlinegraphic fileref="images/BD21298_.gif"/></para>
<para>Edit the <filename><ulink <para>Edit the <filename><ulink
url="manpages/shorewall-routestopped.html">/etc/shorewall/routestopped</ulink></filename> url="manpages/shorewall-stoppedrules.html">/etc/shorewall/stoppedrules</ulink></filename>
file and configure those systems that you want to be able to access the file and add ACCEPT rules for those systems that you want to be able to
firewall when it is stopped.</para> access the firewall when it is stopped.</para>
<caution> <caution>
<para>If you are connected to your firewall from the Internet, do not <para>If you are connected to your firewall from the Internet, do not
issue a <quote>shorewall stop</quote> command unless you have added an issue a <quote>shorewall stop</quote> command unless you have added an
entry for the IP address that you are connected from to <filename><ulink ACCEPT entry for the IP address that you are connected from to
url="manpages/shorewall-routestopped.html">/etc/shorewall/routestopped</ulink></filename>. <filename><ulink
url="manpages/shorewall-stoppedrules.html">/etc/shorewall/stoppedrules</ulink></filename>.
Also, I don't recommend using <quote>shorewall restart</quote>; it is Also, I don't recommend using <quote>shorewall restart</quote>; it is
better to create an <ulink better to create an <ulink
url="starting_and_stopping_shorewall.htm"><emphasis>an alternate url="starting_and_stopping_shorewall.htm"><emphasis>an alternate

5
docs/standalone.xml
View File

@ -119,8 +119,7 @@
<title>Conventions</title> <title>Conventions</title>
<para>Points at which configuration changes are recommended are flagged <para>Points at which configuration changes are recommended are flagged
with <inlinegraphic fileref="images/BD21298_.gif" with <inlinegraphic fileref="images/BD21298_.gif" format="GIF"/>.</para>
format="GIF" />.</para>
<para>Configuration notes that are unique to Debian and it's derivatives <para>Configuration notes that are unique to Debian and it's derivatives
are marked with <inlinegraphic fileref="images/openlogo-nd-25.png" are marked with <inlinegraphic fileref="images/openlogo-nd-25.png"
@ -610,7 +609,7 @@ SSH(ACCEPT) net $FW </programlisting>
<para>The firewall is started using the <quote><command>shorewall <para>The firewall is started using the <quote><command>shorewall
start</command></quote> command and stopped using start</command></quote> command and stopped using
<quote><command>shorewall stop</command></quote>. When the firewall is <quote><command>shorewall stop</command></quote>. When the firewall is
stopped, routing is enabled on those hosts that have an entry in stopped, traffic is enabled on those hosts that have an entry in
<filename><ulink <filename><ulink
url="manpages/shorewall-stoppedrules.html">/etc/shorewall/stoppedrules</ulink></filename> url="manpages/shorewall-stoppedrules.html">/etc/shorewall/stoppedrules</ulink></filename>
(<filename><ulink (<filename><ulink

6
docs/starting_and_stopping_shorewall.xml
View File

@ -151,7 +151,7 @@
all Netfilter rules and open your firewall for all traffic to pass. all Netfilter rules and open your firewall for all traffic to pass.
It rather places your firewall in a safe state defined by the It rather places your firewall in a safe state defined by the
contents of your <ulink contents of your <ulink
url="manpages/shorewall-routestopped.html">/etc/shorewall/routestopped</ulink> url="manpages/shorewall-stoppedrules.html">/etc/shorewall/stoppedrules</ulink>
file and the setting of ADMINISABSENTMINDED in <ulink file and the setting of ADMINISABSENTMINDED in <ulink
url="manpages/shorewall.conf.html">/etc/shorewall/shorewall.conf</ulink>.</para> url="manpages/shorewall.conf.html">/etc/shorewall/shorewall.conf</ulink>.</para>
</important> </important>
@ -638,8 +638,8 @@
<entry>firewall stop</entry> <entry>firewall stop</entry>
<entry>Only traffic to/from hosts listed in <entry>Only traffic allowed by ACCEPT entries in
/etc/shorewall/routestopped is passed to/from/through the /etc/shorewall/stoppedrules is passed to/from/through the
firewall. If ADMINISABSENTMINDED=Yes in firewall. If ADMINISABSENTMINDED=Yes in
/etc/shorewall/shorewall.conf then in addition, all existing /etc/shorewall/shorewall.conf then in addition, all existing
connections are retained and all connection requests from the connections are retained and all connection requests from the