From 8e62e0fa5700dfe1dd40d5d634a92166e53ec6b2 Mon Sep 17 00:00:00 2001 From: mhnoyes Date: Sun, 28 Dec 2003 16:08:35 +0000 Subject: [PATCH] fixed quotes, add CVS Id git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@993 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-docs/configuration_file_basics.xml | 52 ++++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/Shorewall-docs/configuration_file_basics.xml b/Shorewall-docs/configuration_file_basics.xml index 9b26bfc55..17a9a5fb0 100644 --- a/Shorewall-docs/configuration_file_basics.xml +++ b/Shorewall-docs/configuration_file_basics.xml @@ -5,7 +5,7 @@ - Configuration Files + Configuration Files @@ -67,16 +67,16 @@ - defines IPSEC, GRE and IPIP tunnels with end-points on the firewall system./etc/shorewall/blacklist - lists blacklisted IP/subnet/MAC addresses./etc/shorewall/init - - commands that you wish to execute at the beginning of a "shorewall - start" or "shorewall restart"./etc/shorewall/start - - commands that you wish to execute at the completion of a "shorewall - start" or "shorewall restart"/etc/shorewall/stop - - commands that you wish to execute at the beginning of a "shorewall - stop"./etc/shorewall/stopped - - commands that you wish to execute at the completion of a "shorewall - stop"./etc/shorewall/ecn - disable - Explicit Congestion Notification (ECN - RFC 3168) to remote hosts or - networks./etc/shorewall/accounting - + - commands that you wish to execute at the beginning of a shorewall + start or shorewall restart./etc/shorewall/start + - commands that you wish to execute at the completion of a shorewall + start or shorewall restart/etc/shorewall/stop + - commands that you wish to execute at the beginning of a shorewall + stop./etc/shorewall/stopped - + commands that you wish to execute at the completion of a shorewall + stop./etc/shorewall/ecn - + disable Explicit Congestion Notification (ECN - RFC 3168) to remote hosts + or networks./etc/shorewall/accounting - define IP traffic accounting rules/etc/shorewall/usersets and /etc/shorewall/users - define sets of users/groups with similar access rights/etc/shorewall/actions and @@ -88,9 +88,9 @@ Comments You may place comments in configuration files by making the first - non-whitespace character a pound sign ("#"). You may also place - comments at the end of any line, again by delimiting the comment from the - rest of the line with a pound sign. + non-whitespace character a pound sign (#). You may also + place comments at the end of any line, again by delimiting the comment + from the rest of the line with a pound sign. Comments in a Configuration File @@ -104,7 +104,7 @@ ACCEPT net fw tcp www #This is an end-of-line commentLine Continuation You may continue lines in the configuration files using the usual - backslash ("\") followed immediately by a new line character. + backslash (\) followed immediately by a new line character. Line Continuation @@ -179,7 +179,7 @@ smtp,www,pop3,imap #Services running on the firewall Using DNS Names - I personally recommend strongly against using DNS names in + I personally recommend strongly against using DNS names in Shorewall configuration files. If you use DNS names and you are called out of bed at 2:00AM because Shorewall won't start as a result of DNS problems then don't say that you were not forewarned. @@ -285,9 +285,9 @@ smtp,www,pop3,imap #Services running on the firewall Complementing an Address or Subnet Where specifying an IP address, a subnet or an interface, you can - precede the item with "!" to specify the complement of the item. - For example, !192.168.1.4 means "any host but 192.168.1.4". There - must be no white space following the "!". + precede the item with ! to specify the complement of the + item. For example, !192.168.1.4 means any host but 192.168.1.4. + There must be no white space following the !.
@@ -319,7 +319,7 @@ smtp,www,pop3,imap #Services running on the firewall Port Numbers/Service Names Unless otherwise specified, when giving a port number you can use - either an integer or a service name from /etc/services. + either an integer or a service name from /etc/services.
@@ -328,7 +328,7 @@ smtp,www,pop3,imap #Services running on the firewall If you need to specify a range of ports, the proper syntax is <low port number>:<high port number>. For example, if you want to forward the range of tcp ports 4000 through 4100 to local host - 192.168.1.3, the entry in /etc/shorewall/rules is: + 192.168.1.3, the entry in /etc/shorewall/rules is: @@ -370,7 +370,7 @@ smtp,www,pop3,imap #Services running on the firewall - If you omit the low port number, a value of zero is assumed; if you + If you omit the low port number, a value of zero is assumed; if you omit the high port number, a value of 65535 is assumed.
@@ -438,9 +438,9 @@ role="bold">02:00:08:E3:FA:55 Because Shorewall uses colons as a separator for address fields, Shorewall requires MAC addresses to be written in another way. In - Shorewall, MAC addresses begin with a tilde ("~") and consist of 6 - hex numbers separated by hyphens. In Shorewall, the MAC address in the - example above would be written "~02-00-08-E3-FA-55". + Shorewall, MAC addresses begin with a tilde (~) and consist + of 6 hex numbers separated by hyphens. In Shorewall, the MAC address in + the example above would be written ~02-00-08-E3-FA-55. It is not necessary to use the special Shorewall notation in the @@ -460,7 +460,7 @@ role="bold">02:00:08:E3:FA:55 from /etc/shorewall. This facility permits you to easily create a test or temporary - configuration by + configuration by