extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-22 06:10:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Document/manpage updates

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7025 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-08-01 22:11:34 +00:00
parent 4bc07eb658
commit 981e337c41
5 changed files with 237 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
docs/GettingStarted.xml
View File

@ -20,6 +20,8 @@
<copyright>
<year>2006</year>
<year>2007</year>
<holder>Thomas M. Eastep</holder>
</copyright>
@ -34,21 +36,56 @@
</legalnotice>
</articleinfo>
<section id="GettingStarted">
<title>Getting Started</title>
<para>If you are new to Shorewall, please read these two articles
first.</para>
<para>Please read this short article first.</para>
<itemizedlist>
<listitem>
<para><ulink url="Introduction.html">Introduction to
Shorewall</ulink></para>
</listitem>
</itemizedlist>
<para>Next, read the QuickStart Guide that is appropriate for your
configuration:</para>
<para><emphasis role="bold">If you have only one public IP
address:</emphasis></para>
<itemizedlist>
<listitem>
<para><ulink url="standalone.htm">Standalone</ulink> Linux System with a
single network interface (<ulink url="standalone_fr.html">Version
Française</ulink>) <ulink url="standalone_ru.html">(Russian
Version)</ulink> <ulink url="standalone_es.html">Version en
Español</ulink></para>
</listitem>
<listitem>
<para><ulink url="shorewall_quickstart_guide.htm">QuickStart Guides
(HOWTOs)</ulink></para>
<para><ulink url="two-interface.htm">Two-interface</ulink> Linux System
acting as a firewall/router for a small local network (<ulink
url="two-interface_fr.html">Version Française</ulink>) (<ulink
url="two-interface_ru.html">Russian Version</ulink>)</para>
</listitem>
<listitem>
<para><ulink url="three-interface.htm">Three-interface</ulink> Linux
System acting as a firewall/router for a small local network and a DMZ..
(<ulink url="three-interface_fr.html">Version Française</ulink>) (<ulink
url="three-interface_ru.html">Russian Version</ulink>)</para>
</listitem>
</itemizedlist>
<para><emphasis role="bold">If you have more than one public IP
address:</emphasis></para>
<itemizedlist>
<listitem>
<para>The <ulink url="shorewall_setup_guide.htm">Shorewall Setup
Guide</ulink> (<ulink url="shorewall_setup_guide_fr.htm">Version
Française</ulink>) outlines the steps necessary to set up a firewall
where there are multiple public IP addresses involved or if you want to
learn more about Shorewall than is explained in the single-address
guides above.</para>
</listitem>
</itemizedlist>
@ -78,14 +115,14 @@
configuration files</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#Variables">Using
Shell Variables</ulink></entry>
url="configuration_file_basics.htm#Variables">Using Shell
Variables</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#COMMENT">Attach
Comment to Netfilter Rules</ulink></entry>
url="configuration_file_basics.htm#COMMENT">Attach Comment
to Netfilter Rules</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#dnsnames">Using DNS
@ -137,10 +174,9 @@
</listitem>
<listitem>
<para>PPPPPPPS ( or, Paul's Principles for Practical Provision of
Packet Processing with Shorewall ) <ulink
<para>PPPPPPPS ( or, Paul's Principles for Practical Provision of Packet
Processing with Shorewall ) <ulink
url="http://linuxman.wikispaces.com/PPPPPPS">http://linuxman.wikispaces.com/PPPPPPS</ulink></para>
</listitem>
</itemizedlist>
</section>
</article>

25
docs/Introduction.xml
View File

@ -61,6 +61,13 @@
to the combination of iptables+Netfilter (with Netfilter not in
ipchains compatibility mode).</para>
</listitem>
<listitem>
<para>iptables-restore - a program included with iptables that
allows for atomic installation of a set of Netfilter rules. This is
a much more efficient way to install a ruleset than running the
iptables utility once for each rule in the ruleset.</para>
</listitem>
</itemizedlist>
</section>
@ -71,12 +78,12 @@
<quote>Shorewall</quote>, is high-level tool for configuring Netfilter.
You describe your firewall/gateway requirements using entries in a set
of configuration files. Shorewall reads those configuration files and
with the help of the iptables utility, Shorewall configures Netfilter to
match your requirements. Shorewall can be used on a dedicated firewall
system, a multi-function gateway/router/server or on a standalone
GNU/Linux system. Shorewall does not use Netfilter's ipchains
compatibility mode and can thus take advantage of Netfilter's connection
state tracking capabilities.</para>
with the help of the iptables and iptables-restore utilities, Shorewall
configures Netfilter to match your requirements. Shorewall can be used
on a dedicated firewall system, a multi-function gateway/router/server
or on a standalone GNU/Linux system. Shorewall does not use Netfilter's
ipchains compatibility mode and can thus take advantage of Netfilter's
connection state tracking capabilities.</para>
<para>Shorewall is not a daemon. Once Shorewall has configured
Netfilter, its job is complete and there is no <quote>Shorewall
@ -340,7 +347,8 @@ ACCEPT net $FW tcp 22</programlisting>
to Shorewall-shell written in the Perl language. This compiler is
highly portable to those Unix-like platforms that support Perl
(including Cygwin) and is the compiler of choice for new Shorewall
installations.</para>
installations. Scripts created using Shorewall-perl use
iptables-restore to install the generated Netfilter ruleset.</para>
</listitem>
<listitem>
@ -353,9 +361,6 @@ ACCEPT net $FW tcp 22</programlisting>
Shorewall-lite.</para>
</listitem>
</orderedlist>
<para>It is suggested that new users install Shorewall and
Shorewall-perl</para>
</section>
<section id="License">

70
docs/Manpages.xml
View File

@ -51,36 +51,39 @@
<section id="Section5">
<title>Section 5 — Files and Concepts</title>
<blockquote>
<simplelist>
<member><ulink
url="manpages/shorewall-accounting.html">accounting</ulink> - Define IP
accounting rules.</member>
url="manpages/shorewall-accounting.html">accounting</ulink> - Define
IP accounting rules.</member>
<member><ulink url="manpages/shorewall-actions.html">actions</ulink> -
Declare user-defined actions.</member>
<member><ulink url="manpages/shorewall-blacklist.html">blacklist</ulink>
- Static blacklisting.</member>
<member><ulink
url="manpages/shorewall-blacklist.html">blacklist</ulink> - Static
blacklisting.</member>
<member><ulink url="manpages/shorewall-ecn.html">ecn</ulink> - Disabling
Explicit Congestion Notification</member>
<member><ulink url="manpages/shorewall-ecn.html">ecn</ulink> -
Disabling Explicit Congestion Notification</member>
<member><ulink url="manpages/shorewall-exclusion.html">exclusion</ulink>
- Excluding hosts from a network or zone</member>
<member><ulink
url="manpages/shorewall-exclusion.html">exclusion</ulink> - Excluding
hosts from a network or zone</member>
<member><ulink url="manpages/shorewall-hosts.html">hosts</ulink> -
Define multiple zones accessed through a single interface</member>
<member><ulink
url="manpages/shorewall-interfaces.html">interfaces</ulink> - Define the
interfaces on the system and optionally associate them with
url="manpages/shorewall-interfaces.html">interfaces</ulink> - Define
the interfaces on the system and optionally associate them with
zones.</member>
<member><ulink url="manpages/shorewall-maclist.html">maclist</ulink> -
Define MAC verification.</member>
<member><ulink url="manpages/shorewall-masq.html">masq</ulink> - Define
Masquerade/SNAT</member>
<member><ulink url="manpages/shorewall-masq.html">masq</ulink> -
Define Masquerade/SNAT</member>
<member><ulink url="manpages/shorewall-modules.html">modules</ulink> -
Specify which kernel modules to load.</member>
@ -91,8 +94,8 @@
<member><ulink url="manpages/shorewall-nesting.html">nesting</ulink> -
How to define nested zones.</member>
<member><ulink url="manpages/shorewall-netmap.html">netmap</ulink> - How
to map addresses from one net to another.</member>
<member><ulink url="manpages/shorewall-netmap.html">netmap</ulink> -
How to map addresses from one net to another.</member>
<member><ulink url="manpages/shorewall-params.html">params</ulink> -
Assign values to shell variables used in other files.</member>
@ -100,11 +103,12 @@
<member><ulink url="manpages/shorewall-policy.html">policy</ulink> -
Define high-level policies for connections between zones.</member>
<member><ulink url="manpages/shorewall-providers.html">providers</ulink>
- Define routing tables, usually for mutliple internet links.</member>
<member><ulink
url="manpages/shorewall-providers.html">providers</ulink> - Define
routing tables, usually for mutliple internet links.</member>
<member><ulink url="manpages/shorewall-proxyarp.html">proxyarp</ulink> -
Define Proxy ARP.</member>
<member><ulink url="manpages/shorewall-proxyarp.html">proxyarp</ulink>
- Define Proxy ARP.</member>
<member><ulink url="manpages/shorewall-rfc1918.html">rfc1918</ulink> -
Specify address ranges affected by the <option>norfc1918</option>
@ -122,11 +126,13 @@
<member><ulink url="manpages/shorewall-rules.html">rules</ulink> -
Specify exceptions to policies, including DNAT and REDIRECT.</member>
<member><ulink url="manpages/shorewall-tcclasses.html">tcclasses</ulink>
- Define htb classes for traffic shaping.</member>
<member><ulink
url="manpages/shorewall-tcclasses.html">tcclasses</ulink> - Define htb
classes for traffic shaping.</member>
<member><ulink url="manpages/shorewall-tcdevices.html">tcdevices</ulink>
- Specify speed of devices for traffic shaping.</member>
<member><ulink
url="manpages/shorewall-tcdevices.html">tcdevices</ulink> - Specify
speed of devices for traffic shaping.</member>
<member><ulink url="manpages/shorewall-tcrules.html">tcrules</ulink> -
Define packet marking rules, usually for traffic shaping.</member>
@ -137,8 +143,9 @@
<member><ulink url="manpages/shorewall-tunnels.html">tunnels</ulink> -
Define VPN connections with endpoints on the firewall.</member>
<member><ulink url="manpages/shorewall.conf.html">shorewall.conf</ulink>
- Specify values for global Shorewall options.</member>
<member><ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink> - Specify
values for global Shorewall options.</member>
<member><ulink
url="manpages/shorewall-lite.conf.html">shorewall-lite.conf</ulink> -
@ -149,23 +156,28 @@
information.</member>
<member><ulink
url="manpages/shorewall-lite-vardir.html">vardir-lite</ulink> - Redefine
the directory where Shorewall Lite keeps its state information.</member>
url="manpages/shorewall-lite-vardir.html">vardir-lite</ulink> -
Redefine the directory where Shorewall Lite keeps its state
information.</member>
<member><ulink url="manpages/shorewall-zones.html">zones</ulink> -
Declare Shorewall zones.l</member>
Declare Shorewall zones.</member>
</simplelist>
</blockquote>
</section>
<section id="Section8">
<title>Section 8 — Administrative Commands</title>
<blockquote>
<simplelist>
<member><ulink url="manpages/shorewall.html">shorewall</ulink> -
/sbin/shorewall command syntax and semantics.</member>
<member><ulink url="manpages/shorewall-lite.html">shorewall-lite</ulink>
- /sbin/shorewall-lite command syntax and semantics.</member>
<member><ulink
url="manpages/shorewall-lite.html">shorewall-lite</ulink> -
/sbin/shorewall-lite command syntax and semantics.</member>
</simplelist>
</blockquote>
</section>
</article>

3
manpages/shorewall.conf.xml
View File

@ -127,7 +127,8 @@
<member>a) The name of an
<replaceable>action</replaceable>.</member>
<member>b) The name of a <replaceable>macro</replaceable></member>
<member>b) The name of a <replaceable>macro</replaceable>
(Shorewall-shell only)</member>
<member>c) <emphasis role="bold">None</emphasis> or <emphasis
role="bold">none</emphasis></member>

4
web/Documentation.html
View File

@ -22,7 +22,7 @@ href="GnuCopyright.htm" target="_self">GNU Free Documentation
License</a></span>”.<br>
</p>
<p>2007-07-13<br>
<p>2007-08-01<br>
</p>
<hr style="width: 100%; height: 2px;">
<br>
@ -41,7 +41,7 @@ License</a></span>”.<br>
HOWTOs
<p><span style="font-weight: bold;"></span><a
href="3.0/shorewall_quickstart_guide.htm">Shorewall 3.x</a></p>
<p><a href="shorewall_quickstart_guide.htm">Shorewall 4.x</a></p>
<p><a href="GettingStarted.html">Shorewall 4.x</a></p>
</li>
<li><strong>Man Pages</strong> -- Online version of the manpages released
with Shorewall 3.4.0 and later