extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-08-10 08:04:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Shorewall-1.4.7

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@756 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
2003-10-06 22:38:40 +00:00
parent acad75f82f
commit a30b326a4b
96 changed files with 26174 additions and 26168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

445
STABLE/documentation/support.htm
View File

@ -1,92 +1,62 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1252">
<title>Shorewall Support Guide</title>
</head>
<body>
<body>
<table border="0" cellpadding="0" cellspacing="0"
style="border-collapse: collapse;" width="100%" id="AutoNumber1"
bgcolor="#3366ff" height="90">
<tbody>
<tr>
<td width="100%">
<tr>
<td width="100%">
<h1 align="center"><font color="#ffffff">Shorewall Support Guide<img
src="images/obrasinf.gif" alt="" width="90" height="90" align="middle">
</font></h1>
</td>
</font></h1>
</td>
</tr>
</tbody>
</tbody>
</table>
<h2>Before Reporting a Problem or Asking a Question<br>
</h2>
There are a number of sources of Shorewall information. Please
try these before you post.
</h2>
There are a number of sources of Shorewall information. Please try
these before you post.
<ul>
<li>Shorewall versions
earlier that 1.3.0 are no longer supported.<br>
</li>
<li>More than half of the questions posted on the support
list have answers directly accessible from the <a
href="http://www.shorewall.net/shorewall_quickstart_guide.htm#Documentation">Documentation
Index</a><br>
</li>
<li>
The <a href="http://www.shorewall.net/FAQ.htm">FAQ</a>
has solutions to more than 20 common problems.
</li>
<li>
The <a href="http://www.shorewall.net/troubleshoot.htm">Troubleshooting</a>
Information contains a number of tips
to help you solve common problems. </li>
<li>
The <a href="http://www.shorewall.net/errata.htm"> Errata</a>
has links to download updated components. </li>
<li>
The Site and Mailing List Archives search facility
can locate documents and posts about similar problems:
</li>
<li>Shorewall versions earlier that 1.3.0 are no longer supported.<br>
</li>
<li>More than half of the questions posted on the support list have
answers directly accessible from the <a
href="http://www.shorewall.net/shorewall_quickstart_guide.htm#Documentation">Documentation
Index</a><br>
</li>
<li> The <a href="http://www.shorewall.net/FAQ.htm">FAQ</a> has
solutions to more than 20 common problems. </li>
<li> The <a href="http://www.shorewall.net/troubleshoot.htm">Troubleshooting</a>
Information contains a number of tips
to help you solve common problems. </li>
<li> The <a href="http://www.shorewall.net/errata.htm"> Errata</a>
has links to download updated components. </li>
<li> The Site and Mailing List Archives search facility can locate
documents and posts about similar problems: </li>
</ul>
<h2>Site and Mailing List Archive Search</h2>
<blockquote>
<blockquote>
<form method="post"
action="http://lists.shorewall.net/cgi-bin/htsearch"> <font size="-1"> Match:
action="http://lists.shorewall.net/cgi-bin/htsearch"> <font size="-1">Match:
<select name="method">
<option value="and">All </option>
<option value="or">Any </option>
<option value="boolean">Boolean </option>
</select>
Format:
Format:
<select name="format">
<option value="builtin-long">Long </option>
<option value="builtin-short">Short </option>
</select>
Sort by:
Sort by:
<select name="sort">
<option value="score">Score </option>
<option value="time">Time </option>
@ -95,250 +65,193 @@ can locate documents and posts about similar problems:
<option value="revtime">Reverse Time </option>
<option value="revtitle">Reverse Title </option>
</select>
</font><input type="hidden" name="config"
value="htdig"><input type="hidden" name="restrict" value=""><font
size="-1"> Include Mailing List Archives:
</font><input type="hidden" name="config" value="htdig"><input
type="hidden" name="restrict" value=""><font size="-1"> Include
Mailing List Archives:
<select size="1" name="exclude">
<option value="">Yes</option>
<option value="[http://lists.shorewall.net/pipermail/.*]">No</option>
</select>
</font><br>
Search: <input type="text" size="30"
name="words" value=""> <input type="submit" value="Search"><br>
</form>
</blockquote>
</font><br>
Search: <input type="text" size="30" name="words" value=""> <input
type="submit" value="Search"><br>
</form>
</blockquote>
<h2>Problem Reporting Guidelines<br>
</h2>
</h2>
<ul>
<li>Please remember we only
know what is posted in your message. Do not leave out
any information that appears to be correct, or was mentioned
in a previous post. There have been countless posts by people
who were sure that some part of their configuration was correct
when it actually contained a small error. We tend to be skeptics
where detail is lacking.<br>
<br>
</li>
<li>Please keep in mind that
you're asking for <strong>free</strong> technical
support. Any help we offer is an act of generosity, not an obligation.
Try to make it easy for us to help you. Follow good, courteous
practices in writing and formatting your e-mail. Provide details
that we need if you expect good answers. <em>Exact quoting </em>
of error messages, log entries, command output, and other output is
better than a paraphrase or summary.<br>
<br>
</li>
<li>
Please don't describe your environment and then
ask us to send you custom configuration files.
We're here to answer your questions but we can't
do your job for you.<br>
<br>
</li>
<li>When reporting a problem,
<strong>ALWAYS</strong> include this information:</li>
<li>Please remember we only know what is posted in your message. Do
not leave out
any information that appears to be correct, or was mentioned in a
previous post. There have been countless posts by people who were sure
that some part of their configuration was correct when it actually
contained a small error. We tend to be skeptics where detail is lacking.<br>
<br>
</li>
<li>Please keep in mind that you're asking for <strong>free</strong>
technical support. Any help we offer is an act of generosity, not an
obligation. Try to make it easy for us to help you. Follow good,
courteous practices in writing and formatting your e-mail. Provide
details
that we need if you expect good answers. <em>Exact quoting </em> of
error messages, log entries, command output, and other output is
better than a paraphrase or summary.<br>
<br>
</li>
<li> Please don't describe your environment and then ask us to send
you custom configuration files. We're here to answer your questions but
we can't do your job for you.<br>
<br>
</li>
<li>When reporting a problem, <strong>ALWAYS</strong> include this
information:</li>
</ul>
<ul>
<ul>
<li>the exact version of
Shorewall you are running.<br>
<br>
<b><font
color="#009900">shorewall version</font><br>
</b> <br>
</li>
<li>the exact version of Shorewall you are running.<br>
<br>
<b><font color="#009900">shorewall version</font><br>
</b> <br>
</li>
</ul>
<ul>
</ul>
<ul>
<li>the complete, exact
output of<br>
<br>
<font color="#009900"><b>ip
addr show<br>
<br>
</b></font></li>
<li>the complete, exact
output of<br>
<br>
<font color="#009900"><b>ip addr show<br>
<br>
</b></font></li>
</ul>
<ul>
<li>the complete, exact
output of<br>
<br>
<font color="#009900"><b>ip
route show<br>
</b></font></li>
<li>the complete, exact
output of<br>
<br>
<font color="#009900"><b>ip route show<br>
</b></font></li>
</ul>
<ul>
</ul>
</ul>
<ul>
<ul>
<li><small><small><font color="#ff0000"><u><i><big><b>THIS
IS IMPORTANT!</b></big></i></u></font></small></small><big> </big>If your
problem is that some type of connection to/from or through your firewall
isn't working then please perform the following four steps:<br>
<br>
1. <b><font color="#009900">/sbin/shorewall reset</font></b><br>
<br>
2. Try making the connection that is failing.<br>
<br>
3.<b><font color="#009900"> /sbin/shorewall
status &gt; /tmp/status.txt</font></b><br>
<br>
4. Post the /tmp/status.txt file as an
attachment (you may compress it if you like).<br>
<br>
</li>
<li>the exact wording of any <code
<li><small><small><font color="#ff0000"><u><i><big><b>THIS
IS IMPORTANT!</b></big></i></u></font></small></small><big> </big>If
your
problem is that some type of connection to/from or through your
firewall
isn't working then please perform the following four steps:<br>
<br>
1. <b><font color="#009900">/sbin/shorewall reset</font></b><br>
<br>
2. Try making the connection that is failing.<br>
<br>
3.<b><font color="#009900"> /sbin/shorewall status &gt; /tmp/status.txt</font></b><br>
<br>
4. Post the /tmp/status.txt file as an
attachment (you may compress it if you like).<br>
<br>
</li>
<li>the exact wording of any <code
style="color: green; font-weight: bold;">ping</code> failure responses<br>
<br>
</li>
<li>If you installed Shorewall using one of the QuickStart
Guides, please indicate which one. <br>
<br>
</li>
<li><b>If you are running Shorewall under Mandrake
using the Mandrake installation of Shorewall, please say so.<br>
<br>
</b></li>
<br>
</li>
<li>If you installed Shorewall using one of the QuickStart Guides,
please indicate which one. <br>
<br>
</li>
<li><b>If you are running Shorewall under Mandrake
using the Mandrake installation of Shorewall, please say so.<br>
<br>
</b></li>
</ul>
<li>As a general matter, please <strong>do not edit the
diagnostic information</strong> in an attempt to conceal
your IP address, netmask, nameserver addresses, domain name,
etc. These aren't secrets, and concealing them often misleads
us (and 80% of the time, a hacker could derive them anyway
from information contained in the SMTP headers of your post).<br>
<br>
<strong></strong></li>
<li>Do you see any "Shorewall" messages
("<b><font color="#009900">/sbin/shorewall show log</font></b>")
when you exercise the function that is giving you problems?
If so, include the message(s) in your post along with a copy of
your /etc/shorewall/interfaces file.<br>
<br>
</li>
<li>Please include any of the Shorewall configuration
files (especially the /etc/shorewall/hosts file
if you have modified that file) that you think are
relevant. If you include /etc/shorewall/rules, please include
/etc/shorewall/policy as well (rules are meaningless unless
one also knows the policies).<br>
<br>
</li>
<li>If an error occurs when you try
to "<font color="#009900"><b>shorewall start</b></font>", include
a trace (See the <a
href="http://www.shorewall.net/troubleshoot.htm">Troubleshooting</a>
section for instructions).<br>
<br>
</li>
<li><b>The list server limits posts to 120kb
so don't post GIFs of your network
layout, etc. to the Mailing List -- your post will be
<li>As a general matter, please <strong>do not edit the diagnostic
information</strong> in an attempt to conceal your IP address, netmask,
nameserver addresses, domain name, etc. These aren't secrets, and
concealing them often misleads us (and 80% of the time, a hacker could
derive them anyway from information contained in the SMTP headers of
your post).<br>
<br>
<strong></strong></li>
<li>Do you see any "Shorewall" messages ("<b><font color="#009900">/sbin/shorewall
show log</font></b>") when you exercise the function that is giving you
problems? If so, include the message(s) in your post along with a copy
of your /etc/shorewall/interfaces file.<br>
<br>
</li>
<li>Please include any of the Shorewall configuration files
(especially the /etc/shorewall/hosts file if you have modified that
file) that you think are relevant. If you include /etc/shorewall/rules,
please include /etc/shorewall/policy as well (rules are meaningless
unless one also knows the policies).<br>
<br>
</li>
<li>If an error occurs when you try to "<font color="#009900"><b>shorewall
start</b></font>", include a trace (See the <a
href="http://www.shorewall.net/troubleshoot.htm">Troubleshooting</a>
section for instructions).<br>
<br>
</li>
<li><b>The list server limits posts to 120kb so don't post GIFs of
your network
layout, etc. to the Mailing List -- your post will be
rejected.</b></li>
</ul>
<blockquote> The author gratefully acknowleges that the above list was
heavily plagiarized from the excellent LEAF document by <i>Ray</i>
<em>Olszewski</em> found at <a
<blockquote> The author gratefully acknowleges that the above list was
heavily plagiarized from the excellent LEAF document by <i>Ray</i> <em>Olszewski</em>
found at <a
href="http://leaf-project.org/pub/doc/docmanager/docid_1891.html">http://leaf-project.org/pub/doc/docmanager/docid_1891.html</a>.<br>
</blockquote>
</blockquote>
<h2>When using the mailing list, please post in plain text</h2>
<blockquote> A growing number of MTAs serving list subscribers are
rejecting all HTML traffic. At least one MTA has gone so far as to
blacklist shorewall.net "for continuous abuse" because it has been
my policy to allow HTML in list posts!!<br>
<br>
I think that blocking all
HTML is a Draconian way to control spam and that the
ultimate losers here are not the spammers but the list subscribers
whose MTAs are bouncing all shorewall.net mail. As one list
subscriber wrote to me privately "These e-mail admin's need
to get a <i>(expletive deleted)</i> life instead of trying to
rid the planet of HTML based e-mail". Nevertheless, to allow
subscribers to receive list posts as must as possible, I have now
configured the list server at shorewall.net to strip all HTML from
outgoing posts.<br>
</blockquote>
<blockquote> A growing number of MTAs serving list subscribers are
rejecting all HTML traffic. At least one MTA has gone so far as to
blacklist shorewall.net "for continuous abuse" because it has been
my policy to allow HTML in list posts!!<br>
<br>
I think that blocking all HTML is a Draconian way to control spam and
that the ultimate losers here are not the spammers but the list
subscribers whose MTAs are bouncing all shorewall.net mail. As one list
subscriber wrote to me privately "These e-mail admin's need to get a <i>(expletive
deleted)</i> life instead of trying to rid the planet of HTML based
e-mail". Nevertheless, to allow
subscribers to receive list posts as must as possible, I have now
configured the list server at shorewall.net to convert all HTML to
plain text. These converted posts are difficult to read so all of us
will appreciate it if you just post in plain text to begin with.<br>
</blockquote>
<h2>Where to Send your Problem Report or to Ask for Help</h2>
<blockquote>
<blockquote>
<h4>If you run Shorewall under Bering -- <span
style="font-weight: 400;">please post your question or problem
to the <a
href="mailto:leaf-user@lists.sourceforge.net">LEAF Users mailing
list</a>.</span></h4>
<b>If you run Shorewall
under MandrakeSoft Multi Network Firewall (MNF) and
you have not purchased an MNF license from MandrakeSoft then
you can post non MNF-specific Shorewall questions to the </b><a
href="mailto:shorewall-users@lists.shorewall.net">Shorewall users mailing
list</a>. <b>Do not expect to get free MNF support on the list</b>
style="font-weight: 400;">please post your question or problem to the <a
href="mailto:leaf-user@lists.sourceforge.net">LEAF Users mailing list</a>.</span></h4>
<b>If you run Shorewall under MandrakeSoft Multi Network Firewall
(MNF) and you have not purchased an MNF license from MandrakeSoft then
you can post non MNF-specific Shorewall questions to the </b><a
href="mailto:shorewall-users@lists.shorewall.net">Shorewall users
mailing list</a>. <b>Do not expect to get free MNF support on the list</b>
<p>Otherwise, please post your question or problem to the <a
href="mailto:shorewall-users@lists.shorewall.net">Shorewall users mailing
list.</a> </p>
</blockquote>
href="mailto:shorewall-users@lists.shorewall.net">Shorewall users
mailing list.</a> </p>
</blockquote>
<h2>Subscribing to the Users Mailing List<br>
</h2>
<blockquote>
<p> To Subscribe to the mailing list go to <a
href="http://lists.shorewall.net/mailman/listinfo/shorewall-users">http://lists.shorewall.net/mailman/listinfo/shorewall-users</a>
<br>
Secure: <a
<p> To Subscribe to the mailing list go to <a
href="https://lists.shorewall.net/mailman/listinfo/shorewall-users"
target="_top">https//lists.shorewall.net/mailman/listinfo/shorewall-users</a>.<br>
</p>
</blockquote>
</p>
</blockquote>
<p>For information on other Shorewall mailing lists, go to <a
href="http://lists.shorewall.net">http://lists.shorewall.net</a><br>
</p>
<p align="left"><font size="2">Last Updated 8/1/2003 - Tom Eastep</font></p>
</p>
<p align="left"><font size="2">Last Updated 9/17/2003 - Tom Eastep</font></p>
<p align="left"><font face="Trebuchet MS"><a href="copyright.htm"> <font
size="2">Copyright</font> <20> <font size="2">2001, 2002, 2003 Thomas M. Eastep.</font></a></font><br>
</p>
<br>
<br>
<br>
size="2">Copyright</font> <20> <font size="2">2001, 2002, 2003 Thomas M.
Eastep.</font></a></font><br>
</p>
<br>
<br>
<br>
</body>
</html>