extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-25 00:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Comprehensive posessive pronoun review (it's only ever means 'it is' or 'it has')

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5757 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
paulgear 2007-03-30 07:24:32 +00:00
parent 2b972d685b
commit acab08d0d5
18 changed files with 47 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/CompiledPrograms.xml
View File

@ -77,7 +77,7 @@
compile time as well as at run time.</para>
<para>Running the script at compile time allows variable
expansion (expanding $variable to it's defined value) of
expansion (expanding $variable to its defined value) of
variables used in Shorewall configuration files to occur at
compile time. Running it at run-time allows your extension
scripts to use the variables that it creates. BUT -- for any
@ -638,7 +638,7 @@ clean:
compile time as well as at run time.</para>
<para>Running the script at compile time allows variable
expansion (expanding $variable to it's defined value) of
expansion (expanding $variable to its defined value) of
variables used in Shorewall configuration files to occur at
compile time. Running it at run-time allows your extension
scripts to use the variables that it creates. BUT -- for any
@ -864,4 +864,4 @@ MANGLE_FORWARD # Mangle table has FORWARD chain</programlisting
is the level specified in the shorewall.conf file used when then program
was compiled.</para>
</section>
</article>
</article>

6
docs/Documentation.xml
View File

@ -4248,11 +4248,11 @@ all all tcp ftp-data - 8</programlisting
<para>Must be DNAT or SNAT.</para>
<para>If DNAT, traffic entering INTERFACE and addressed to NET1 has
it's destination address rewritten to the corresponding address in
its destination address rewritten to the corresponding address in
NET2.</para>
<para>If SNAT, traffic leaving INTERFACE with a source address in
NET1 has it's source address rewritten to the corresponding address
NET1 has its source address rewritten to the corresponding address
in NET2.</para>
</listitem>
</varlistentry>
@ -4412,4 +4412,4 @@ eth1 -</programlisting>
<para>This file is described in the <ulink url="Accounting.html">Traffic
Accounting Documentation</ulink>.</para>
</section>
</article>
</article>

4
docs/IPSEC-2.6.xml
View File

@ -338,7 +338,7 @@ net ipv4
<para>You must define the vpn zone using the
<filename>/etc/shorewall/hosts</filename> file. The hosts file entries
below assume that you want the remote gateway to be part of the vpn zone —
If you don't wish the remote gateway included, simply omit it's IP address
If you don't wish the remote gateway included, simply omit its IP address
from the HOSTS column.</para>
<blockquote>
@ -857,4 +857,4 @@ all all REJECT info
ipsec-tools source tree. It has a wide variety of sample racoon
configuration files.</para>
</section>
</article>
</article>

4
docs/Introduction.xml
View File

@ -79,7 +79,7 @@
state tracking capabilities.</para>
<para>Shorewall is not a daemon. Once Shorewall has configured
Netfilter, it's job is complete and there is no <quote>Shorewall
Netfilter, its job is complete and there is no <quote>Shorewall
process</quote> left running in your system. The <ulink
url="starting_and_stopping_shorewall.htm">/sbin/shorewall program can be
used at any time to monitor the Netfilter firewall</ulink>.</para>
@ -323,4 +323,4 @@ ACCEPT net $FW tcp 22</programlisting>
along with this program; if not, write to the Free Software Foundation,
Inc., 675 Mass Ave, Cambridge, MA 02139, USA</para>
</section>
</article>
</article>

4
docs/MAC_Validation.xml
View File

@ -240,7 +240,7 @@ $WIFI_IF 00:1f:79:cd:fe:2e 192.168.3.6 #Work Laptop
<para>While marketed as a wireless bridge, the WET11 behaves like a
wireless router with DHCP relay. When forwarding DHCP traffic, it
uses the MAC address of the host (TIPPER) but for other forwarded
traffic it uses it's own MAC address. Consequently, I list the IP
traffic it uses its own MAC address. Consequently, I list the IP
addresses of both devices in /etc/shorewall/maclist.</para>
</note></para>
</example>
@ -264,4 +264,4 @@ $WIFI_IF 00:1f:79:cd:fe:2e 192.168.3.6 #Work Laptop
of the host sending the traffic.</para>
</example>
</section>
</article>
</article>

4
docs/Macros.xml
View File

@ -588,7 +588,7 @@ bar:debug</programlisting>
</listitem>
<listitem>
<para>Macros are expanded in-line while each action is it's own chain.
<para>Macros are expanded in-line while each action is its own chain.
So if there are a lot of rules involved in your new action/macro then
it is generally better to use an action than a macro. Only the packets
selected when you invoke the action are directed to the corresponding
@ -597,4 +597,4 @@ bar:debug</programlisting>
</listitem>
</orderedlist>
</section>
</article>
</article>

4
docs/MultiISP.xml
View File

@ -259,7 +259,7 @@
<caution>
<para>The Shorewall implementation of Multi-ISP support assumes
that each provider has it's own interface.</para>
that each provider has its own interface.</para>
</caution>
</listitem>
</varlistentry>
@ -928,4 +928,4 @@ gateway:~ #</programlisting>Note that because we used a priority of 1000, the
</section>
</section>
</section>
</article>
</article>

4
docs/Multiple_Zones.xml
View File

@ -173,7 +173,7 @@
<section>
<title>I Need Separate Zones</title>
<para>If you need to make 192.168.2.0/24 into it's own zone, you can do
<para>If you need to make 192.168.2.0/24 into its own zone, you can do
it one of two ways; Nested Zones or Parallel Zones. Again, it is likely
that you will need to be running Shorewall 2.0.16 or later and that you
will have to set DROPINVALID=No in
@ -356,4 +356,4 @@ eth0:!192.168.1.0/24 192.168.1.0/24</programlisting>
url="MAC_Validation.html"><filename>/etc/shorewall/maclist</filename></ulink>
file when everything else is working.</para>
</section>
</article>
</article>

4
docs/Shorewall_and_Aliased_Interfaces.xml
View File

@ -94,7 +94,7 @@ Device "eth0:0" does not exist.
</example>
<para>The iptables program doesn't support virtual interfaces in either
it's <quote>-i</quote> or <quote>-o</quote> command options; as a
its <quote>-i</quote> or <quote>-o</quote> command options; as a
consequence, Shorewall does not allow them to be used in the
/etc/shorewall/interfaces file or anywhere else except as described in the
discussion below.</para>
@ -334,4 +334,4 @@ loc2 eth1:192.168.20.0/24</programlisting>
</example>
</section>
</section>
</article>
</article>

4
docs/XenMyWay-Routed.xml
View File

@ -533,7 +533,7 @@ vpn tun+ -
<para><filename>/etc/shorewall/masq (Note the cute trick here and in
the <filename>following proxyarp</filename> file that allows me to
access the DSL "Modem" using it's default IP address
access the DSL "Modem" using its default IP address
(192.168.1.1))</filename>. The leading "+" is required to place the
rule before the SNAT rules generated by entries in
<filename>/etc/shorewall/nat</filename> above.</para>
@ -1010,4 +1010,4 @@ esac
</blockquote>
</section>
</section>
</article>
</article>

4
docs/XenMyWay.xml
View File

@ -562,7 +562,7 @@ vpn tun+ -
<para><filename>/etc/shorewall/masq (Note the cute trick here and in
the <filename>following proxyarp</filename> file that allows me to
access the DSL "Modem" using it's default IP address
access the DSL "Modem" using its default IP address
(192.168.1.1))</filename>. The leading "+" is required to place the
rule before the SNAT rules generated by entries in
<filename>/etc/shorewall/nat</filename> above.</para>
@ -958,4 +958,4 @@ esac
</blockquote>
</section>
</section>
</article>
</article>

4
docs/dhcp.xml
View File

@ -115,7 +115,7 @@
<listitem>
<para>It is a good idea to <ulink url="ping.htm">accept 'ping'</ulink>
on any interface that gets it's IP address via DHCP. That way, if the
on any interface that gets its IP address via DHCP. That way, if the
DHCP server is configured with 'ping-check' true, you won't be
blocking its 'ping' requests.</para>
</listitem>
@ -155,4 +155,4 @@
</listitem>
</itemizedlist>
</section>
</article>
</article>

6
docs/netmap.xml
View File

@ -100,11 +100,11 @@
<para>Must be DNAT or SNAT.</para>
<para>If DNAT, traffic entering INTERFACE and addressed to NET1 has
it's destination address rewritten to the corresponding address in
its destination address rewritten to the corresponding address in
NET2.</para>
<para>If SNAT, traffic leaving INTERFACE with a source address in
NET1 has it's source address rewritten to the corresponding address
NET1 has its source address rewritten to the corresponding address
in NET2.</para>
</listitem>
</varlistentry>
@ -312,4 +312,4 @@ SNAT 192.168.1.0/24 vpn 10.10.10.0/24 #RULE 2B</programlist
providers</ulink>. If you try it and get it working, please contribute an
update to this article.</para>
</section>
</article>
</article>

4
docs/shorewall_extension_scripts.xml
View File

@ -237,7 +237,7 @@
<listitem>
<para><emphasis role="bold">ensure_and_save_command()</emphasis> --
runs the passed command. If the command fails, the firewall is
restored to it's prior saved state and the operation is terminated.
restored to its prior saved state and the operation is terminated.
If the command succeeds, the command is written to the restore
file</para>
</listitem>
@ -333,4 +333,4 @@
</note>
</listitem>
</itemizedlist>
</article>
</article>

4
docs/shorewall_logging.xml
View File

@ -172,7 +172,7 @@
<orderedlist>
<listitem>
<para>If you give, for example, kern.info it's own log destination
<para>If you give, for example, kern.info its own log destination
then that destination will also receive all kernel messages of
levels 5 (notice) through 0 (emerg).</para>
</listitem>
@ -250,4 +250,4 @@ gateway:/etc/shorewall# </programl
<para>For Shorewall-specific information, see <ulink
url="FAQ.htm#faq17">FAQ #17</ulink>.</para>
</section>
</article>
</article>

15
docs/shorewall_setup_guide.xml
View File

@ -126,7 +126,12 @@
instructions.</para>
<para>Shorewall views the network where it is running as being composed of
a set of zones. In this guide, we will use the following zones:</para>
a set of zones. A zone is one or more hosts, which can be defined
as individual hosts or networks in
<filename class="directory">/etc/shorewall/hosts</filename>, or as
an entire interface in <filename
class="directory">/etc/shorewall/interfaces</filename>. In this
guide, we will use the following zones:</para>
<variablelist>
<varlistentry>
@ -1075,7 +1080,7 @@ Destination Gateway Genmask Flgs MSS Win irtt Iface
<para>When sending packets over Ethernet, IP addresses aren't used.
Rather Ethernet addressing is based on <emphasis>Media Access
Control</emphasis> (MAC) addresses. Each Ethernet device has it's own
Control</emphasis> (MAC) addresses. Each Ethernet device has its own
unique MAC address which is burned into a PROM on the device during
manufacture. You can obtain the MAC of an Ethernet device using the
<quote>ip</quote> utility:</para>
@ -1792,7 +1797,7 @@ ACCEPT net $FW tcp ssh #SSH to the
<para>The above discussion reflects my personal preference for using
Proxy ARP for my servers in my DMZ and SNAT/NAT for my local systems. I
prefer to use NAT only in cases where a system that is part of an RFC
1918 subnet needs to have it's own public IP.</para>
1918 subnet needs to have its own public IP.</para>
<para><inlinegraphic fileref="images/BD21298_.gif" /></para>
@ -1907,7 +1912,7 @@ ACCEPT net $FW tcp ssh #SSH to the
systems named www.foobar.net and mail.foobar.net and you want the three
local systems named "winken.foobar.net, blinken.foobar.net and
nod.foobar.net. You want your firewall to be known as firewall.foobar.net
externally and it's interface to the local network to be know as
externally and its interface to the local network to be know as
gateway.foobar.net and its interface to the dmz as dmz.foobar.net. Let's
have the DNS server on 192.0.2.177 which will also be known by the name
ns1.foobar.net.</para>
@ -2424,4 +2429,4 @@ foobar.net. 86400 IN A 192.0.2.177
try</command></ulink></quote> command.</para>
</caution>
</section>
</article>
</article>

4
docs/starting_and_stopping_shorewall.xml
View File

@ -476,7 +476,7 @@ gateway:~ #</programlisting>
</itemizedlist>
<para>If the <command>restart</command> fails, your configuration will be
restored to it's state at the last <command>shorewall
restored to its state at the last <command>shorewall
save</command>.</para>
<para>When the new configuration works then just:</para>
@ -1565,4 +1565,4 @@ gateway:~ #</programlisting>
on the command.</para>
</section>
</section>
</article>
</article>

4
docs/upgrade_issues.xml
View File

@ -831,7 +831,7 @@ DNAT loc loc:192.168.1.12 tcp 80 - 130.252.100.69</p
<listitem>
<para>ensure_and_save_command() -- runs the passed command. If the
command fails, the firewall is restored to it's prior saved state
command fails, the firewall is restored to its prior saved state
and the operation is terminated. If the command succeeds, the
command is written to the restore file</para>
</listitem>
@ -1327,4 +1327,4 @@ z2 z1 NONE
</listitem>
</itemizedlist>
</section>
</article>
</article>