From b3735408efff2b9735a8cf6d845061fb0d9b018a Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 11 Apr 2006 22:20:09 +0000 Subject: [PATCH] Fiddle with comments in config files git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3785 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/masq | 5 +++-- Shorewall/shorewall.conf | 10 ++-------- Shorewall/zones | 7 +++++-- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/Shorewall/masq b/Shorewall/masq index b409b50ea..476a5fc7d 100644 --- a/Shorewall/masq +++ b/Shorewall/masq @@ -50,8 +50,9 @@ # # SUBNET -- Subnet that you wish to masquerade. You can specify this as # a subnet or as an interface. If you give the name of an -# interface, you must have iproute installed and the interface -# must be up before you start the firewall. +# interface, the interface must be up before you start the +# firewall (Shorewall will use your main routing table to +# determine the appropriate subnet(s) to masquerade). # # In order to exclude a subset of the specified SUBNET, you # may append "!" and a comma-separated list of IP addresses diff --git a/Shorewall/shorewall.conf b/Shorewall/shorewall.conf index ab1e9415a..c40da646b 100644 --- a/Shorewall/shorewall.conf +++ b/Shorewall/shorewall.conf @@ -379,16 +379,10 @@ IPSECFILE=zones ############################################################################### # F I R E W A L L O P T I O N S ############################################################################### - -# NAME OF THE FIREWALL ZONE # -# Name of the firewall zone -- if not set or if set to an empty string, then -# you must include a definition of the firewall zone in /etc/shorewall/zones. +# WARNING: THE 'FW' OPTION HAS BEEN REMOVED FROM THIS FILE -- The firewall +# zone is now declared in /etc/shorewall/zones. # -# Note: If IPSECFILE=zones above then you must NOT set FW and you must define -# the firewall zone in /etc/shorewall/zones. - -FW= # # ENABLE IP FORWARDING diff --git a/Shorewall/zones b/Shorewall/zones index da5cf5b52..3a4e68469 100644 --- a/Shorewall/zones +++ b/Shorewall/zones @@ -3,7 +3,9 @@ # # /etc/shorewall/zones # -# This file determines your network zones. +# This file declares your network zones. You specify the hosts in +# each zone through entries in /etc/shorewall/interfaces or +# /etc/shorewall/hosts. # # WARNING: The format of this file changed in Shorewall 3.0.0. You can # continue to use your old records provided that you set @@ -13,7 +15,8 @@ # file. # # To use records in the format described below, you must have -# IPSECFILE=zones specified in /etc/shorewall/shorewall.conf. +# IPSECFILE=zones specified in /etc/shorewall/shorewall.conf +# AND YOU MUST NOT SET THE 'FW' VARIABLE IN THAT FILE!!!!! # # Columns are: #