extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-22 06:10:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct some Dom references

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4648 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-10-08 02:01:14 +00:00
parent 847e443961
commit c6e795c2b0
1 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
docs/XenMyWay-Routed.xml
View File

@ -255,20 +255,20 @@ disk = [ 'phy:hda3,hda3,w' ]</programlisting>
<graphic align="center" fileref="images/Xen4a.png" /> <graphic align="center" fileref="images/Xen4a.png" />
<para>The zones correspond to the Shorewall zones in the firewall Dom0 <para>The zones correspond to the Shorewall zones in the Dom0
configuration.</para> configuration.</para>
<caution> <caution>
<para>Under some circumstances, UDP and/or TCP communication from a <para>Under some circumstances, UDP and/or TCP communication from a
domU won't work for no obvious reason. That happened with the domU won't work for no obvious reason. That happened with the
<emphasis role="bold">lists</emphasis> domain in my setup. Looking at <emphasis role="bold">lists</emphasis> domain in my setup. Looking at
the IP traffic with <command>tcpdump -nvvi eth1</command> in the the IP traffic with <command>tcpdump -nvvi eth1</command> in dom0
<emphasis role="bold">firewall</emphasis> domU showed that UDP packets showed that UDP packets from the <emphasis
from the <emphasis role="bold">lists</emphasis> domU had incorrect role="bold">lists</emphasis> domU had incorrect checksums. That
checksums. That problem was corrected by arranging for the following problem was corrected by arranging for the following command to be
command to be executed in the <emphasis role="bold">lists</emphasis> executed in the <emphasis role="bold">lists</emphasis> domain when its
domain when its <filename class="devicefile">eth0</filename> device <filename class="devicefile">eth0</filename> device was brought
was brought up:</para> up:</para>
<para><command>ethtool -K eth0 tx off</command></para> <para><command>ethtool -K eth0 tx off</command></para>
@ -296,16 +296,16 @@ fi</programlisting>
</section> </section>
<section id="Firewall"> <section id="Firewall">
<title>Firewall Dom0 Configuration</title> <title>Dom0 Shorewall Configuration</title>
<para>In the firewall Dom0, I run a conventional three-interface <para>In Dom0, I run a conventional three-interface firewall with Proxy
firewall with Proxy ARP DMZ -- it is very similar to the firewall ARP DMZ -- it is very similar to the firewall described in the <ulink
described in the <ulink url="shorewall_setup_guide.htm">Shorewall Setup url="shorewall_setup_guide.htm">Shorewall Setup Guide</ulink> with the
Guide</ulink> with the exception that I've added a fourth interface for exception that I've added a fourth interface for our wireless network.
our wireless network. The firewall runs a routed <ulink The firewall runs a routed <ulink url="OPENVPN.html">OpenVPN
url="OPENVPN.html">OpenVPN server</ulink> to provide roadwarrior access server</ulink> to provide roadwarrior access for our two laptops and a
for our two laptops and a bridged OpenVPN server for the wireless bridged OpenVPN server for the wireless network in our home. Here is the
network in our home. Here is the firewall's view of the network:</para> firewall's view of the network:</para>
<graphic align="center" fileref="images/network4a.png" /> <graphic align="center" fileref="images/network4a.png" />