From c751a0ada30a36fb979437a30730ced7bf752df5 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 20 Feb 2012 11:30:06 -0800 Subject: [PATCH] Documentation updates suggested by Jeffrey Spain. Signed-off-by: Tom Eastep --- docs/Documentation_Index.xml | 23 +++++++++++---------- docs/Introduction.xml | 16 +++++++++++++-- docs/upgrade_issues.xml | 39 ++++++++++++++++++++++++++++++++++-- 3 files changed, 63 insertions(+), 15 deletions(-) diff --git a/docs/Documentation_Index.xml b/docs/Documentation_Index.xml index 3045d41b0..dfae44daa 100644 --- a/docs/Documentation_Index.xml +++ b/docs/Documentation_Index.xml @@ -223,8 +223,8 @@ OpenVZ - Upgrading to Shorewall 4.4 - (Upgrading Debian Lenny to Squeeze) + Upgrade + Issues @@ -234,7 +234,8 @@ Operating Shorewall - VPN + Upgrading to Shorewall 4.4 + (Upgrading Debian Lenny to Squeeze) @@ -245,7 +246,7 @@ Packet Marking - VPN Passthrough + VPN @@ -255,8 +256,7 @@ Packet Processing in a Shorewall-based Firewall - White - List Creation + VPN Passthrough @@ -264,8 +264,8 @@ 'Ping' Management - Xen - Shorewall in a Bridged Xen - DomU + White + List Creation @@ -275,8 +275,8 @@ Port Forwarding - Xen - Shorewall in Routed - Xen Dom0 + Xen - Shorewall in a Bridged Xen + DomU @@ -285,7 +285,8 @@ Port Information - + Xen - Shorewall in Routed + Xen Dom0 diff --git a/docs/Introduction.xml b/docs/Introduction.xml index e36c22273..a92bc6495 100644 --- a/docs/Introduction.xml +++ b/docs/Introduction.xml @@ -16,7 +16,7 @@ - 2003-2009 + 2003-2012 Thomas M. Eastep @@ -385,9 +385,14 @@ ACCEPT net $FW tcp 22
Shorewall Packages - Shorewall 4.3 and later consists of four packages. + Shorewall 4.5 and later consists of six packages. + + Shorewall-core. All of the + other packages depend on this one. + + Shorewall. This package must be installed on at least one system in your network. It contains @@ -417,6 +422,13 @@ ACCEPT net $FW tcp 22 scripts are generated. These scripts are copied to the firewall systems where they run under the control of Shorewall6-lite. + + + Shorewall-init. May be + installed with any of the other firewall packages. Allows the firewall + to be close prior to bringing up network interfaces. It can also react + to interface up/down events. +
diff --git a/docs/upgrade_issues.xml b/docs/upgrade_issues.xml index 1b30333fd..4cb40b9ca 100644 --- a/docs/upgrade_issues.xml +++ b/docs/upgrade_issues.xml @@ -31,9 +31,11 @@ 2009 + 2012 + Thomas M. Eastep - + @@ -74,6 +76,39 @@ zones. +
+ Versions >= 4.5.0 + + + + + + The BLACKLIST section of the rules file has been eliminated. If + you have entries in that file section, you must move them to the + blrules file. + + + + This version of Shorewall requires the Digest::SHA1 Perl + module. + + + Debian: libdigest-sha1-perl + + Fedora: perl-Digest-SHA1 + + OpenSuSE: perl-Digest-SHA1 + + + + + The generated firewall script now maintains the + /var/lib/shorewall[6][-lite]/interface.status files used by SWPING and + by LSM. + + +
+
Versions >= 4.4.0 @@ -318,7 +353,7 @@ - Beginning with Shorewall 4.4.17, the EXPORTPARAMS option is + Beginning with Shorewall 4.4.17, the EXPORTPARAMS option is deprecated. With EXPORTPARAMS=No, the variables set by /etc/shorewall/params (