Use logical interface names in the samples.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-11-22 09:40:15 -08:00
parent 528b473f6b
commit cc02d2bb64
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
10 changed files with 30 additions and 43 deletions

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample Interfaces File for one-interface configuration.
# Copyright (C) 2006-2015 by the Shorewall Team
# Copyright (C) 2006-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -14,4 +14,4 @@
?FORMAT 2
###############################################################################
#ZONE INTERFACE OPTIONS
net eth0 dhcp,tcpflags,logmartians,nosmurfs,sourceroute=0
net NET_IF dhcp,tcpflags,logmartians,nosmurfs,sourceroute=0,physical=eth0

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample Interfaces File for three-interface configuration.
# Copyright (C) 2006-2015 by the Shorewall Team
# Copyright (C) 2006-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -14,6 +14,6 @@
?FORMAT 2
###############################################################################
#ZONE INTERFACE OPTIONS
net eth0 tcpflags,dhcp,nosmurfs,routefilter,logmartians,sourceroute=0
loc eth1 tcpflags,nosmurfs,routefilter,logmartians
dmz eth2 tcpflags,nosmurfs,routefilter,logmartians
net NET_IF tcpflags,dhcp,nosmurfs,routefilter,logmartians,sourceroute=0,physical=eth0
loc LOC_IF tcpflags,nosmurfs,routefilter,logmartians,physical=eth1
dmz DMZ_IF tcpflags,nosmurfs,routefilter,logmartians,physical=eth2

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample SNAT/Masqueradee File for three-interface configuration.
# Copyright (C) 2006-2016 by the Shorewall Team
# Copyright (C) 2006-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -20,4 +20,4 @@
MASQUERADE 10.0.0.0/8,\
169.254.0.0/16,\
172.16.0.0/12,\
192.168.0.0/16 eth0
192.168.0.0/16 NET_IF

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample Stoppedrules File for three-interface configuration.
# Copyright (C) 2012-2015 by the Shorewall Team
# Copyright (C) 2012-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -13,8 +13,8 @@
###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE
# PORT(S) PORT(S)
ACCEPT eth1 -
ACCEPT - eth1
ACCEPT eth2 -
ACCEPT - eth2
ACCEPT LOC_IF -
ACCEPT - LOC_IF
ACCEPT DMZ_IF -
ACCEPT - DMZ_IF

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample Interfaces File for two-interface configuration.
# Copyright (C) 2006-2015 by the Shorewall Team
# Copyright (C) 2006-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -14,5 +14,5 @@
?FORMAT 2
###############################################################################
#ZONE INTERFACE OPTIONS
net eth0 dhcp,tcpflags,nosmurfs,routefilter,logmartians,sourceroute=0
loc eth1 tcpflags,nosmurfs,routefilter,logmartians
net NET_IF dhcp,tcpflags,nosmurfs,routefilter,logmartians,sourceroute=0,physical=eth0
loc LOC_IF tcpflags,nosmurfs,routefilter,logmartians,physical=eth1

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample SNAT/Masqueradee File for two-interface configuration.
# Copyright (C) 2006-2016 by the Shorewall Team
# Copyright (C) 2006-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -20,4 +20,4 @@
MASQUERADE 10.0.0.0/8,\
169.254.0.0/16,\
172.16.0.0/12,\
192.168.0.0/16 eth0
192.168.0.0/16 NET_IF

View File

@ -1,6 +1,6 @@
#
# Shorewall - Sample Stoppedrules File for two-interface configuration.
# Copyright (C) 2012-2015 by the Shorewall Team
# Copyright (C) 2012-2017 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@ -13,5 +13,5 @@
###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE
# PORT(S) PORT(S)
ACCEPT eth1 -
ACCEPT - eth1
ACCEPT LOC_IF -
ACCEPT - LOC_IF

View File

@ -360,14 +360,6 @@ root@lists:~# </programlisting>
are there, you may wish to review the list of options that are specified
for the interface. Some hints:</para>
<tip>
<para>If your external interface is <filename
class="devicefile">ppp0</filename> or <filename
class="devicefile">ippp0</filename>, you can replace the
<quote>detect</quote> in the second column with <quote>-</quote> (minus
the quotes).</para>
</tip>
<tip>
<para>If your external interface is <filename
class="devicefile">ppp0</filename> or <filename

View File

@ -485,20 +485,17 @@ root@lists:~# </programlisting>
are there, you may wish to review the list of options that are specified
for the interfaces. Some hints:</para>
<tip>
<para>If your external interface is <filename
class="devicefile">ppp0</filename> or <filename
class="devicefile">ippp0</filename>, you can replace the
<quote>detect</quote> in the second column with <quote>-</quote>
(without the quotes).</para>
</tip>
<tip>
<para>If your external interface is <filename
class="devicefile">ppp0</filename> or <filename
class="devicefile">ippp0</filename> or if you have a static IP address,
you can remove <quote>dhcp</quote> from the option list.</para>
</tip>
<para>Prior to Shorewall 5.1.9, it is also required to change the snat and
stoppedrules file, to replace <filename>eth0</filename> with the name of
your external interface and <filename>eth1</filename> with the name of
your local interface.</para>
</section>
<section id="Addresses">

View File

@ -442,12 +442,6 @@ root@lists:~# </programlisting>
class="directory">/etc/shorewall/</filename><filename>interfaces</filename>
file accordingly. While you are there, you may wish to review the list of
options that are specified for the interfaces. Some hints:<tip>
<para>If your external interface is <filename
class="devicefile">ppp0</filename> or <filename
class="devicefile">ippp0</filename>, you can replace the
<varname>detect</varname> in the second column with a <quote>-</quote>
(minus the quotes).</para>
</tip><tip>
<para>If your external interface is <filename
class="devicefile">ppp0</filename> or <filename
class="devicefile">ippp0</filename> or if you have a static
@ -459,6 +453,10 @@ root@lists:~# </programlisting>
add the <varname>routeback</varname> option to the option
list.</emphasis></para>
</tip></para>
<para>Prior to Shorewall 5.1.9, you will also need to modify the snat and
stopped rules file, replacing eth1 with the name of your internal
interface.</para>
</section>
<section id="Addresses">