extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-20 12:39:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Resolve FAQ conflicts

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2095 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-05-09 14:53:06 +00:00
parent fa8ae95a22
commit ccbb2d6390
4 changed files with 110 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall-docs2/FAQ.xml
View File

@ -469,8 +469,7 @@
<example> <example>
<title>Example:</title> <title>Example:</title>
<literallayout>Zone: dmz Interface: eth2 Subnet: <literallayout>Zone: dmz Interface: eth2 Subnet: 192.168.2.0/24, Address 192.168.2.254</literallayout>
192.168.2.0/24</literallayout>
<para>In <filename>/etc/shorewall/interfaces</filename>:</para> <para>In <filename>/etc/shorewall/interfaces</filename>:</para>
@ -480,6 +479,16 @@
<para>In <filename>/etc/shorewall/na</filename>t, be sure that you <para>In <filename>/etc/shorewall/na</filename>t, be sure that you
have <quote>Yes</quote> in the ALL INTERFACES column.</para> have <quote>Yes</quote> in the ALL INTERFACES column.</para>
<para>In <filename>/etc/shorewall/masq</filename>:</para>
<programlisting>#INTERFACE SUBNET ADDRESS
eth2 192.168.2.0/24 192.168.2.254</programlisting>
<para>As in FAQ 2 above, all redirected traffic will appear to the
server to originate on the firewall (which is yet one more reason
that you should use DNS to correct this problem rather than applying
horrible IP hacks).</para>
</example> </example>
</section> </section>
@ -558,10 +567,9 @@
interface.</programlisting></para> interface.</programlisting></para>
</blockquote> </blockquote>
<para>Look <ulink url="http://linux-igd.sourceforge.net">here</ulink> <para>Look <ulink url="UPnP.html">here</ulink> for a solution for MSN IM
for a solution for MSN IM but be aware that there are significant but be aware that there are significant security risks involved with
security risks involved with this solution. Also check the Netfilter this solution. Also check the Netfilter mailing list archives at <ulink
mailing list archives at <ulink
url="http://www.netfilter.org">http://www.netfilter.org</ulink>.</para> url="http://www.netfilter.org">http://www.netfilter.org</ulink>.</para>
</section> </section>
</section> </section>

6
Shorewall-docs2/IPSEC-2.6.xml
View File

@ -15,7 +15,7 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2005-02-28</pubdate> <pubdate>2005-05-02</pubdate>
<copyright> <copyright>
<year>2004</year> <year>2004</year>
@ -193,6 +193,10 @@
/etc/shorewall/ipsec can be used to match the zone to a particular (set /etc/shorewall/ipsec can be used to match the zone to a particular (set
of) SA(s) used to encrypt and decrypt traffic to/from the zone and the of) SA(s) used to encrypt and decrypt traffic to/from the zone and the
security policies that select which traffic to encrypt/decrypt.</para> security policies that select which traffic to encrypt/decrypt.</para>
<para>For more information on IPSEC, Kernel 2.6 and Shorewall see <ulink
url="LinuxFest.pdf">my presentation on the subject given at LinuxFest NW
2005</ulink>.</para>
</section> </section>
<section> <section>

4
Shorewall-docs2/shorewall_prerequisites.xml
View File

@ -13,7 +13,7 @@
<surname>Eastep</surname> <surname>Eastep</surname>
</author> </author>
<pubdate>2005-03-22</pubdate> <pubdate>2005-05-03</pubdate>
<copyright> <copyright>
<year>2001-2005</year> <year>2001-2005</year>
@ -51,7 +51,7 @@
<para>Iproute (<quote>ip</quote> utility). The iproute package is <para>Iproute (<quote>ip</quote> utility). The iproute package is
included with most distributions but may not be installed by default. included with most distributions but may not be installed by default.
The official download site is <ulink type="remote" The official download site is <ulink type="remote"
url="ftp://ftp.inr.ac.ru/ip-routing">http://developer.osdl.org/dev/iproute2/download/</ulink>.</para> url="http://developer.osdl.org/dev/iproute2/download/">http://developer.osdl.org/dev/iproute2/download/</ulink>.</para>
</listitem> </listitem>
<listitem> <listitem>

68
Shorewall-docs2/support.xml
View File

@ -15,7 +15,7 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2005-04-20</pubdate> <pubdate>2005-05-03</pubdate>
<copyright> <copyright>
<year>2001-2005</year> <year>2001-2005</year>
@ -91,17 +91,16 @@
<section id="Guidelines"> <section id="Guidelines">
<title>Problem Reporting Guidelines</title> <title>Problem Reporting Guidelines</title>
<itemizedlist> <para>Please refer to the following flowchart to guide you through the
<listitem> problem reporting process.</para>
<para>When reporting a problem, <emphasis
role="bold">ALWAYS</emphasis> include this information:</para>
<itemizedlist> <graphic align="center" fileref="images/Troubleshoot.png" />
<orderedlist>
<listitem> <listitem>
<para>If your problem is that an <emphasis <para>If your problem is that an <emphasis
role="bold">error</emphasis> occurs when you try to role="bold">error</emphasis> occurs when you try to
<quote><command>shorewall start</command></quote>, then <quote><command>shorewall start</command></quote>, then please:</para>
please:</para>
<blockquote> <blockquote>
<programlisting><command>/sbin/shorewall trace start 2&gt; /tmp/trace</command></programlisting> <programlisting><command>/sbin/shorewall trace start 2&gt; /tmp/trace</command></programlisting>
@ -112,10 +111,9 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Otherwise, if you are unsure if Shorewall is starting <para>If you are unsure if Shorewall is starting successfully on not
successfully on not then first note that if Shorewall starts then first note that if Shorewall starts successfully, the last
successfully, the last message it produces is "Shorewall message it produces is "Shorewall Started":</para>
Started":</para>
<blockquote> <blockquote>
<programlisting> <programlisting>
@ -127,8 +125,8 @@ gateway:~#</programlisting>
<para>If you are seeing this message then Shorewall is starting <para>If you are seeing this message then Shorewall is starting
successfully.</para> successfully.</para>
<para>If you are still unsure if Shorewall is starting or not, <para>If you are still unsure if Shorewall is starting or not, enter
enter the following command:</para> the following command:</para>
<blockquote> <blockquote>
<programlisting><command>/sbin/shorewall show shorewall</command></programlisting> <programlisting><command>/sbin/shorewall show shorewall</command></programlisting>
@ -157,19 +155,15 @@ Counters reset Sat Apr 16 17:35:06 PDT 2005
<emphasis role="bold">iptables: No chain/target/match by that name</emphasis> <emphasis role="bold">iptables: No chain/target/match by that name</emphasis>
</programlisting> </programlisting>
</blockquote> </blockquote>
<para>If you get this result after you have tried to start
Shorewall, please produce a trace and forward it to the list as
instructed above.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>Otherwise, if your problem is that some set of <emphasis <para>If your problem is that some set of <emphasis
role="bold">connection</emphasis>s to/from or through your role="bold">connection</emphasis>s to/from or through your firewall
firewall <emphasis role="bold">isn't working</emphasis> (examples: <emphasis role="bold">isn't working</emphasis> (examples: local
local systems can't access the internet, you can't send email systems can't access the internet, you can't send email through the
through the firewall, you can't surf the web from the firewall, firewall, you can't surf the web from the firewall, etc.) then please
etc.) then please perform the following four steps:</para> perform the following four steps:</para>
<orderedlist> <orderedlist>
<listitem> <listitem>
@ -191,12 +185,18 @@ Counters reset Sat Apr 16 17:35:06 PDT 2005
<para>Post the <filename>/tmp/status.txt</filename> file as an <para>Post the <filename>/tmp/status.txt</filename> file as an
attachment (you may compress it if you like).</para> attachment (you may compress it if you like).</para>
</listitem> </listitem>
<listitem>
<para>Describe where you are trying to make the connection from
(IP address) and what host you are trying to connect to.</para>
</listitem>
</orderedlist> </orderedlist>
</listitem> </listitem>
<listitem> <listitem>
<para>Otherwise please include the following <para>Otherwise please include the following information:</para>
information:<itemizedlist>
<itemizedlist>
<listitem> <listitem>
<para>the exact version of Shorewall you are running.</para> <para>the exact version of Shorewall you are running.</para>
@ -214,23 +214,11 @@ Counters reset Sat Apr 16 17:35:06 PDT 2005
<programlisting><command>ip route show</command></programlisting> <programlisting><command>ip route show</command></programlisting>
</listitem> </listitem>
</itemizedlist></para>
</listitem>
<listitem>
<para>Please include the exact wording of any ping failure
responses</para>
</listitem>
<listitem>
<para><emphasis role="bold">If you installed Shorewall using one
of the QuickStart Guides, please indicate which one</emphasis>.
<emphasis role="bold">If you did not use one of the QuickStart
Guides, please say so</emphasis>.</para>
</listitem>
</itemizedlist> </itemizedlist>
</listitem> </listitem>
</orderedlist>
<itemizedlist>
<listitem> <listitem>
<para>Please remember we only know what is posted in your message. Do <para>Please remember we only know what is posted in your message. Do
not leave out any information that appears to be correct, or was not leave out any information that appears to be correct, or was