Resolve FAQ conflicts

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2095 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-01-03 03:59:16 +01:00 · 2005-05-09 14:53:06 +00:00 · 2005-05-09 14:53:06 +00:00 · ccbb2d6390
commit ccbb2d6390
parent fa8ae95a22
4 changed files with 110 additions and 110 deletions
--- a/Shorewall-docs2/FAQ.xml
+++ b/Shorewall-docs2/FAQ.xml
@ -469,8 +469,7 @@
        <example>
          <title>Example:</title>
-          <literallayout>Zone: dmz Interface: eth2 Subnet:
+          <literallayout>Zone: dmz Interface: eth2 Subnet: 192.168.2.0/24, Address 192.168.2.254</literallayout>
          192.168.2.0/24</literallayout>
          <para>In <filename>/etc/shorewall/interfaces</filename>:</para>
@ -480,6 +479,16 @@
          <para>In <filename>/etc/shorewall/na</filename>t, be sure that you
          have <quote>Yes</quote> in the ALL INTERFACES column.</para>
          <para>In <filename>/etc/shorewall/masq</filename>:</para>
          <programlisting>#INTERFACE   SUBNET          ADDRESS
 eth2         192.168.2.0/24  192.168.2.254</programlisting>
          <para>As in FAQ 2 above, all redirected traffic will appear to the
          server to originate on the firewall (which is yet one more reason
          that you should use DNS to correct this problem rather than applying
          horrible IP hacks).</para>
        </example>
      </section>
@ -558,10 +567,9 @@
        interface.</programlisting></para>
      </blockquote>
-      <para>Look <ulink url="http://linux-igd.sourceforge.net">here</ulink>
+      <para>Look <ulink url="UPnP.html">here</ulink> for a solution for MSN IM
-      for a solution for MSN IM but be aware that there are significant
+      but be aware that there are significant security risks involved with
-      security risks involved with this solution. Also check the Netfilter
+      this solution. Also check the Netfilter mailing list archives at <ulink
      mailing list archives at <ulink
      url="http://www.netfilter.org">http://www.netfilter.org</ulink>.</para>
    </section>
  </section>
@ -2176,4 +2184,4 @@
      Configuration... ...</programlisting>
    </section>
  </section>
-</article>
+</article>
--- a/Shorewall-docs2/IPSEC-2.6.xml
+++ b/Shorewall-docs2/IPSEC-2.6.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>
-    <pubdate>2005-02-28</pubdate>
+    <pubdate>2005-05-02</pubdate>
    <copyright>
      <year>2004</year>
@ -193,6 +193,10 @@
    /etc/shorewall/ipsec can be used to match the zone to a particular (set
    of) SA(s) used to encrypt and decrypt traffic to/from the zone and the
    security policies that select which traffic to encrypt/decrypt.</para>
    <para>For more information on IPSEC, Kernel 2.6 and Shorewall see <ulink
    url="LinuxFest.pdf">my presentation on the subject given at LinuxFest NW
    2005</ulink>.</para>
  </section>
  <section>
@ -809,4 +813,4 @@ all             all             REJECT          info
      different dialog boxes on Windows XP!!!</para>
    </warning>
  </section>
-</article>
+</article>
--- a/Shorewall-docs2/shorewall_prerequisites.xml
+++ b/Shorewall-docs2/shorewall_prerequisites.xml
@ -13,7 +13,7 @@
      <surname>Eastep</surname>
    </author>
-    <pubdate>2005-03-22</pubdate>
+    <pubdate>2005-05-03</pubdate>
    <copyright>
      <year>2001-2005</year>
@ -51,7 +51,7 @@
        <para>Iproute (<quote>ip</quote> utility). The iproute package is
        included with most distributions but may not be installed by default.
        The official download site is <ulink type="remote"
-        url="ftp://ftp.inr.ac.ru/ip-routing">http://developer.osdl.org/dev/iproute2/download/</ulink>.</para>
+        url="http://developer.osdl.org/dev/iproute2/download/">http://developer.osdl.org/dev/iproute2/download/</ulink>.</para>
      </listitem>
      <listitem>
--- a/Shorewall-docs2/support.xml
+++ b/Shorewall-docs2/support.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>
-    <pubdate>2005-04-20</pubdate>
+    <pubdate>2005-05-03</pubdate>
    <copyright>
      <year>2001-2005</year>
@ -91,146 +91,134 @@
  <section id="Guidelines">
    <title>Problem Reporting Guidelines</title>
-    <itemizedlist>
+    <para>Please refer to the following flowchart to guide you through the
    problem reporting process.</para>
    <graphic align="center" fileref="images/Troubleshoot.png" />
    <orderedlist>
      <listitem>
-        <para>When reporting a problem, <emphasis
+        <para>If your problem is that an <emphasis
-        role="bold">ALWAYS</emphasis> include this information:</para>
+        role="bold">error</emphasis> occurs when you try to
        <quote><command>shorewall start</command></quote>, then please:</para>
-        <itemizedlist>
+        <blockquote>
-          <listitem>
+          <programlisting><command>/sbin/shorewall trace start 2&gt; /tmp/trace</command></programlisting>
            <para>If your problem is that an <emphasis
            role="bold">error</emphasis> occurs when you try to
            <quote><command>shorewall start</command></quote>, then
            please:</para>
-            <blockquote>
+          <para>Forward the <filename>/tmp/trace</filename> file as an
-              <programlisting><command>/sbin/shorewall trace start 2&gt; /tmp/trace</command></programlisting>
+          attachment (you may compress it if you like).</para>
        </blockquote>
      </listitem>
-              <para>Forward the <filename>/tmp/trace</filename> file as an
+      <listitem>
-              attachment (you may compress it if you like).</para>
+        <para>If you are unsure if Shorewall is starting successfully on not
-            </blockquote>
+        then first note that if Shorewall starts successfully, the last
-          </listitem>
+        message it produces is "Shorewall Started":</para>
-          <listitem>
+        <blockquote>
-            <para>Otherwise, if you are unsure if Shorewall is starting
+          <programlisting>…
            successfully on not then first note that if Shorewall starts
            successfully, the last message it produces is "Shorewall
            Started":</para>
            <blockquote>
              <programlisting>…
 Activating Rules...
 <emphasis role="bold">Shorewall Started</emphasis>
 gateway:~#</programlisting>
-            </blockquote>
+        </blockquote>
-            <para>If you are seeing this message then Shorewall is starting
+        <para>If you are seeing this message then Shorewall is starting
-            successfully.</para>
+        successfully.</para>
-            <para>If you are still unsure if Shorewall is starting or not,
+        <para>If you are still unsure if Shorewall is starting or not, enter
-            enter the following command:</para>
+        the following command:</para>
-            <blockquote>
+        <blockquote>
-              <programlisting><command>/sbin/shorewall show shorewall</command></programlisting>
+          <programlisting><command>/sbin/shorewall show shorewall</command></programlisting>
-            </blockquote>
+        </blockquote>
-            <para>If Shorewall has started successfully, you will see output
+        <para>If Shorewall has started successfully, you will see output
-            similar to this:</para>
+        similar to this:</para>
-            <blockquote>
+        <blockquote>
-              <programlisting>Shorewall-2.2.3 Chain shorewall at gateway - Wed Apr 20 14:41:53 PDT 2005
+          <programlisting>Shorewall-2.2.3 Chain shorewall at gateway - Wed Apr 20 14:41:53 PDT 2005
 Counters reset Sat Apr 16 17:35:06 PDT 2005
 <emphasis role="bold">Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source               destination</emphasis></programlisting>
-            </blockquote>
+        </blockquote>
-            <para>If Shorewall has not started properly, you will see output
+        <para>If Shorewall has not started properly, you will see output
-            similar to this:</para>
+        similar to this:</para>
-            <blockquote>
+        <blockquote>
-              <programlisting>Shorewall-2.2.3 Chain shorewall at gateway - Wed Apr 20 14:43:13 PDT 2005
+          <programlisting>Shorewall-2.2.3 Chain shorewall at gateway - Wed Apr 20 14:43:13 PDT 2005
 Counters reset Sat Apr 16 17:35:06 PDT 2005
 <emphasis role="bold">iptables: No chain/target/match by that name</emphasis>
 </programlisting>
-            </blockquote>
+        </blockquote>
      </listitem>
-            <para>If you get this result after you have tried to start
+      <listitem>
-            Shorewall, please produce a trace and forward it to the list as
+        <para>If your problem is that some set of <emphasis
-            instructed above.</para>
+        role="bold">connection</emphasis>s to/from or through your firewall
        <emphasis role="bold">isn't working</emphasis> (examples: local
        systems can't access the internet, you can't send email through the
        firewall, you can't surf the web from the firewall, etc.) then please
        perform the following four steps:</para>
        <orderedlist>
          <listitem>
            <para>If Shorewall isn't started then <command>/sbin/shorewall
            start</command>. Otherwise <command>/sbin/shorewall
            reset</command>.</para>
          </listitem>
          <listitem>
-            <para>Otherwise, if your problem is that some set of <emphasis
+            <para>Try making the connection that is failing.</para>
            role="bold">connection</emphasis>s to/from or through your
            firewall <emphasis role="bold">isn't working</emphasis> (examples:
            local systems can't access the internet, you can't send email
            through the firewall, you can't surf the web from the firewall,
            etc.) then please perform the following four steps:</para>
            <orderedlist>
              <listitem>
                <para>If Shorewall isn't started then <command>/sbin/shorewall
                start</command>. Otherwise <command>/sbin/shorewall
                reset</command>.</para>
              </listitem>
              <listitem>
                <para>Try making the connection that is failing.</para>
              </listitem>
              <listitem>
                <para><command>/sbin/shorewall status &gt;
                /tmp/status.txt</command></para>
              </listitem>
              <listitem>
                <para>Post the <filename>/tmp/status.txt</filename> file as an
                attachment (you may compress it if you like).</para>
              </listitem>
            </orderedlist>
          </listitem>
          <listitem>
-            <para>Otherwise please include the following
+            <para><command>/sbin/shorewall status &gt;
-            information:<itemizedlist>
+            /tmp/status.txt</command></para>
                <listitem>
                  <para>the exact version of Shorewall you are running.</para>
                  <programlisting><emphasis role="bold">/sbin/shorewall version</emphasis></programlisting>
                </listitem>
                <listitem>
                  <para>the complete exact output of</para>
                  <programlisting><command>ip addr show</command></programlisting>
                </listitem>
                <listitem>
                  <para>the complete exact output of</para>
                  <programlisting><command>ip route show</command></programlisting>
                </listitem>
              </itemizedlist></para>
          </listitem>
          <listitem>
-            <para>Please include the exact wording of any ping failure
+            <para>Post the <filename>/tmp/status.txt</filename> file as an
-            responses</para>
+            attachment (you may compress it if you like).</para>
          </listitem>
          <listitem>
-            <para><emphasis role="bold">If you installed Shorewall using one
+            <para>Describe where you are trying to make the connection from
-            of the QuickStart Guides, please indicate which one</emphasis>.
+            (IP address) and what host you are trying to connect to.</para>
-            <emphasis role="bold">If you did not use one of the QuickStart
+          </listitem>
-            Guides, please say so</emphasis>.</para>
+        </orderedlist>
      </listitem>
      <listitem>
        <para>Otherwise please include the following information:</para>
        <itemizedlist>
          <listitem>
            <para>the exact version of Shorewall you are running.</para>
            <programlisting><emphasis role="bold">/sbin/shorewall version</emphasis></programlisting>
          </listitem>
          <listitem>
            <para>the complete exact output of</para>
            <programlisting><command>ip addr show</command></programlisting>
          </listitem>
          <listitem>
            <para>the complete exact output of</para>
            <programlisting><command>ip route show</command></programlisting>
          </listitem>
        </itemizedlist>
      </listitem>
    </orderedlist>
    <itemizedlist>
      <listitem>
        <para>Please remember we only know what is posted in your message. Do
        not leave out any information that appears to be correct, or was