extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-03 03:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Resolve FAQ conflicts

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2095 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-05-09 14:53:06 +00:00
parent fa8ae95a22
commit ccbb2d6390
4 changed files with 110 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall-docs2/FAQ.xml
View File

@ -469,8 +469,7 @@
<example>
<title>Example:</title>
<literallayout>Zone: dmz Interface: eth2 Subnet:
192.168.2.0/24</literallayout>
<literallayout>Zone: dmz Interface: eth2 Subnet: 192.168.2.0/24, Address 192.168.2.254</literallayout>
<para>In <filename>/etc/shorewall/interfaces</filename>:</para>
@ -480,6 +479,16 @@
<para>In <filename>/etc/shorewall/na</filename>t, be sure that you
have <quote>Yes</quote> in the ALL INTERFACES column.</para>
<para>In <filename>/etc/shorewall/masq</filename>:</para>
<programlisting>#INTERFACE SUBNET ADDRESS
eth2 192.168.2.0/24 192.168.2.254</programlisting>
<para>As in FAQ 2 above, all redirected traffic will appear to the
server to originate on the firewall (which is yet one more reason
that you should use DNS to correct this problem rather than applying
horrible IP hacks).</para>
</example>
</section>
@ -558,10 +567,9 @@
interface.</programlisting></para>
</blockquote>
<para>Look <ulink url="http://linux-igd.sourceforge.net">here</ulink>
for a solution for MSN IM but be aware that there are significant
security risks involved with this solution. Also check the Netfilter
mailing list archives at <ulink
<para>Look <ulink url="UPnP.html">here</ulink> for a solution for MSN IM
but be aware that there are significant security risks involved with
this solution. Also check the Netfilter mailing list archives at <ulink
url="http://www.netfilter.org">http://www.netfilter.org</ulink>.</para>
</section>
</section>

6
Shorewall-docs2/IPSEC-2.6.xml
View File

@ -15,7 +15,7 @@
</author>
</authorgroup>
<pubdate>2005-02-28</pubdate>
<pubdate>2005-05-02</pubdate>
<copyright>
<year>2004</year>
@ -193,6 +193,10 @@
/etc/shorewall/ipsec can be used to match the zone to a particular (set
of) SA(s) used to encrypt and decrypt traffic to/from the zone and the
security policies that select which traffic to encrypt/decrypt.</para>
<para>For more information on IPSEC, Kernel 2.6 and Shorewall see <ulink
url="LinuxFest.pdf">my presentation on the subject given at LinuxFest NW
2005</ulink>.</para>
</section>
<section>

4
Shorewall-docs2/shorewall_prerequisites.xml
View File

@ -13,7 +13,7 @@
<surname>Eastep</surname>
</author>
<pubdate>2005-03-22</pubdate>
<pubdate>2005-05-03</pubdate>
<copyright>
<year>2001-2005</year>
@ -51,7 +51,7 @@
<para>Iproute (<quote>ip</quote> utility). The iproute package is
included with most distributions but may not be installed by default.
The official download site is <ulink type="remote"
url="ftp://ftp.inr.ac.ru/ip-routing">http://developer.osdl.org/dev/iproute2/download/</ulink>.</para>
url="http://developer.osdl.org/dev/iproute2/download/">http://developer.osdl.org/dev/iproute2/download/</ulink>.</para>
</listitem>
<listitem>

68
Shorewall-docs2/support.xml
View File

@ -15,7 +15,7 @@
</author>
</authorgroup>
<pubdate>2005-04-20</pubdate>
<pubdate>2005-05-03</pubdate>
<copyright>
<year>2001-2005</year>
@ -91,17 +91,16 @@
<section id="Guidelines">
<title>Problem Reporting Guidelines</title>
<itemizedlist>
<listitem>
<para>When reporting a problem, <emphasis
role="bold">ALWAYS</emphasis> include this information:</para>
<para>Please refer to the following flowchart to guide you through the
problem reporting process.</para>
<itemizedlist>
<graphic align="center" fileref="images/Troubleshoot.png" />
<orderedlist>
<listitem>
<para>If your problem is that an <emphasis
role="bold">error</emphasis> occurs when you try to
<quote><command>shorewall start</command></quote>, then
please:</para>
<quote><command>shorewall start</command></quote>, then please:</para>
<blockquote>
<programlisting><command>/sbin/shorewall trace start 2&gt; /tmp/trace</command></programlisting>
@ -112,10 +111,9 @@
</listitem>
<listitem>
<para>Otherwise, if you are unsure if Shorewall is starting
successfully on not then first note that if Shorewall starts
successfully, the last message it produces is "Shorewall
Started":</para>
<para>If you are unsure if Shorewall is starting successfully on not
then first note that if Shorewall starts successfully, the last
message it produces is "Shorewall Started":</para>
<blockquote>
<programlisting>
@ -127,8 +125,8 @@ gateway:~#</programlisting>
<para>If you are seeing this message then Shorewall is starting
successfully.</para>
<para>If you are still unsure if Shorewall is starting or not,
enter the following command:</para>
<para>If you are still unsure if Shorewall is starting or not, enter
the following command:</para>
<blockquote>
<programlisting><command>/sbin/shorewall show shorewall</command></programlisting>
@ -157,19 +155,15 @@ Counters reset Sat Apr 16 17:35:06 PDT 2005
<emphasis role="bold">iptables: No chain/target/match by that name</emphasis>
</programlisting>
</blockquote>
<para>If you get this result after you have tried to start
Shorewall, please produce a trace and forward it to the list as
instructed above.</para>
</listitem>
<listitem>
<para>Otherwise, if your problem is that some set of <emphasis
role="bold">connection</emphasis>s to/from or through your
firewall <emphasis role="bold">isn't working</emphasis> (examples:
local systems can't access the internet, you can't send email
through the firewall, you can't surf the web from the firewall,
etc.) then please perform the following four steps:</para>
<para>If your problem is that some set of <emphasis
role="bold">connection</emphasis>s to/from or through your firewall
<emphasis role="bold">isn't working</emphasis> (examples: local
systems can't access the internet, you can't send email through the
firewall, you can't surf the web from the firewall, etc.) then please
perform the following four steps:</para>
<orderedlist>
<listitem>
@ -191,12 +185,18 @@ Counters reset Sat Apr 16 17:35:06 PDT 2005
<para>Post the <filename>/tmp/status.txt</filename> file as an
attachment (you may compress it if you like).</para>
</listitem>
<listitem>
<para>Describe where you are trying to make the connection from
(IP address) and what host you are trying to connect to.</para>
</listitem>
</orderedlist>
</listitem>
<listitem>
<para>Otherwise please include the following
information:<itemizedlist>
<para>Otherwise please include the following information:</para>
<itemizedlist>
<listitem>
<para>the exact version of Shorewall you are running.</para>
@ -214,23 +214,11 @@ Counters reset Sat Apr 16 17:35:06 PDT 2005
<programlisting><command>ip route show</command></programlisting>
</listitem>
</itemizedlist></para>
</listitem>
<listitem>
<para>Please include the exact wording of any ping failure
responses</para>
</listitem>
<listitem>
<para><emphasis role="bold">If you installed Shorewall using one
of the QuickStart Guides, please indicate which one</emphasis>.
<emphasis role="bold">If you did not use one of the QuickStart
Guides, please say so</emphasis>.</para>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
<itemizedlist>
<listitem>
<para>Please remember we only know what is posted in your message. Do
not leave out any information that appears to be correct, or was