fixed quotes, add CVS Id

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@969 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-06-27 05:01:37 +02:00 · 2003-12-26 16:16:55 +00:00 · 2003-12-26 16:16:55 +00:00 · d5b6f09407
commit d5b6f09407
parent 3a70dd9c48
4 changed files with 73 additions and 64 deletions
--- a/Shorewall-docs/Multiple_Zones.xml
+++ b/Shorewall-docs/Multiple_Zones.xml
@ -2,6 +2,8 @@
 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 <article id="Multiple_Zones">
  <!--$Id$-->
  <articleinfo>
    <title>Multiple Zones per Interface</title>
@ -26,8 +28,8 @@
      document under the terms of the GNU Free Documentation License, Version
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
-      Texts. A copy of the license is included in the section entitled &#34;<ulink
+      Texts. A copy of the license is included in the section entitled
-      url="GnuCopyright.htm">GNU Free Documentation License</ulink>&#34;.</para>
+      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
    </legalnotice>
  </articleinfo>
@ -82,11 +84,11 @@
    <para><emphasis role="bold">These examples use the local zone but the same
    technique works for any zone.</emphasis> Remember that Shorewall
-    doesn&#39;t have any conceptual knowledge of &#34;Internet&#34;,
+    doesn&#39;t have any conceptual knowledge of <quote>Internet</quote>,
-    &#34;Local&#34;, or &#34;DMZ&#34; so all zones except the firewall itself
+    <quote>Local</quote>, or <quote>DMZ</quote> so all zones except the
-    ($FW) are the same as far as Shorewall is concerned. Also, the examples
+    firewall itself ($FW) are the same as far as Shorewall is concerned. Also,
-    use private (RFC 1918) addresses but public IP addresses can be used in
+    the examples use private (RFC 1918) addresses but public IP addresses can
-    exactly the same way.</para>
+    be used in exactly the same way.</para>
  </section>
  <section>
@ -95,9 +97,9 @@
    <para>Here is an example of a router in the local zone.</para>
    <note>
-      <para> the <emphasis role="bold">box called &#34;Router&#34; could be a
+      <para>the <emphasis role="bold">box called <quote>Router</quote> could
-      VPN server</emphasis> or other such device; from the point of view of
+      be a VPN server</emphasis> or other such device; from the point of view
-      this discussion, it makes no difference.</para>
+      of this discussion, it makes no difference.</para>
    </note>
    <graphic fileref="images/MultiZone1.png" />
@ -145,8 +147,8 @@
        </listitem>
        <listitem>
-          <para>Set the &#39;routeback&#39; and &#39;newnotsyn&#39; options
+          <para>Set the <quote>routeback</quote> and <quote>newnotsyn</quote>
-          for eth1 (the local firewall interface) in
+          options for eth1 (the local firewall interface) in
          /etc/shorewall/interfaces.</para>
        </listitem>
@ -165,19 +167,19 @@
      <section>
        <title>Nested Zones</title>
-        <para>You can define one zone (called it &#39;loc&#39;) as being all
+        <para>You can define one zone (called it <quote>loc</quote>) as being
-        hosts connectied to eth1 and a second zone &#39;loc1&#39;
+        all hosts connectied to eth1 and a second zone <quote>loc1</quote>
        (192.168.2.0/24) as a sub-zone.</para>
        <graphic fileref="images/MultiZone1A.png" />
-        <para>The advantage of this approach is that the zone &#39;loc1&#39;
+        <para>The advantage of this approach is that the zone <quote>loc1</quote>
        can use CONTINUE policies such that if a connection request
-        doesn&#39;t match a &#39;loc1&#39; rule, it will be matched against
+        doesn&#39;t match a <quote>loc1</quote> rule, it will be matched
-        the &#39;loc&#39; rules. For example, if your loc1-&#62;net policy is
+        against the <quote>loc</quote> rules. For example, if your
-        CONTINUE then if a connection request from loc1 to the internet
+        loc1-&#62;net policy is CONTINUE then if a connection request from
-        doesn&#39;t match any rules for loc1-&#62;net then it will be checked
+        loc1 to the internet doesn&#39;t match any rules for loc1-&#62;net
-        against the loc-&#62;net rules.</para>
+        then it will be checked against the loc-&#62;net rules.</para>
        <table>
          <title>/etc/shorewall/zones</title>
@ -274,8 +276,8 @@
        </table>
        <para>If you don&#39;t need Shorewall to set up infrastructure to
-        route traffic between &#39;loc&#39; and &#39;loc1&#39;, add these two
+        route traffic between <quote>loc</quote> and <quote>loc1</quote>, add
-        policies:</para>
+        these two policies:</para>
        <table>
          <title>/etc/shorewall/policy</title>
@ -435,8 +437,8 @@
        </table>
        <para>If you don&#39;t need Shorewall to set up infrastructure to
-        route traffic between &#39;loc&#39; and &#39;loc1&#39;, add these two
+        route traffic between <quote>loc</quote> and <quote>loc1</quote>, add
-        policies:</para>
+        these two policies:</para>
        <table>
          <title>/etc/shorewall/policy</title>
@ -593,8 +595,8 @@
    </table>
    <para>You probably don&#39;t want Shorewall to set up infrastructure to
-    route traffic between &#39;loc&#39; and &#39;loc1&#39; so you should add
+    route traffic between <quote>loc</quote> and <quote>loc1</quote> so you
-    these two policies:</para>
+    should add these two policies:</para>
    <table>
      <title>/etc/shorewall/policy</title>
--- a/Shorewall-docs/NAT.xml
+++ b/Shorewall-docs/NAT.xml
@ -2,6 +2,8 @@
 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 <article id="NAT">
  <!--$Id$-->
  <articleinfo>
    <title>One-to-one NAT</title>
@ -30,8 +32,8 @@
      document under the terms of the GNU Free Documentation License, Version
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
-      Texts. A copy of the license is included in the section entitled &#34;<ulink
+      Texts. A copy of the license is included in the section entitled
-      url="GnuCopyright.htm">GNU Free Documentation License</ulink>&#34;.</para>
+      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
    </legalnotice>
  </articleinfo>
@ -113,25 +115,26 @@
    /etc/shorewall/masq or /etc/shorewall/proxyarp.</para>
    <note>
-      <para>The &#34;ALL INTERFACES&#34; column is used to specify whether
+      <para>The <quote>ALL INTERFACES</quote> column is used to specify
-      access to the external IP from all firewall interfaces should undergo
+      whether access to the external IP from all firewall interfaces should
-      NAT (Yes or yes) or if only access from the interface in the INTERFACE
+      undergo NAT (Yes or yes) or if only access from the interface in the
-      column should undergo NAT. If you leave this column empty, &#34;Yes&#34;
+      INTERFACE column should undergo NAT. If you leave this column empty,
-      is assumed. The ALL INTERFACES column was added in version 1.1.6.
+      <quote>Yes</quote> is assumed. The ALL INTERFACES column was added in
-      <emphasis role="bold">Specifying &#34;Yes&#34; in this column will not
+      version 1.1.6. <emphasis role="bold">Specifying <quote>Yes</quote> in
-      allow systems on the lower LAN to access each other using their public
+      this column will not allow systems on the lower LAN to access each other
-      IP addresses.</emphasis> For example, the lower left-hand system
+      using their public IP addresses.</emphasis> For example, the lower
-      (10.1.1.2) cannot connect to 130.252.100.19 and expect to be connected
+      left-hand system (10.1.1.2) cannot connect to 130.252.100.19 and expect
-      to the lower right-hand system. <ulink url="FAQ.htm#faq2a">See FAQ 2a</ulink>.</para>
+      to be connected to the lower right-hand system. <ulink
      url="FAQ.htm#faq2a">See FAQ 2a</ulink>.</para>
    </note>
    <note>
      <para>Shorewall will automatically add the external address to the
      specified interface unless you specify <ulink
-      url="Documentation.htm#Aliases">ADD_IP_ALIASES</ulink>=&#34;no&#34; (or
+      url="Documentation.htm#Aliases">ADD_IP_ALIASES</ulink>=<quote>no</quote>
-      &#34;No&#34;) in /etc/shorewall/shorewall.conf; If you do not set
+      (or <quote>No</quote>) in /etc/shorewall/shorewall.conf; If you do not
-      ADD_IP_ALIASES or if you set it to &#34;Yes&#34; or &#34;yes&#34; then
+      set ADD_IP_ALIASES or if you set it to <quote>Yes</quote> or
-      you must NOT configure your own alias(es).</para>
+      <quote>yes</quote> then you must NOT configure your own alias(es).</para>
      <para><important><para>Shorewall versions earlier than 1.4.6 can only
      add external addresses to an interface that is configured with a single
@ -141,13 +144,13 @@
    </note>
    <note>
-      <para>The contents of the &#34;LOCAL&#34; column determine whether
+      <para>The contents of the <quote>LOCAL</quote> column determine whether
      packets originating on the firewall itself and destined for the EXTERNAL
      address are redirected to the internal ADDRESS. If this column contains
-      &#34;yes&#34; or &#34;Yes&#34; (and the ALL INTERFACES COLUMN also
+      <quote>yes</quote> or <quote>Yes</quote> (and the ALL INTERFACES COLUMN
-      contains &#34;Yes&#34; or &#34;yes&#34;) then such packets are
+      also contains <quote>Yes</quote> or <quote>yes</quote>) then such
-      redirected; otherwise, such packets are not redirected. The LOCAL column
+      packets are redirected; otherwise, such packets are not redirected. The
-      was added in version 1.1.8.</para>
+      LOCAL column was added in version 1.1.8.</para>
    </note>
  </section>
 </article>
--- a/Shorewall-docs/NetfilterOverview.xml
+++ b/Shorewall-docs/NetfilterOverview.xml
@ -2,6 +2,8 @@
 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 <article id="NetfilterOverview">
  <!--$Id$-->
  <articleinfo>
    <title>Netfilter Overview</title>
@ -26,8 +28,8 @@
      document under the terms of the GNU Free Documentation License, Version
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
-      Texts. A copy of the license is included in the section entitled &#34;<ulink
+      Texts. A copy of the license is included in the section entitled
-      url="GnuCopyright.htm">GNU Free Documentation License</ulink>&#34;.</para>
+      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
    </legalnotice>
  </articleinfo>
@ -76,8 +78,8 @@
    <graphic fileref="images/Netfilter.png" />
-    <para>&#34;Local Process&#34; means a process running on the Shorewall
+    <para><quote>Local Process</quote> means a process running on the
-    system itself.</para>
+    Shorewall system itself.</para>
    <para>In the above diagram are boxes similar to this:</para>
@ -102,10 +104,10 @@
    </important>
    <para>The above diagram should help you understand the output of
-    &#34;shorewall status&#34;.</para>
+    <quote>shorewall status</quote>.</para>
-    <para>Here are some excerpts from &#34;shorewall status&#34; on a server
+    <para>Here are some excerpts from <quote>shorewall status</quote> on a
-    with one interface (eth0):</para>
+    server with one interface (eth0):</para>
    <programlisting>[root@lists html]# shorewall status
@ -124,7 +126,7 @@ Counters reset Sat Oct 11 08:12:57 PDT 2003</programlisting>
    <para>The following rule indicates that all traffic destined for the
    firewall that comes into the firewall on eth0 is passed to a chain called
-    &#34;eth0_in&#34;. That chain will be shown further down.</para>
+    <quote>eth0_in</quote>. That chain will be shown further down.</para>
    <programlisting> 785K   93M eth0_in    all  --  eth0   *       0.0.0.0/0            0.0.0.0/0
    0     0 common     all  --  *      *       0.0.0.0/0            0.0.0.0/0
@ -157,8 +159,8 @@ Chain OUTPUT (policy DROP 1 packets, 60 bytes)
 785K   93M dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0
 785K   93M net2fw     all  --  *      *       0.0.0.0/0            0.0.0.0/0</programlisting>
-    <para>The &#34;dynamic&#34; chain above is where dynamic blacklisting is
+    <para>The <quote>dynamic</quote> chain above is where dynamic blacklisting
-    done.</para>
+    is done.</para>
    <para>Next comes the <emphasis role="bold">Nat</emphasis> table:</para>
--- a/Shorewall-docs/OPENVPN.xml
+++ b/Shorewall-docs/OPENVPN.xml
@ -2,6 +2,8 @@
 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 <article id="OPENVPN">
  <!--$Id$-->
  <articleinfo>
    <title>OpenVPN Tunnels</title>
@ -34,8 +36,8 @@
      document under the terms of the GNU Free Documentation License, Version
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
-      Texts. A copy of the license is included in the section entitled &#34;<ulink
+      Texts. A copy of the license is included in the section entitled
-      url="GnuCopyright.htm">GNU Free Documentation License</ulink>&#34;.</para>
+      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
    </legalnotice>
  </articleinfo>
@ -65,8 +67,8 @@
    start and stop it.</para>
    <para>On each firewall, you will need to declare a zone to represent the
-    remote subnet. We&#39;ll assume that this zone is called &#39;vpn&#39; and
+    remote subnet. We&#39;ll assume that this zone is called <quote>vpn</quote>
-    declare it in /etc/shorewall/zones on both systems as follows.</para>
+    and declare it in /etc/shorewall/zones on both systems as follows.</para>
    <table>
      <title>/etc/shorewall/zones system A &#38; B</title>
@ -288,9 +290,9 @@ key my-b.key
 comp-lzo
 verb 5</programlisting>
-    <para>You will need to allow traffic between the &#34;vpn&#34; zone and
+    <para>You will need to allow traffic between the <quote>vpn</quote> zone
-    the &#34;loc&#34; zone on both systems -- if you simply want to admit all
+    and the <quote>loc</quote> zone on both systems -- if you simply want to
-    traffic in both directions, you can use the policy file:</para>
+    admit all traffic in both directions, you can use the policy file:</para>
    <table>
      <title>/etc/shorewall/policy system A &#38; B</title>