From d88a00d0cb78e5b24331d44cde5326be8b2d7b6b Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Thu, 18 Feb 2016 15:12:47 -0800 Subject: [PATCH] Update multi-zone article for 5.0 Signed-off-by: Tom Eastep --- docs/Multiple_Zones.xml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/Multiple_Zones.xml b/docs/Multiple_Zones.xml index 60a587405..8bdbb25a8 100644 --- a/docs/Multiple_Zones.xml +++ b/docs/Multiple_Zones.xml @@ -114,7 +114,7 @@ of this discussion, it makes no difference. - +
Can You Use the Standard Configuration? @@ -183,7 +183,7 @@ all hosts connected to eth1 and a second zone loc1 (192.168.2.0/24) as a sub-zone. - + The Router in the above diagram is assumed to NOT be doing @@ -209,7 +209,7 @@ loc1:loc ipv4 /etc/shorewall/interfaces - #ZONE INTERFACE BROADCAST OPTIONS + #ZONE INTERFACE OPTIONS loc eth1 - /etc/shorewall/hosts @@ -234,7 +234,7 @@ loc1 loc NONE You define both zones in the /etc/shorewall/hosts file to create two disjoint zones. - + The Router in the above diagram is assumed to NOT be doing @@ -247,8 +247,8 @@ loc2 ipv4 /etc/shorewall/interfaces - #ZONE INTERFACE BROADCAST -- eth1 192.168.1.255 + #ZONE INTERFACE OPTIONS +- eth1 - /etc/shorewall/hosts @@ -274,7 +274,7 @@ loc2 loc1 NONE There are cases where a subset of the addresses associated with an interface need special handling. Here's an example. - + In this example, addresses 192.168.1.8 - 192.168.1.15 (192.168.1.8/29) are to be treated as their own zone (loc1). @@ -287,8 +287,8 @@ loc1:loc ipv4 /etc/shorewall/interfaces - #ZONE INTERFACE BROADCAST -loc eth1 - + #ZONE INTERFACE +loc eth1 /etc/shorewall/hosts#ZONE HOSTS OPTIONS loc1 eth1:192.168.1.8/29 broadcast @@ -326,7 +326,7 @@ loc1 loc NONE loc zone are configured with their default gateway set to the Shorewall router's RFC1918 address. - + /etc/shorewall/zones @@ -336,8 +336,8 @@ loc:net ipv4 /etc/shorewall/interfaces - #ZONE INTERFACE BROADCAST OPTIONS -net eth0 detect routefilter + #ZONE INTERFACE OPTIONS +net eth0 routefilter /etc/shorewall/hosts