From dbdd54d6168721c21922fe5597b07ab84b2427b5 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 12 Dec 2005 17:21:52 +0000
Subject: [PATCH] Bring Squid Documenation up to date

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3151 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-docs2/Shorewall_Squid_Usage.xml | 76 +++--------------------
 1 file changed, 7 insertions(+), 69 deletions(-)

diff --git a/Shorewall-docs2/Shorewall_Squid_Usage.xml b/Shorewall-docs2/Shorewall_Squid_Usage.xml
index dddd66a7c..9aa4c9e46 100644
--- a/Shorewall-docs2/Shorewall_Squid_Usage.xml
+++ b/Shorewall-docs2/Shorewall_Squid_Usage.xml
@@ -38,10 +38,12 @@
   url="http://www.squid-cache.org">Squid</ulink> running as a Transparent
   Proxy or as a Manual Proxy.</para>
 
-  <warning>
-    <para>This documentation assumes that you are running Shorewall 2.0.0 or
-    later.</para>
-  </warning>
+  <caution>
+    <para><emphasis role="bold">This article applies to Shorewall 3.0 and
+    later. If you are running a version of Shorewall earlier than Shorewall
+    3.0.0 then please see the documentation for that
+    release.</emphasis></para>
+  </caution>
 
   <section>
     <title>Squid as a Transparent Proxy</title>
@@ -173,46 +175,6 @@ REDIRECT  loc        3128     tcp      www              -          !206.124.146.
       a web server running on 192.168.1.3. It is assumed that web access is
       already enabled from the local zone to the internet.</para>
 
-      <para>If you are running a Shorewall version earlier than 2.3.2
-      then:</para>
-
-      <orderedlist>
-        <listitem>
-          <para>On your firewall system, issue the following command</para>
-
-          <programlisting><command>echo 202 www.out &gt;&gt; /etc/iproute2/rt_tables</command>         </programlisting>
-        </listitem>
-
-        <listitem>
-          <para>Create <filename>/etc/shorewall/addroutes</filename> as
-          follows:</para>
-
-          <programlisting><command>#!/bin/sh
-
-if [ -z "`ip rule list | grep www.out`" ] ; then
-        ip rule add fwmark 0xCA table www.out # Note 0xCA = 202
-        ip route add default via 192.168.1.3 dev eth1 table www.out
-        ip route flush cache
-        echo 0 &gt; /proc/sys/net/ipv4/conf/eth1/send_redirects
-fi</command>          </programlisting>
-        </listitem>
-
-        <listitem>
-          <para>Make <filename>/etc/shorewall/addroutes </filename>executable
-          via:</para>
-
-          <programlisting><command>chmod +x /etc/shorewall/addroutes</command>   </programlisting>
-        </listitem>
-
-        <listitem>
-          <para>In /etc/shorewall/init, put:</para>
-
-          <programlisting><command>run_and_save_command "/etc/shorewall/addroutes"</command>    </programlisting>
-        </listitem>
-      </orderedlist>
-
-      <para>If you are running Shorewall 2.3.2 or later:</para>
-
       <orderedlist>
         <listitem>
           <para>Add this entry to your /etc/shorewall/providers file.</para>
@@ -220,12 +182,7 @@ fi</command>          </programlisting>
           <programlisting>#NAME   NUMBER  MARK    DUPLICATE       INTERFACE       GATEWAY         OPTIONS
 Squid   1       202     -               eth1            192.168.1.3     loose</programlisting>
         </listitem>
-      </orderedlist>
 
-      <para>Regardless of your Shorewall version, you need the
-      following:</para>
-
-      <orderedlist>
         <listitem>
           <para>In <filename>/etc/shorewall/start</filename> add:</para>
 
@@ -240,25 +197,6 @@ Squid   1       202     -               eth1            192.168.1.3     loose</p
 loc     eth1         detect       <emphasis role="bold">routeback</emphasis>          </programlisting>
         </listitem>
 
-        <listitem>
-          <para>In /etc/shorewall/rules:</para>
-
-          <programlisting>#ACTION   SOURCE    DEST     PROTO   DEST PORT(S)
-ACCEPT    loc       loc      tcp     www</programlisting>
-
-          <orderedlist numeration="loweralpha">
-            <listitem>
-              <para>Alternatively, you can have the following policy in place
-              of the above rule.</para>
-
-              <para><filename>/etc/shorewall/policy</filename></para>
-
-              <programlisting>#SOURCE   DESTINATION   POLICY
-loc       loc           ACCEPT</programlisting>
-            </listitem>
-          </orderedlist>
-        </listitem>
-
         <listitem>
           <para>On 192.168.1.3, arrange for the following command to be
           executed after networking has come up</para>
@@ -312,4 +250,4 @@ ACCEPT    loc      $FW    tcp      8080
 ACCEPT    $FW      net    tcp      80,443</programlisting></para>
     </example>
   </section>
-</article>
+</article>
\ No newline at end of file