extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-08 16:54:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

More documentation improvements

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4144 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-06-19 15:53:57 +00:00
parent 75550b44c4
commit e1db37160b
1 changed files with 47 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
docs/CompiledPrograms.xml
View File

@ -263,7 +263,8 @@
<listitem> <listitem>
<para>On the administrative system, for each firewall system you do <para>On the administrative system, for each firewall system you do
the following (this may be done by a non-root user):</para> the following (this may be done by a non-root user who has root ssh
access to the firewall system):</para>
<orderedlist> <orderedlist>
<listitem> <listitem>
@ -284,7 +285,7 @@
<listitem> <listitem>
<programlisting><command>cd &lt;configuration directory&gt;</command> <programlisting><command>cd &lt;configuration directory&gt;</command>
<command>/sbin/shorewall load . firewall</command></programlisting> <command>/sbin/shorewall load firewall</command></programlisting>
<para>The <ulink <para>The <ulink
url="starting_and_stopping_shorewall.htm#Load"><command>load</command></ulink> url="starting_and_stopping_shorewall.htm#Load"><command>load</command></ulink>
@ -292,9 +293,28 @@
the current working directory, copies that file to the remote the current working directory, copies that file to the remote
system via scp and starts Shorewall Lite on the remote system via system via scp and starts Shorewall Lite on the remote system via
ssh.</para> ssh.</para>
<para>Example (firewall's DNS name is 'gateway'):</para>
<para><command>/sbin/shorewall load gateway</command></para>
</listitem> </listitem>
</orderedlist> </orderedlist>
</listitem> </listitem>
<listitem>
<para>If you later need to change the firewall's configuration, change
the appropriate files in the firewall's configuration directory
then:</para>
<programlisting><command>cd &lt;configuration directory&gt;</command>
<command>/sbin/shorewall reload firewall</command></programlisting>
<para>The <ulink
url="starting_and_stopping_shorewall.htm#Reload"><command>reload</command></ulink>
command compiles a firewall script from the configuration files in the
current working directory, copies that file to the remote system via
scp and restarts Shorewall Lite on the remote system via ssh.</para>
</listitem>
</orderedlist> </orderedlist>
<para>The <filename>/sbin/shorewall-lite</filename> program included with <para>The <filename>/sbin/shorewall-lite</filename> program included with
@ -342,7 +362,7 @@
<para>Converting a firewall system that is currently running Shorewall <para>Converting a firewall system that is currently running Shorewall
to run Shorewall Lite instead is straight-forward.</para> to run Shorewall Lite instead is straight-forward.</para>
<orderedlist> <orderedlist numeration="loweralpha">
<listitem> <listitem>
<para>On the administrative system, create a configuration directory <para>On the administrative system, create a configuration directory
for the firewall system.</para> for the firewall system.</para>
@ -394,8 +414,9 @@
<para>Also, edit the shorewall.conf file in the firewall's <para>Also, edit the shorewall.conf file in the firewall's
configuration directory and change the CONFIG_PATH setting to remove configuration directory and change the CONFIG_PATH setting to remove
<filename>/etc/shorewall</filename>. You can replace it with <filename class="directory">/etc/shorewall</filename>. You can
<filename>/usr/share/shorewall/configfiles</filename> if you replace it with <filename
class="directory">/usr/share/shorewall/configfiles</filename> if you
like.</para> like.</para>
<para>Example:</para> <para>Example:</para>
@ -410,6 +431,10 @@
<programlisting>CONFIG_PATH=/usr/share/shorewall/configfiles:/usr/share/shorewall</programlisting> <programlisting>CONFIG_PATH=/usr/share/shorewall/configfiles:/usr/share/shorewall</programlisting>
</blockquote> </blockquote>
<para>Changing CONFIG_PATH will ensure that subsequent compilations
using the configuration directory will not include any files from
<filename class="directory">/etc/shorewall</filename>.</para>
<para>After having made the above changes to the firewall's <para>After having made the above changes to the firewall's
configuration directory, execute the following commands:</para> configuration directory, execute the following commands:</para>
@ -417,7 +442,7 @@
<command>/sbin/shorewall load &lt;firewall system&gt;</command> <command>/sbin/shorewall load &lt;firewall system&gt;</command>
</programlisting> </programlisting>
<para>Example:</para> <para>Example (firewall's DNS name is 'gateway'):</para>
<para><command>/sbin/shorewall load gateway</command></para> <para><command>/sbin/shorewall load gateway</command></para>
@ -428,6 +453,22 @@
via scp and starts Shorewall Lite on the remote system via via scp and starts Shorewall Lite on the remote system via
ssh.</para> ssh.</para>
</listitem> </listitem>
<listitem>
<para>If you later need to change the firewall's configuration,
change the appropriate files in the firewall's configuration
directory then:</para>
<programlisting><command>cd &lt;configuration directory&gt;</command>
<command>/sbin/shorewall reload firewall</command></programlisting>
<para>The <ulink
url="starting_and_stopping_shorewall.htm#Reload"><command>reload</command></ulink>
command compiles a firewall script from the configuration files in
the current working directory, copies that file to the remote system
via scp and restarts Shorewall Lite on the remote system via
ssh.</para>
</listitem>
</orderedlist> </orderedlist>
</section> </section>
</section> </section>