extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-08 00:34:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

First batch of mindless ID changes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6693 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-06-28 15:09:37 +00:00
parent 177cb0487f
commit f96772989c
7 changed files with 49 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/Actions.xml
View File

@ -40,7 +40,7 @@
documentation for that release.</para>
</caution>
<section>
<section id="Intro">
<title>What are Shorewall Actions?</title>
<para>Shorewall actions allow a symbolic name to be associated with a
@ -112,7 +112,7 @@ ACCEPT - - tcp 135,139,445
</orderedlist>
</section>
<section>
<section id="Enabling">
<title>Enabling the Use of Actions</title>
<para>In Shorewall version 3.4 and later, to make use of any of the three
@ -188,7 +188,7 @@ Reject:REJECT #Default Action for REJECT policy</programlisting>
</warning>
</section>
<section>
<section id="Defining">
<title>Defining your own Actions</title>
<para>Before defining a new action, you should evaluate whether your goal
@ -445,7 +445,7 @@ Reject:REJECT #Default Action for REJECT policy</programlisting>
LogAndAccept loc $FW tcp 22</programlisting>
</section>
<section>
<section id="Logging">
<title>Actions and Logging</title>
<para>Specifying a log level in a rule that specifies a user-defined or
@ -589,7 +589,7 @@ acton:info:test $FW net</programlisting>
one like this.</para>
</note></para>
<example>
<example id="Example">
<title>An action to drop all broadcast packets</title>
<para>/etc/shorewall/actions<programlisting>DropBcasts</programlisting></para>

30
docs/Anatomy.xml
View File

@ -34,7 +34,7 @@
</legalnotice>
</articleinfo>
<section>
<section id="Products">
<title>Products</title>
<para>Shorewall 4.0 consists of four packages.</para>
@ -73,7 +73,7 @@
</orderedlist>
</section>
<section>
<section id="Shorewall">
<title>Shorewall</title>
<para>The Shorewall product includes a large number of files which are
@ -84,7 +84,7 @@
class="directory">/var/lilb/shorewall/</filename>. These are described in
the sub-sections that follow.</para>
<section>
<section id="sbin">
<title>/sbin</title>
<para>The <filename>/sbin/shorewall</filename> shell program is use to
@ -92,7 +92,7 @@
url="manpages/shorewall.html">shorewall</ulink>(8).</para>
</section>
<section>
<section id="share-shorewall">
<title>/usr/share/shorewall</title>
<para>The bulk of Shorewall is installed here.</para>
@ -175,14 +175,14 @@
</itemizedlist>
</section>
<section>
<section id="shorewall">
<title>/etc/shorewall</title>
<para>This is where the modifiable configuration files are
installed.</para>
</section>
<section>
<section id="init">
<title>/etc/init.d or /etc/rc.d (depends on distribution)</title>
<para>An init script is installed here. Depending on the distribution,
@ -190,7 +190,7 @@
<filename>rc.firewall</filename>.</para>
</section>
<section>
<section id="var">
<title>/var/lib/shorewall</title>
<para>Shorewall doesn't install any files in this directory but rather
@ -288,7 +288,7 @@
</section>
</section>
<section>
<section id="Shorewall-shell">
<title>Shorewall-shell</title>
<para>The Shorewall-shell product installs all of its files in
@ -318,7 +318,7 @@
</itemizedlist>
</section>
<section>
<section id="Shorewall-perl">
<title>Shorewall-perl</title>
<para>The Shorewall-perl product installs all of its files in
@ -352,7 +352,7 @@
</itemizedlist>
</section>
<section>
<section id="Shorewall-lite">
<title>Shorewall-lite</title>
<para>The Shorewall-lite product includes files installed in /<filename
@ -363,7 +363,7 @@
class="directory">/var/lilb/shorewall/</filename>. These are described in
the sub-sections that follow.</para>
<section>
<section id="sbin-lite">
<title>/sbin</title>
<para>The <filename>/sbin/shorewall-lite</filename> shell program is use
@ -371,7 +371,7 @@
url="manpages/shorewall-lite.html">shorewall-lite</ulink>(8).</para>
</section>
<section>
<section id="init-lite">
<title>/etc/init.d or /etc/rc.d (depends on distribution)</title>
<para>An init script is installed here. Depending on the distribution,
@ -379,14 +379,14 @@
<filename>rc.firewall</filename>.</para>
</section>
<section>
<section id="shorewall-lite">
<title>/etc/shorewall-lite</title>
<para>This is where the modifiable configuration files are
installed.</para>
</section>
<section>
<section id="share-lite">
<title>/usr/share/shorewall-lite</title>
<para>The bulk of Shorewall-lite is installed here.</para>
@ -435,7 +435,7 @@
</itemizedlist>
</section>
<section>
<section id="var-lite">
<title>/var/lib/shorewall-lite</title>
<para>Shorewall-lite doesn't install any files in this directory but

10
docs/CompiledPrograms.xml
View File

@ -34,7 +34,7 @@
</legalnotice>
</articleinfo>
<section>
<section id="Overview">
<title>Overview</title>
<para>Beginning with Shorewall version 3.1, Shorewall has the capability
@ -43,7 +43,7 @@
system with <emphasis>Shorewall Lite</emphasis> installed and can serve as
the firewall creation script for that system.</para>
<section>
<section id="Restrictions">
<title>Restrictions</title>
<para>While compiled Shorewall programs are useful in many cases, there
@ -552,7 +552,7 @@ clean:
<programlisting><command>ln -sf shorewall-lite /sbin/shorewall</command></programlisting>
</blockquote>
<section>
<section id="Converting">
<title>Converting a system from Shorewall to Shorewall Lite</title>
<para>Converting a firewall system that is currently running Shorewall
@ -822,7 +822,7 @@ MANGLE_FORWARD # Mangle table has FORWARD chain</programlisting
does not attempt to load additional kernel modules.</para>
</section>
<section>
<section id="Running">
<title>Running compiled programs directly</title>
<para>Compiled firewall programs are complete programs that support the
@ -864,4 +864,4 @@ MANGLE_FORWARD # Mangle table has FORWARD chain</programlisting
is the level specified in the shorewall.conf file used when then program
was compiled.</para>
</section>
</article>
</article>

10
docs/blacklisting_support.xml
View File

@ -34,7 +34,7 @@
</legalnotice>
</articleinfo>
<section>
<section id="Intro">
<title>Introduction</title>
<para>Shorewall supports two different forms of blacklisting; static and
@ -73,7 +73,7 @@
</important>
</section>
<section>
<section id="Static">
<title>Static Blacklisting</title>
<para>Shorewall static blacklisting support has the following
@ -153,7 +153,7 @@ ipset -B Blacklist 206.124.146.177 -b SMTP</programlisting>
<para>This will blacklist SMTP traffic from host 206.124.146.177.</para>
</section>
<section>
<section id="Dynamic">
<title>Dynamic Blacklisting</title>
<para>Dynamic blacklisting doesn't use any configuration parameters but is
@ -216,7 +216,7 @@ ipset -B Blacklist 206.124.146.177 -b SMTP</programlisting>
<quote>blacklist</quote> option in
<filename>/etc/shorewall/interfaces</filename>.</para>
<example>
<example id="Ignore">
<title>Ignore packets from a pair of systems</title>
<programlisting> <command>shorewall[-lite] drop 192.0.2.124 192.0.2.125</command></programlisting>
@ -224,7 +224,7 @@ ipset -B Blacklist 206.124.146.177 -b SMTP</programlisting>
<para>Drops packets from hosts 192.0.2.124 and 192.0.2.125</para>
</example>
<example>
<example id="Allow">
<title>Re-enable packets from a system</title>
<programlisting> <command>shorewall[-lite] allow 192.0.2.125</command></programlisting>

12
docs/bridge-Shorewall-perl.xml
View File

@ -41,7 +41,7 @@
documentation for that release.</emphasis></para>
</caution>
<section>
<section id="Background">
<title>Background</title>
<para>Systems where Shorewall runs normally function as
@ -78,7 +78,7 @@
</orderedlist>
</section>
<section>
<section id="Requirements">
<title>Requirements</title>
<para>Note that if you need a bridge but do not need to restrict the
@ -123,7 +123,7 @@
</itemizedlist>
</section>
<section>
<section id="Application">
<title>Application</title>
<para>The following diagram shows a typical application of a
@ -183,7 +183,7 @@
fileref="images/bridge3.png" /></para>
</section>
<section>
<section id="Bridge">
<title>Configuring the Bridge</title>
<para>Configuring the bridge itself is quite simple and uses the
@ -502,7 +502,7 @@ rc-update add bridge boot
can post it here.</para>
</section>
<section>
<section id="Shorewall">
<title>Configuring Shorewall</title>
<para>As described above, Shorewall bridge support requires the
@ -715,7 +715,7 @@ ACCEPT $FW $DMZ tcp 53 </
</orderedlist>
</section>
<section>
<section id="Limitations">
<title>Limitations</title>
<para>Bridging doesn't work with some wireless cards — see <ulink

16
docs/configuration_file_basics.xml
View File

@ -241,7 +241,7 @@
place comments at the end of any line, again by delimiting the comment
from the rest of the line with a pound sign.</para>
<example>
<example id="comment">
<title>Comments in a Configuration File</title>
<programlisting># This is a comment
@ -335,7 +335,7 @@ gateway:~ #
backslash (<quote>\</quote>) followed immediately by a new line character
(Enter key).</para>
<example>
<example id="continuation">
<title>Line Continuation</title>
<programlisting>ACCEPT net $FW tcp \↵
@ -372,7 +372,7 @@ smtp,www,pop3,imap #Services running on the firewall</programlisting>
<filename>params</filename> file.</para>
</caution>
<example>
<example id="include">
<title>Use of INCLUDE</title>
<programlisting> shorewall/params.mgmt:
@ -478,7 +478,7 @@ smtp,www,pop3,imap #Services running on the firewall</programlisting>
Shorewall to insure backward compatibility with existing configuration
files.</para>
<example>
<example id="validdns">
<title>Valid DNS Names</title>
<itemizedlist>
@ -492,7 +492,7 @@ smtp,www,pop3,imap #Services running on the firewall</programlisting>
</itemizedlist>
</example>
<example>
<example id="invaliddns">
<title>Invalid DNS Names</title>
<itemizedlist>
@ -650,7 +650,7 @@ DNAT net loc:192.168.1.3 tcp 4000:4100</programlisting>
omit the high port number, a value of 65535 is assumed.</para>
</section>
<section>
<section id="Portlists">
<title>Port Lists</title>
<para>In most cases where a port or port range may appear, a
@ -795,7 +795,7 @@ DNAT net loc:192.168.1.3 tcp 4000:4100</programlisting>
<para>In GNU/Linux, MAC addresses are usually written as a series of 6 hex
numbers separated by colons.</para>
<example>
<example id="mac">
<title>MAC Address of an Ethernet Controller</title>
<programlisting> &nbsp;&nbsp;&nbsp;&nbsp; [root@gateway root]# <command>ifconfig eth0</command>
@ -859,7 +859,7 @@ DNAT net loc:192.168.1.3 tcp 4000:4100</programlisting>
</orderedlist>
</section>
<section>
<section id="Save">
<title>Saved Configurations</title>
<para>Shorewall allows you to <firstterm>save</firstterm> the

10
docs/dhcp.xml
View File

@ -50,7 +50,7 @@
Shorewall-generated Netfilter logging rules.</para>
</note>
<section>
<section id="Firewall">
<title>If you want to Run a DHCP Server on your firewall</title>
<itemizedlist>
@ -77,7 +77,7 @@
</itemizedlist>
</section>
<section>
<section id="Client">
<title>If a Firewall Interface gets its IP Address via DHCP</title>
<itemizedlist>
@ -122,7 +122,7 @@
</itemizedlist>
</section>
<section>
<section id="Bridge">
<title>If you wish to pass DHCP requests and responses through a
bridge</title>
@ -137,7 +137,7 @@
</itemizedlist>
</section>
<section>
<section id="Relay">
<title>Running dhcrelay on the firewall</title>
<itemizedlist>
@ -155,4 +155,4 @@
</listitem>
</itemizedlist>
</section>
</article>
</article>