From f9e5b213394517c5bb3144d955fb441c589c30f3 Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 18 Sep 2007 19:19:28 +0000 Subject: [PATCH] Add a few Shorewall-perl FAQs git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7362 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- docs/FAQ.xml | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/docs/FAQ.xml b/docs/FAQ.xml index 1efd7de06..cb49b7a69 100644 --- a/docs/FAQ.xml +++ b/docs/FAQ.xml @@ -2155,6 +2155,65 @@ eth0 eth1 # eth1 = interface to local netwo +
+ Shorewall-Perl + +
+ (FAQ 70) What is Shorewall-Perl? + + Answer: Shorewall-perl is a + re-implementation of the Shorewall configuration compiler written in + Perl. +
+ +
+ (FAQ 71) What are the advantages of using Shorewall-perl? + + Answer: + + + + The Shorewall-perl compiler is much faster than the + Shorewall-shell compiler. + + + + The script generated by the Shorewall-perl compiler uses + iptables-restore to instantiate the Netfilter + configuration. So it runs much faster than the script generated by + the Shorewall-shell compiler and doesn't disable new connections + during ruleset installation. + + + + The Shorewall-perl compiler does more thorough checking of the + configuration than the Shorewall-shell compiler does. + + + + The error messages produced by the Shorewall-perl compiler are + better, more consistent and always include the file name and line + number where the error was detected. + + + + Going forward, the Shorewall-perl compiler will get all + enhancements; the Shorewall-shell compiler will only get those + enhancements that are easy to retrofit. + + +
+ +
+ (FAQ 72) Can I switch to using Shorewall-perl without changing my + Shorewall configuration? + + Answer: Probably not. See the + Shorewall Perl article for a list of the + incompatibilities between Shorewall-shell and Shorewall-perl. +
+
+
Miscellaneous