extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-22 07:33:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update interfaces documentation for multiple broadcasts

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@198 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-08-14 21:57:38 +00:00
parent 6ae0ea8981
commit fc3b04183d
6 changed files with 144 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall-docs/Documentation.htm
View File

@ -226,13 +226,17 @@ for each of your interfaces. Columns in an entry are:</p>
INTERFACE</b> - the name of the interface (examples: eth0, ppp0, ipsec+)</li>
<li><b>
BROADCAST</b> - the broadcast address(es) for the sub-network(s) attached to the
interface. This should be left empty for P-T-P interfaces (ppp*, ippp*);
if you need to specify options for such an interface, enter "-" in
this column. If you supply the special value "detect" in this column,
the firewall will automatically determine the broadcast address. Note
that to use this feature, you must have iproute installed, the interface
must be up before you start your firewall and it must only be attached to
a single sub-network.&nbsp;</li>
interface. This should be left empty for P-T-P interfaces (ppp*, ippp*); if
you need to specify options for such an interface, enter &quot;-&quot; in this column.
If you supply the special value &quot;detect&quot; in this column, the firewall will
automatically determine the broadcast address. In order to use &quot;detect&quot;:<ul>
<li>you must have iproute installed</li>
<li>the interface must be up before you start your firewall</li>
<li>the interface must only be attached to
a single sub-network (i.e., there must have a single broadcast address).&nbsp;</li>
</ul>
</li>
<li><b>
OPTIONS</b> - a comma-separated list of options. Possible options include:
<p>
@ -2685,7 +2689,7 @@ by Shorewall, you must have <a href="#MangleEnabled">mangle support enabled</a
<p><font size="2">
Updated 8/13/2002 - <a href="support.htm">Tom
Updated 8/14/2002 - <a href="support.htm">Tom
Eastep</a>
</font></p>

9
Shorewall-docs/News.htm
View File

@ -5,13 +5,18 @@
<title>Shorewall News</title>
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta name="Microsoft Theme" content="boldstri 011, default">
<meta name="Microsoft Theme" content="none">
</head>
<body>
<h1 align="center">Shorewall News Archive</h1>
<p><b>8/13/2002 - Documentation in the <a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">CVS Repository</a></b></p>
<p>The Shorewall-docs project now contains just the HTML and image files - the
Frontpage files have been removed.</p>
<p><b>8/7/2002 - <i>STABLE</i></b> <b>branch added to <a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">CVS Repository</a></b></p>
<p>This branch will only be updated after I release a new version of Shorewall
@ -990,7 +995,7 @@ version:</p>
additional &quot;gw&quot; (gateway) zone for tunnels and it supports IPSEC
tunnels with end-points on the firewall. There is also a .lrp available now.</b></p>
<p><font size="2">Updated 7/31/2002 - <a href="support.htm">Tom
<p><font size="2">Updated 8/13/2002 - <a href="support.htm">Tom
Eastep</a> </font></p>
<p><font face="Trebuchet MS"><a href="copyright.htm"><font size="2">

71
Shorewall-docs/Shorewall_index_frame.htm
View File

@ -10,54 +10,67 @@
<meta name="Microsoft Theme" content="boldstri 011, default">
</head>
<body><h3 align="center">&nbsp;Shorewall</h3>
<ul>
<li><a href="seattlefirewall_index.htm">Home</a></li>
<li><a target="_top" href="/1.2/index.htm">Shorewall 1.2 Home</a></li>
<li><a href="shorewall_features.htm">Features</a></li>
<li><a href="shorewall_prerequisites.htm">Requirements</a></li>
<li><a href="download.htm">Download</a></li>
<li><a href="shorewall_quickstart_guide.htm">QuickStart Guides</a></li>
<li><a href="Install.htm">Installation/Upgrade<br>
/Configuration</a></li>
<li><a href="shorewall_quickstart_guide.htm#Documentation">Documentation</a></li>
<li><a href="Documentation.htm">Reference Manual</a></li>
<li><a href="FAQ.htm">FAQs</a></li>
<li><a href="troubleshoot.htm">Troubleshooting</a></li>
<li><a href="errata.htm">Errata</a></li>
<li><a href="support.htm">Support</a></li>
<li><a href="mailing_list.htm">Mailing Lists</a></li>
<li><a href="shorewall_mirrors.htm">Mirrors</a><ul>
<body>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" bgcolor="#4B017C" height="90">
<tr>
<td width="100%">
<h3 align="center"><font color="#FFFFFF">Shorewall</font></h3>
</td>
</tr>
</table>
<table border="0" cellpadding="8" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber2">
<tr>
<td width="14%">&nbsp;</td>
<td width="86%">
<a href="seattlefirewall_index.htm">Home</a><br>
<a target="_top" href="/1.2/index.htm">Shorewall 1.2 Home</a><br>
<a href="shorewall_features.htm">Features</a><br>
<a href="shorewall_prerequisites.htm">Requirements</a><br>
<a href="download.htm">Download</a><br>
<a href="shorewall_quickstart_guide.htm">QuickStart Guides</a><br>
<a href="Install.htm">Installation/Upgrade<br>
/Configuration</a><br>
<a href="shorewall_quickstart_guide.htm#Documentation">Documentation</a><br>
<a href="Documentation.htm">Reference Manual</a><br>
<a href="FAQ.htm">FAQs</a><br>
<a href="troubleshoot.htm">Troubleshooting</a><br>
<a href="errata.htm">Errata</a><br>
<a href="support.htm">Support</a><br>
<a href="mailing_list.htm">Mailing Lists</a><br>
<a href="shorewall_mirrors.htm">Mirrors</a><ul>
<li><a target="_top" href="http://slovakia.shorewall.net">Slovak Republic</a></li>
<li><a target="_top" href="http://shorewall.infohiiway.com">Texas, USA</a></li>
<li><a target="_top" href="http://germany.shorewall.net">Germany</a></li>
<li><a target="_top" href="http://shorewall.correofuego.com.ar">Argentina</a></li>
</ul>
</li>
<li><a href="News.htm">News Archive</a></li>
<li><a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">CVS Repository</a></li>
<li><a href="quotes.htm">Quotes from Users</a></li>
<li><a href="shoreline.htm">About the Author</a></li>
<li><a href="seattlefirewall_index.htm#Donations">Donations</a></li>
</ul>
<a href="News.htm">News Archive</a><br>
<a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">CVS Repository</a><br>
<a href="quotes.htm">Quotes from Users</a><br>
<a href="shoreline.htm">About the Author</a><br>
<a href="seattlefirewall_index.htm#Donations">Donations</a></td>
</tr>
</table>
<form method="post" action="http://www.shorewall.net/cgi-bin/htsearch" >
<p>
<strong>Quick Search</strong><br>
<font size="-1">
<input type=text name=words size=15>
<font face="Arial" size="-1">
<input type=text name=words size=15></font><font size="-1"> </font>
<font face="Arial" size="-1">
<input type=hidden name=format value=long>
<input type=hidden name=method value=and>
<input type=hidden name=config value=htdig>
<input type="submit" value="Search"></font>
</p>
<font face="Arial">
<input type="hidden" name="exclude" value="[http://www.shorewall.net/pipermail/*]">
</font>
</form>
<p><strong><a href="htdig/search.html">Extended Search Forms</a></strong></p>
<p><font face="Trebuchet MS"><a href="copyright.htm"><font size="2">Copyright</font>
© <font size="2">2001, 2002 Thomas M. Eastep.</font></a></font></p>
<p><a href="copyright.htm"><font size="2">Copyright</font>
© <font size="2">2001, 2002 Thomas M. Eastep.</font></a></p>
<p><a href="http://www.shorewall.net" target="_top">
<img border="1" src="images/shorewall.jpg" width="119" height="38" hspace="0"></a></p>

25
Shorewall-docs/errata.htm
View File

@ -79,6 +79,8 @@ dos2unix</a></u>
<b><a href="#Debug">Problems with kernels &gt;= 2.4.18 and
RedHat iptables</a></b></li>
<li><b><a href="#SuSE">Problems installing/upgrading RPM on SuSE</a></b></li>
<li><b><a href="#Multiport">Problems with iptables version 1.2.7 and
MULTIPORT=Yes</a></b></li>
</ul>
<hr>
@ -285,9 +287,10 @@ RedHat released this buggy iptables in RedHat 7.2.&nbsp;</p>
you are currently running RedHat 7.1, you can install either of these RPMs
<b><u>before</u> </b>you upgrade to RedHat 7.2.</p>
<p align="Left"><font face="Century Gothic, Arial, Helvetica" color="#FF6633"><b>Update
<p align="Left"><font color="#FF6633"><b>Update
11/9/2001: </b></font>RedHat has
released an iptables-1.2.4 RPM of their own which you can download from<font face="Century Gothic, Arial, Helvetica" color="#FF6633">
</font><font color="#FF6633">
<a href="http://www.redhat.com/support/errata/RHSA-2001-144.html">http://www.redhat.com/support/errata/RHSA-2001-144.html</a>.
</font>I have installed this RPM
on my firewall and it works fine.</p>
@ -354,10 +357,22 @@ Aborted (core dumped)
<p>Upgrading: rpm -Uvh <i>&lt;shorewall rpm&gt;</i></p>
<p><font face="Century Gothic, Arial, Helvetica"><font size="2">
Last updated 8/7/2002 - </font><font size="2">
<a href="support.htm">Tom Eastep</a></font>
</font></p>
<p><a name="Multiport"></a><b>Problems with
iptables version 1.2.7 and MULTIPORT=Yes</b></p>
<p>The iptables 1.2.7 release of iptables has made
an incompatible change to the syntax used to
specify multiport match rules; as a consequence,
users who install iptables 1.2.7 must set
MULTIPORT=No in /etc/shorewall/shorewall.conf or
install
<a href="http://www.shorewall.net/pub/shorewall/errata/1.3.6/firewall">
this firewall script</a> in /var/lib/shorewall/firewall
as described above.</p>
<p><font size="2">
Last updated 8/14/2002 -
<a href="support.htm">Tom Eastep</a></font> </p>
<p><font face="Trebuchet MS"><a href="copyright.htm"><font size="2">Copyright</font>
© <font size="2">2001, 2002 Thomas M. Eastep.</font></a></font></p>

98
Shorewall-docs/seattlefirewall_index.htm
View File

@ -11,37 +11,67 @@
<base target="_self">
<meta name="Microsoft Theme" content="boldstri 011, default">
<meta name="Microsoft Theme" content="boldstri 011, default">
</head>
<body>
<h1 align="center">Shorewall 1.3 - <font size="4">&quot;<i>iptables made easy&quot;</i></font></h1>
<table border="0" cellpadding="0" cellspacing="4" style="border-collapse: collapse" width="100%" id="AutoNumber3" bgcolor="#4B017C">
<tr>
<td width="100%">
<h1 align="center"> <font size="4"><i>
<a href="http://www.cityofshoreline.com">
<img border="0" src="images/washington.jpg" align="right" width="100" height="82"><img border="0" src="images/washington.jpg" align="left" width="100" height="82"></a></i></font><font color="#FFFFFF">Shorewall 1.3 - <font size="4">&quot;<i>iptables made easy&quot;</i></font></font></h1>
</td>
</tr>
</table>
<div align="center">
<center>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber4">
<tr>
<td width="90%">
<h2 align="Left">What is it?</h2>
<p>The Shoreline Firewall, more commonly known as &quot;Shorewall&quot;,&nbsp; is a
<a href="http://www.netfilter.org">Netfilter</a> (iptables)
based firewall that can be used on a dedicated firewall system, a
multi-function gateway/router/server or on a standalone GNU/Linux system.</p>
<a href="http://www.netfilter.org">Netfilter</a> (iptables) based firewall
that can be used on a dedicated firewall system, a multi-function
gateway/router/server or on a standalone GNU/Linux system.</p>
<p>This program is free software; you can redistribute it and/or modify
it under the terms of <a href="http://www.gnu.org/licenses/gpl.html">Version 2 of the GNU General Public License</a>
as published by the Free Software Foundation.<br>
<p>This program is free software; you can redistribute it and/or modify it
under the terms of <a href="http://www.gnu.org/licenses/gpl.html">Version
2 of the GNU General Public License</a> as published by the Free Software
Foundation.<br>
<br>
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.<br>
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.<br>
<br>
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 675 Mass Ave, Cambridge, MA 02139, USA</p>
along with this program; if not, write to the Free Software Foundation,
Inc., 675 Mass Ave, Cambridge, MA 02139, USA</p>
<p><a href="copyright.htm">Copyright 2001, 2002 Thomas M. Eastep</a></p>
<p>&nbsp;<a href="http://leaf.sourceforge.net" target="_top"><img border="0" src="images/leaflogo.gif" width="49" height="36"></a>Jacques
Nilo and Eric Wolzak have a LEAF distribution called <i>Bering</i> that
features Shorewall-1.3.3 and Kernel-2.4.18. You can find their work at:
<a href="http://leaf.sourceforge.net/devel/jnilo">
http://leaf.sourceforge.net/devel/jnilo</a></p>
<h2>News</h2>
<p><b>8/7/2002 - <i>STABLE</i></b> <b>branch added to <a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">CVS Repository</a>
<p><b>8/13/2002 - Documentation in the <a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">
CVS Repository</a>
<img border="0" src="images/new10.gif" width="28" height="12"></b></p>
<p>The Shorewall-docs project now contains just the HTML and image files - the
Frontpage files have been removed.</p>
<p><b>8/7/2002 - <i>STABLE</i></b> <b>branch added to <a target="_top" href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">
CVS Repository</a>
<img border="0" src="images/new10.gif" width="28" height="12"></b></p>
<p>This branch will only be updated after I release a new version of Shorewall
@ -62,10 +92,10 @@
<ul>
<li>The latest <a href="shorewall_quickstart_guide.htm">QuickStart Guides </a>
including the <a href="shorewall_setup_guide.htm">Shorewall Setup Guide.</a></li>
<li>Shorewall will now DROP TCP packets that are not part of or
related to an existing connection and that are not SYN packets. These &quot;New
not SYN&quot; packets may be optionally logged by setting the LOGNEWNOTSYN option
in <a href="Documentation.htm#Conf">/etc/shorewall/shorewall.conf</a>.</li>
<li>Shorewall will now DROP TCP packets that are not part of or related to an
existing connection and that are not SYN packets. These &quot;New not SYN&quot; packets
may be optionally logged by setting the LOGNEWNOTSYN option in <a href="Documentation.htm#Conf">
/etc/shorewall/shorewall.conf</a>.</li>
<li>The processing of &quot;New not SYN&quot; packets may be extended by commands in
the new <a href="shorewall_extension_scripts.htm">newnotsyn extension script</a>.</li>
</ul>
@ -74,36 +104,32 @@
<p><a href="News.htm">More News</a></p>
<p><a href="http://sourceforge.net" target="_top"><img src="http://sourceforge.net/sflogo.php?group_id=22587" alt="SourceForge Logo"></a>The
Shorewall Project uses facilities provided by SourceForge.</p>
<p><a href="http://leaf.sourceforge.net" target="_top">
<img border="0" src="images/leaflogo.gif" width="49" height="36"></a>
Jacques Nilo and Eric Wolzak have a LEAF distribution called <i>Bering</i>
that features Shorewall-1.3.3 and Kernel-2.4.18. You can find their work at:
<a href="http://leaf.sourceforge.net/devel/jnilo">http://leaf.sourceforge.net/devel/jnilo</a></p>
<h2><a name="Donations"></a>Donations</h2>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber2" bgcolor="#4B017C">
</td>
<td width="88" bgcolor="#4B017C" valign="top" align="center"><a href="http://sourceforge.net" target="_top">
<img src="http://sourceforge.net/sflogo.php?group_id=22587" alt="SourceForge Logo" border="0" hspace="14" vspace="5" align="center"></a></td>
</tr>
</table>
</center>
</div>
<table border="0" cellpadding="5" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber2" bgcolor="#4B017C">
<tr>
<th width="100%" style="margin-top: 1">
<td width="100%" style="margin-top: 1">
<p align="center"><a href="http://www.starlight.org">
<img border="4" src="images/newlog.gif" width="57" height="100" align="left" hspace="10"><img border="4" src="images/newlog.gif" width="57" height="100" align="right" hspace="10"></a></p>
<p align="center"><font size="4" color="#FFFFFF">Shorewall is free but if
you try it and find it useful, please consider making a donation to
<a href="http://www.starlight.org"><font color="#FFFFFF">Starlight Children's Foundation.</font></a> Thanks!</font></th>
<a href="http://www.starlight.org"><font color="#FFFFFF">Starlight Children's Foundation.</font></a> Thanks!</font></td>
</tr>
</table>
<p><font face="Century Gothic, Arial, Helvetica"><font size="2">Updated
8/10/2002 - <a href="support.htm">Tom Eastep</a>
<p><font size="2">Updated
8/13/2002 - <a href="support.htm">Tom Eastep</a>
</font>
</font>
</p>

3
Shorewall-docs/shoreline.htm
View File

@ -60,8 +60,7 @@ ipchains and developed the scripts which are now collectively known as <a href="
<p>I telework from our home in&nbsp;<a href="http://www.cityofshoreline.com">Shoreline,
Washington</a>
where I live with my wife Tarry. <a href="http://www.cityofshoreline.com">
<img border="0" src="images/washington.jpg" width="100" height="82" hspace="0"></a></p>
where I live with my wife Tarry. </p>
<p>Our current home network consists of: </p>