Make the Introduction and QuickStart Guides more obvious in the documentation index

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2471 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-docs2/Documentation_Index.xml

@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2005-05-12</pubdate>
+    <pubdate>2005-08-11</pubdate>
 
     <copyright>
       <year>2001-2005</year>
@@ -42,20 +42,6 @@
     in both Docbook XML and HTML formats.</para>
   </note>
 
-  <caution>
-    <para>Are you running Shorewall on <ulink
-    url="http://www.mandrakesoft.com"><trademark>Mandrake</trademark>
-    Linux</ulink> with a two-interface setup?</para>
-
-    <para>If so and if you configured your system while running a Mandrake
-    release earlier than 10.0 final then this documentation will not apply
-    directly to your environment. If you want to use the documentation that
-    you find here, you will want to consider uninstalling what you have and
-    installing a configuration that matches this documentation. See the <ulink
-    url="two-interface.htm">Two-interface QuickStart Guide</ulink> for
-    details.</para>
-  </caution>
-
   <itemizedlist>
     <listitem>
       <para><ulink url="Introduction.html">Introduction to
@@ -72,6 +58,20 @@
   Please review the appropriate guide before trying to use this documentation
   directly.</para>
 
+  <caution>
+    <para>Are you running Shorewall on <ulink
+    url="http://www.mandrakesoft.com"><trademark>Mandrake</trademark>
+    Linux</ulink> with a two-interface setup?</para>
+
+    <para>If so and if you configured your system while running a Mandrake
+    release earlier than 10.0 final then this documentation will not apply
+    directly to your environment. If you want to use the documentation that
+    you find here, you will want to consider uninstalling what you have and
+    installing a configuration that matches this documentation. See the <ulink
+    url="two-interface.htm">Two-interface QuickStart Guide</ulink> for
+    details.</para>
+  </caution>
+
   <orderedlist>
     <listitem>
       <para><ulink url="Kernel2.6.html">2.6 Kernel</ulink></para>

Shorewall-docs2/ipsets.xml

@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2005-05-09</pubdate>
+    <pubdate>2005-07-27</pubdate>
 
     <copyright>
       <year>2005</year>
@@ -52,7 +52,7 @@
       <listitem>
         <para>Blacklists. Ipsets provide an effecient way to represent large
         sets of addresses and you can maintain the lists without the need to
-        restart or even refresh your Shorewall configuration. </para>
+        restart or even refresh your Shorewall configuration.</para>
       </listitem>
 
       <listitem>
@@ -185,4 +185,32 @@ ipset -B Blacklist 206.124.146.177 -b SMTP</command></programlisting>
 
     <para>Now only port 25 will be blocked from 206.124.146.177.</para>
   </section>
+
+  <section>
+    <title>Defining Dynamic Zones using Ipsets</title>
+
+    <para>The use of ipsets provides a much better way to define dynamic zones
+    than is provided by the native Shorewall implementation. To define a
+    dynamic zone of hosts <emphasis role="bold">dyn</emphasis> that interface
+    through interface eth3, use:</para>
+
+    <para>/etc/shorewall/zones:</para>
+
+    <programlisting>#ZONE         IPSEC         OPTIONS            IN OPTIONS        OUT OPTIONS
+dyn           No</programlisting>
+
+    <para>/etc/shorewall/interfaces:</para>
+
+    <programlisting>#ZONE         INTERFACE     OPTIONS
+-             eth3          …</programlisting>
+
+    <para>/etc/shorewall/hosts:</para>
+
+    <programlisting>#ZONE         HOSTS         OPTIONS
+dyn           eth3:+Dyn</programlisting>
+
+    <para>Now create an ipmap named <emphasis role="bold">Dyn</emphasis> and
+    you're all set. You can add and delete addresses from Dyn without having
+    to touch Shorewall.</para>
+  </section>
 </article>