mirror of
https://gitlab.com/shorewall/code.git
synced 2025-06-21 02:08:48 +02:00
Make the Introduction and QuickStart Guides more obvious in the documentation index
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2471 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
ed2076a0fc
commit
ffdc1f3ba2
@ -15,7 +15,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2005-05-12</pubdate>
|
<pubdate>2005-08-11</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2001-2005</year>
|
<year>2001-2005</year>
|
||||||
@ -42,20 +42,6 @@
|
|||||||
in both Docbook XML and HTML formats.</para>
|
in both Docbook XML and HTML formats.</para>
|
||||||
</note>
|
</note>
|
||||||
|
|
||||||
<caution>
|
|
||||||
<para>Are you running Shorewall on <ulink
|
|
||||||
url="http://www.mandrakesoft.com"><trademark>Mandrake</trademark>
|
|
||||||
Linux</ulink> with a two-interface setup?</para>
|
|
||||||
|
|
||||||
<para>If so and if you configured your system while running a Mandrake
|
|
||||||
release earlier than 10.0 final then this documentation will not apply
|
|
||||||
directly to your environment. If you want to use the documentation that
|
|
||||||
you find here, you will want to consider uninstalling what you have and
|
|
||||||
installing a configuration that matches this documentation. See the <ulink
|
|
||||||
url="two-interface.htm">Two-interface QuickStart Guide</ulink> for
|
|
||||||
details.</para>
|
|
||||||
</caution>
|
|
||||||
|
|
||||||
<itemizedlist>
|
<itemizedlist>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para><ulink url="Introduction.html">Introduction to
|
<para><ulink url="Introduction.html">Introduction to
|
||||||
@ -72,6 +58,20 @@
|
|||||||
Please review the appropriate guide before trying to use this documentation
|
Please review the appropriate guide before trying to use this documentation
|
||||||
directly.</para>
|
directly.</para>
|
||||||
|
|
||||||
|
<caution>
|
||||||
|
<para>Are you running Shorewall on <ulink
|
||||||
|
url="http://www.mandrakesoft.com"><trademark>Mandrake</trademark>
|
||||||
|
Linux</ulink> with a two-interface setup?</para>
|
||||||
|
|
||||||
|
<para>If so and if you configured your system while running a Mandrake
|
||||||
|
release earlier than 10.0 final then this documentation will not apply
|
||||||
|
directly to your environment. If you want to use the documentation that
|
||||||
|
you find here, you will want to consider uninstalling what you have and
|
||||||
|
installing a configuration that matches this documentation. See the <ulink
|
||||||
|
url="two-interface.htm">Two-interface QuickStart Guide</ulink> for
|
||||||
|
details.</para>
|
||||||
|
</caution>
|
||||||
|
|
||||||
<orderedlist>
|
<orderedlist>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para><ulink url="Kernel2.6.html">2.6 Kernel</ulink></para>
|
<para><ulink url="Kernel2.6.html">2.6 Kernel</ulink></para>
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2005-05-09</pubdate>
|
<pubdate>2005-07-27</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2005</year>
|
<year>2005</year>
|
||||||
@ -185,4 +185,32 @@ ipset -B Blacklist 206.124.146.177 -b SMTP</command></programlisting>
|
|||||||
|
|
||||||
<para>Now only port 25 will be blocked from 206.124.146.177.</para>
|
<para>Now only port 25 will be blocked from 206.124.146.177.</para>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<title>Defining Dynamic Zones using Ipsets</title>
|
||||||
|
|
||||||
|
<para>The use of ipsets provides a much better way to define dynamic zones
|
||||||
|
than is provided by the native Shorewall implementation. To define a
|
||||||
|
dynamic zone of hosts <emphasis role="bold">dyn</emphasis> that interface
|
||||||
|
through interface eth3, use:</para>
|
||||||
|
|
||||||
|
<para>/etc/shorewall/zones:</para>
|
||||||
|
|
||||||
|
<programlisting>#ZONE IPSEC OPTIONS IN OPTIONS OUT OPTIONS
|
||||||
|
dyn No</programlisting>
|
||||||
|
|
||||||
|
<para>/etc/shorewall/interfaces:</para>
|
||||||
|
|
||||||
|
<programlisting>#ZONE INTERFACE OPTIONS
|
||||||
|
- eth3 …</programlisting>
|
||||||
|
|
||||||
|
<para>/etc/shorewall/hosts:</para>
|
||||||
|
|
||||||
|
<programlisting>#ZONE HOSTS OPTIONS
|
||||||
|
dyn eth3:+Dyn</programlisting>
|
||||||
|
|
||||||
|
<para>Now create an ipmap named <emphasis role="bold">Dyn</emphasis> and
|
||||||
|
you're all set. You can add and delete addresses from Dyn without having
|
||||||
|
to touch Shorewall.</para>
|
||||||
|
</section>
|
||||||
</article>
|
</article>
|
Loading…
x
Reference in New Issue
Block a user