mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-09 01:04:06 +01:00
4033e6051b
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3521 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
78 lines
2.4 KiB
XML
78 lines
2.4 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
|
<article>
|
|
<!--$Id$-->
|
|
|
|
<articleinfo>
|
|
<title>Shorewall and the 2.6 Linux Kernel</title>
|
|
|
|
<authorgroup>
|
|
<author>
|
|
<firstname>Tom</firstname>
|
|
|
|
<surname>Eastep</surname>
|
|
</author>
|
|
</authorgroup>
|
|
|
|
<pubdate>2005-01-14</pubdate>
|
|
|
|
<copyright>
|
|
<year>2003</year>
|
|
|
|
<year>2004</year>
|
|
|
|
<year>2005</year>
|
|
|
|
<holder>Thomas M. Eastep</holder>
|
|
</copyright>
|
|
|
|
<legalnotice>
|
|
<para>Permission is granted to copy, distribute and/or modify this
|
|
document under the terms of the GNU Free Documentation License, Version
|
|
1.2 or any later version published by the Free Software Foundation; with
|
|
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
|
Texts. A copy of the license is included in the section entitled
|
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
|
License</ulink></quote>.</para>
|
|
</legalnotice>
|
|
</articleinfo>
|
|
|
|
<section>
|
|
<title>General</title>
|
|
|
|
<para>Shorewall is compatible with the Linux 2.6 kernel series and
|
|
contains support for the following features that are added in that
|
|
series:</para>
|
|
|
|
<orderedlist>
|
|
<listitem>
|
|
<para><ulink url="netmap.html">NETMAP</ulink> Target Support.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para><ulink url="bridge.html">Bridge/Firewall</ulink> Support
|
|
(physdev match support).</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para><ulink url="traffic_shaping.htm">CLASSIFY</ulink> Target
|
|
Support.</para>
|
|
</listitem>
|
|
</orderedlist>
|
|
</section>
|
|
|
|
<section>
|
|
<title>IPSEC</title>
|
|
|
|
<para>The 2.6 Linux kernel introduces a new implementation of IPSEC which
|
|
eliminates the <filename class="devicefile">ipsecN</filename> device
|
|
names. Netfilter/iptables support for this new implementation is
|
|
incomplete unless your kernel has been patched. For unpatched kernels, see
|
|
the <ulink url="IPSEC.htm">Shorewall IPSEC documentation</ulink>
|
|
(Shorewall support for IPSEC with unpatched 2.6 kernels is very limited).
|
|
For patched 2.6 kernels (including those supplied with
|
|
<trademark>SUSE</trademark> 9.2) see the <ulink
|
|
url="IPSEC-2.6.html">Kernel 2.6 IPSEC documentation</ulink>.</para>
|
|
</section>
|
|
</article> |