holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add a little IPv6 Documentation

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9079 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-12-16 22:33:11 +00:00
parent 4889d5860c
commit 10335f52ce
3 changed files with 88 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
docs/Documentation_Index.xml
View File

@ -18,7 +18,7 @@
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate> <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
<copyright> <copyright>
<year>2001-2007</year> <year>2001-2008</year>
<holder>Thomas M. Eastep</holder> <holder>Thomas M. Eastep</holder>
</copyright> </copyright>
@ -60,8 +60,8 @@
<entry><ulink url="PortKnocking.html#Limit">Limiting per-IPaddress <entry><ulink url="PortKnocking.html#Limit">Limiting per-IPaddress
Connection Rate</ulink></entry> Connection Rate</ulink></entry>
<entry><ulink url="ScalabilityAndPerformance.html">Scalability and <entry><ulink url="CompiledPrograms.html#Lite">Shorewall
Performance</ulink></entry> Lite</ulink></entry>
</row> </row>
<row> <row>
@ -69,8 +69,8 @@
<entry><ulink url="shorewall_logging.html">Logging</ulink></entry> <entry><ulink url="shorewall_logging.html">Logging</ulink></entry>
<entry><ulink url="CompiledPrograms.html#Lite">Shorewall <entry><ulink url="Modularization.html">Shorewall
Lite</ulink></entry> Modularization</ulink></entry>
</row> </row>
<row> <row>
@ -78,8 +78,8 @@
<entry><ulink url="Macros.html">Macros</ulink></entry> <entry><ulink url="Macros.html">Macros</ulink></entry>
<entry><ulink url="Modularization.html">Shorewall <entry><ulink url="Shorewall-4.html">Shorewall 4.x</ulink> --
Modularization</ulink></entry> What's new</entry>
</row> </row>
<row> <row>
@ -89,8 +89,8 @@
<entry><ulink url="MAC_Validation.html">MAC <entry><ulink url="MAC_Validation.html">MAC
Verification</ulink></entry> Verification</ulink></entry>
<entry><ulink url="Shorewall-4.html">Shorewall 4.x</ulink> -- <entry><ulink url="Shorewall-perl.html">Shorewall
What's new</entry> Perl</ulink></entry>
</row> </row>
<row> <row>
@ -99,8 +99,8 @@
<entry><ulink url="Manpages.html">Man Pages</ulink></entry> <entry><ulink url="Manpages.html">Man Pages</ulink></entry>
<entry><ulink url="Shorewall-perl.html">Shorewall <entry><ulink url="shorewall_setup_guide.htm">Shorewall Setup
Perl</ulink></entry> Guide</ulink></entry>
</row> </row>
<row> <row>
@ -110,8 +110,7 @@
<entry><ulink url="ManualChains.html">Manual <entry><ulink url="ManualChains.html">Manual
Chains</ulink></entry> Chains</ulink></entry>
<entry><ulink url="shorewall_setup_guide.htm">Shorewall Setup <entry><ulink url="samba.htm">SMB</ulink></entry>
Guide</ulink></entry>
</row> </row>
<row> <row>
@ -122,7 +121,9 @@
<entry><ulink <entry><ulink
url="two-interface.htm#SNAT">Masquerading</ulink></entry> url="two-interface.htm#SNAT">Masquerading</ulink></entry>
<entry><ulink url="samba.htm">SMB</ulink></entry> <entry><ulink url="two-interface.htm#SNAT">SNAT</ulink>
(<firstterm>Source Network Address
Translation</firstterm>)</entry>
</row> </row>
<row> <row>
@ -133,9 +134,8 @@
from a Single Firewall</ulink> (<ulink from a Single Firewall</ulink> (<ulink
url="MultiISP_ru.html">Russian</ulink>)</entry> url="MultiISP_ru.html">Russian</ulink>)</entry>
<entry><ulink url="two-interface.htm#SNAT">SNAT</ulink> <entry><ulink url="SplitDNS.html">Split DNS the Easy
(<firstterm>Source Network Address Way</ulink></entry>
Translation</firstterm>)</entry>
</row> </row>
<row> <row>
@ -145,8 +145,8 @@
<entry><ulink url="Multiple_Zones.html">Multiple Zones Through One <entry><ulink url="Multiple_Zones.html">Multiple Zones Through One
Interface</ulink></entry> Interface</ulink></entry>
<entry><ulink url="SplitDNS.html">Split DNS the Easy <entry><ulink url="Shorewall_Squid_Usage.html">Squid with
Way</ulink></entry> Shorewall</ulink></entry>
</row> </row>
<row> <row>
@ -156,8 +156,9 @@
<entry><ulink url="XenMyWay-Routed.html">My Shorewall <entry><ulink url="XenMyWay-Routed.html">My Shorewall
Configuration</ulink></entry> Configuration</ulink></entry>
<entry><ulink url="Shorewall_Squid_Usage.html">Squid with <entry><ulink
Shorewall</ulink></entry> url="starting_and_stopping_shorewall.htm">Starting/stopping the
Firewall</ulink></entry>
</row> </row>
<row> <row>
@ -167,9 +168,8 @@
<entry><ulink url="NetfilterOverview.html">Netfilter <entry><ulink url="NetfilterOverview.html">Netfilter
Overview</ulink></entry> Overview</ulink></entry>
<entry><ulink <entry><ulink url="NAT.htm">Static (one-to-one)
url="starting_and_stopping_shorewall.htm">Starting/stopping the NAT</ulink></entry>
Firewall</ulink></entry>
</row> </row>
<row> <row>
@ -178,8 +178,7 @@
<entry><ulink url="netmap.html">Network Mapping</ulink></entry> <entry><ulink url="netmap.html">Network Mapping</ulink></entry>
<entry><ulink url="NAT.htm">Static (one-to-one) <entry><ulink url="support.htm">Support</ulink></entry>
NAT</ulink></entry>
</row> </row>
<row> <row>
@ -188,7 +187,8 @@
<entry><ulink url="NAT.htm">One-to-one NAT</ulink> (Static <entry><ulink url="NAT.htm">One-to-one NAT</ulink> (Static
NAT)</entry> NAT)</entry>
<entry><ulink url="support.htm">Support</ulink></entry> <entry><ulink url="Accounting.html">Traffic
Accounting</ulink></entry>
</row> </row>
<row> <row>
@ -199,8 +199,9 @@
<entry><ulink url="Multiple_Zones.html"><ulink <entry><ulink url="Multiple_Zones.html"><ulink
url="OPENVPN.html">OpenVPN</ulink></ulink></entry> url="OPENVPN.html">OpenVPN</ulink></ulink></entry>
<entry><ulink url="Accounting.html">Traffic <entry><ulink url="traffic_shaping.htm">Traffic
Accounting</ulink></entry> Shaping/QOS</ulink> (<ulink
url="traffic_shaping_ru.html">Russian</ulink>)</entry>
</row> </row>
<row> <row>
@ -210,9 +211,8 @@
<entry><ulink url="starting_and_stopping_shorewall.htm">Operating <entry><ulink url="starting_and_stopping_shorewall.htm">Operating
Shorewall</ulink></entry> Shorewall</ulink></entry>
<entry><ulink url="traffic_shaping.htm">Traffic <entry><ulink url="Shorewall_Squid_Usage.html">Transparent
Shaping/QOS</ulink> (<ulink Proxy</ulink></entry>
url="traffic_shaping_ru.html">Russian</ulink>)</entry>
</row> </row>
<row> <row>
@ -223,8 +223,7 @@
<entry><ulink url="PacketMarking.html">Packet <entry><ulink url="PacketMarking.html">Packet
Marking</ulink></entry> Marking</ulink></entry>
<entry><ulink url="Shorewall_Squid_Usage.html">Transparent <entry><ulink url="UPnP.html">UPnP</ulink></entry>
Proxy</ulink></entry>
</row> </row>
<row> <row>
@ -234,7 +233,8 @@
<entry><ulink url="PacketHandling.html">Packet Processing in a <entry><ulink url="PacketHandling.html">Packet Processing in a
Shorewall-based Firewall</ulink></entry> Shorewall-based Firewall</ulink></entry>
<entry><ulink url="UPnP.html">UPnP</ulink></entry> <entry><ulink url="upgrade_issues.htm">Upgrade
Issues</ulink></entry>
</row> </row>
<row> <row>
@ -242,8 +242,7 @@
<entry><ulink url="ping.html">'Ping' Management</ulink></entry> <entry><ulink url="ping.html">'Ping' Management</ulink></entry>
<entry><ulink url="upgrade_issues.htm">Upgrade <entry><ulink url="VPNBasics.html">VPN</ulink></entry>
Issues</ulink></entry>
</row> </row>
<row> <row>
@ -253,7 +252,7 @@
<entry><ulink url="two-interface.htm#DNAT">Port <entry><ulink url="two-interface.htm#DNAT">Port
Forwarding</ulink></entry> Forwarding</ulink></entry>
<entry><ulink url="VPNBasics.html">VPN</ulink></entry> <entry><ulink url="VPN.htm">VPN Passthrough</ulink></entry>
</row> </row>
<row> <row>
@ -262,7 +261,8 @@
<entry><ulink url="ports.htm">Port Information</ulink></entry> <entry><ulink url="ports.htm">Port Information</ulink></entry>
<entry><ulink url="VPN.htm">VPN Passthrough</ulink></entry> <entry><ulink url="whitelisting_under_shorewall.htm">White List
Creation</ulink></entry>
</row> </row>
<row> <row>
@ -271,8 +271,8 @@
<entry><ulink url="PortKnocking.html">Port Knocking and Other Uses <entry><ulink url="PortKnocking.html">Port Knocking and Other Uses
of the 'Recent Match'</ulink></entry> of the 'Recent Match'</ulink></entry>
<entry><ulink url="whitelisting_under_shorewall.htm">White List <entry><ulink url="XenMyWay.html">Xen - Shorewall in a Bridged Xen
Creation</ulink></entry> DomU</ulink></entry>
</row> </row>
<row> <row>
@ -281,8 +281,8 @@
<entry><ulink url="PPTP.htm">PPTP</ulink></entry> <entry><ulink url="PPTP.htm">PPTP</ulink></entry>
<entry><ulink url="XenMyWay.html">Xen - Shorewall in a Bridged Xen <entry><ulink url="XenMyWay-Routed.html">Xen - Shorewall in Routed
DomU</ulink></entry> Xen Dom0</ulink></entry>
</row> </row>
<row> <row>
@ -291,8 +291,7 @@
<entry><ulink url="ProxyARP.htm">Proxy ARP</ulink></entry> <entry><ulink url="ProxyARP.htm">Proxy ARP</ulink></entry>
<entry><ulink url="XenMyWay-Routed.html">Xen - Shorewall in Routed <entry></entry>
Xen Dom0</ulink></entry>
</row> </row>
<row> <row>
@ -324,8 +323,7 @@
</row> </row>
<row> <row>
<entry><ulink url="Shorewall_and_Kazaa.html">Kazaa <entry><ulink url="IPv6Support.html">IPv6 Support</ulink></entry>
Filtering</ulink></entry>
<entry><ulink url="Shorewall_and_Routing.html">Routing and <entry><ulink url="Shorewall_and_Routing.html">Routing and
Shorewall</ulink></entry> Shorewall</ulink></entry>
@ -334,8 +332,8 @@
</row> </row>
<row> <row>
<entry><ulink url="kernel.htm">Kernel <entry><ulink url="Shorewall_and_Kazaa.html">Kazaa
Configuration</ulink></entry> Filtering</ulink></entry>
<entry><ulink url="Multiple_Zones.html">Routing on One <entry><ulink url="Multiple_Zones.html">Routing on One
Interface</ulink></entry> Interface</ulink></entry>
@ -343,11 +341,21 @@
<entry></entry> <entry></entry>
</row> </row>
<row>
<entry><ulink url="kernel.htm">Kernel
Configuration</ulink></entry>
<entry><ulink url="samba.htm">Samba</ulink></entry>
<entry></entry>
</row>
<row> <row>
<entry><ulink url="KVM.html">KVM (Kernel-mode Virtual <entry><ulink url="KVM.html">KVM (Kernel-mode Virtual
Machine)</ulink></entry> Machine)</ulink></entry>
<entry><ulink url="samba.htm">Samba</ulink></entry> <entry><ulink url="ScalabilityAndPerformance.html">Scalability and
Performance</ulink></entry>
<entry></entry> <entry></entry>
</row> </row>
@ -355,4 +363,4 @@
</tgroup> </tgroup>
</informaltable> </informaltable>
</section> </section>
</article> </article>

8
docs/FAQ.xml
View File

@ -2176,6 +2176,14 @@ We have an error talking to the kernel
url="http://linuxman.wikispaces.com/Clustering+Shorewall">This article url="http://linuxman.wikispaces.com/Clustering+Shorewall">This article
by Paul Gear</ulink> should help you get started.</para> by Paul Gear</ulink> should help you get started.</para>
</section> </section>
<section id="faq80">
<title>(FAQ 80) Does Shorewall support IPV6?</title>
<para>Answer: <ulink url="IPv6Support.html">Shorewall IPv6
support</ulink> is currently available in the <ulink
url="ReleaseModel.html">development releases</ulink>.</para>
</section>
</section> </section>
<section id="RFC1918"> <section id="RFC1918">

42
docs/IPv6Support.xml
View File

@ -108,37 +108,37 @@
<filename>/etc/shorewall/shorewall.conf</filename>. When configuring <filename>/etc/shorewall/shorewall.conf</filename>. When configuring
Shorewall6, you will want to set DISABLE_IPV6=No and restart Shorewall Shorewall6, you will want to set DISABLE_IPV6=No and restart Shorewall
or Shorewall-lite.</para> or Shorewall-lite.</para>
</section>
<section> <section>
<title>TC_ENABLED</title> <title>TC_ENABLED</title>
<para>The other area where their configurations overlap is in <para>The other area where their configurations overlap is in traffic
traffic shaping; the <filename>tcdevices</filename> and tcclasses shaping; the <filename>tcdevices</filename> and tcclasses files do
files do exactly the same thing in both Shorewall and Shorewall6. exactly the same thing in both Shorewall and Shorewall6. Consequently,
Consequently, you will have TC_ENABLED=Internal in Shorewall or in you will have TC_ENABLED=Internal in Shorewall or in Shorewall6 and
Shorewall6 and TC_ENABLED=No in the other product. Also, you will TC_ENABLED=No in the other product. Also, you will want CLEAR_TC=No in
want CLEAR_TC=No in the configuration with TC_ENABLED=No.</para> the configuration with TC_ENABLED=No.</para>
<para>Regardless of which product has TC_ENABLED=Internal:</para> <para>Regardless of which product has TC_ENABLED=Internal:</para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>IPv4 packet marking is controlled by <para>IPv4 packet marking is controlled by
/etc/shorewall/tcrules</para> /etc/shorewall/tcrules</para>
</listitem> </listitem>
<listitem> <listitem>
<para>IPv6 packet marking is controlled by <para>IPv6 packet marking is controlled by
/etc/shorewall6/tcrules</para> /etc/shorewall6/tcrules</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</section>
</section> </section>
</section> </section>
</section> </section>
<section> <section>
<title>Shorewall6 Differences from Shoreawall</title> <title>Shorewall6 Differences from Shorewall</title>
<para>Configuring Shorewall6 is very similar to configuring Shorewall with <para>Configuring Shorewall6 is very similar to configuring Shorewall with
some notable exceptions:</para> some notable exceptions:</para>