From 15a88f962fdf4e363e146422427fc263511192ef Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Thu, 14 Jul 2011 07:48:51 -0700 Subject: [PATCH] Add a FAQ regarding $FW Signed-off-by: Tom Eastep --- docs/FAQ.xml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/docs/FAQ.xml b/docs/FAQ.xml index 5e9e55c4f..b7e6ff651 100644 --- a/docs/FAQ.xml +++ b/docs/FAQ.xml @@ -2816,5 +2816,39 @@ EXT_IF:192.168.1.1 0.0.0.0/0 192.168.1.254 If you simply want to allow all traffic between ports, then see http://www.shorewall.net/SimpleBridge.html. + +
+ (FAQ 95) What is this $FW that I see in the configuration files + and documentation? + + Answer: FW is a shell variable + that expands to the name that you gave to the firewall zone in shorewall-zones(5). The + default name for the firewall zone is fw: + + #ZONE TYPE OPTIONS +fw firewall + + So, using the default or sample configurations, writing $FW is the same as writing fw. If you give the firewall zone a different + name, gate for example, then writing + $FW would be the same as writing + gate. + + #ZONE TYPE OPTIONS +gate firewall + +
+ Why was that done? + + Answer: The firewall zone has + special semantics, so having a way to refer to it in a + configuration-independent way makes writing the documentation, + examples, macros, etc. easier. +
+