From 35a18313fc31a947fa8b554b699ed248b0d5d615 Mon Sep 17 00:00:00 2001 From: teastep Date: Sat, 23 Nov 2002 18:40:29 +0000 Subject: [PATCH] Add comments about 'lo' and 'fw->fw' in config files git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@335 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/interfaces | 2 ++ Shorewall/policy | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/Shorewall/interfaces b/Shorewall/interfaces index 8ac277fa7..595d49581 100644 --- a/Shorewall/interfaces +++ b/Shorewall/interfaces @@ -20,6 +20,8 @@ # an alias (e.g., eth0:0) here; see # http://www.shorewall.net/FAQ.htm#faq18 # +# DO NOT DEFINE THE LOOPBACK INTERFACE (lo) IN THIS FILE. +# # BROADCAST The broadcast address for the subnetwork to which the # interface belongs. For P-T-P interfaces, this # column is left black.If the interface has multiple diff --git a/Shorewall/policy b/Shorewall/policy index 4b144d54e..6c6ba0fbe 100644 --- a/Shorewall/policy +++ b/Shorewall/policy @@ -17,6 +17,10 @@ # DEST Destination zone. Must be the name of a zone defined # in /etc/shorewall/zones, $FW or "all" # +# WARNING: Firewall->Firewall policies are not allowed; if +# you have a policy where both SOURCE and DEST are $FW, +# Shorewall will not start! +# # POLICY Policy if no match from the rules file is found. Must # be "ACCEPT", "DROP", "REJECT" or "CONTINUE" #