forked from extern/shorewall_code
changed from numbered sect1 tags to recursive section tags
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@927 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
mhnoyes
parent
9817fcf588
commit
3aa0c59c48
@ -20,7 +20,7 @@
|
||||
</legalnotice>
|
||||
</articleinfo>
|
||||
|
||||
<sect1>
|
||||
<section>
|
||||
<title>Important</title>
|
||||
<para>
|
||||
It is important that you read all of the sections on this page where the version number mentioned in the section title is later than what you are currently running.
|
||||
@ -45,8 +45,8 @@
|
||||
<para>
|
||||
You can use the <command moreinfo="none">shorewall check</command> command to see the groups associated with each of your zones.
|
||||
</para>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.4.8</title>
|
||||
<itemizedlist mark="bullet">
|
||||
<listitem>
|
||||
@ -55,8 +55,8 @@
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.4.6</title>
|
||||
<itemizedlist mark="bullet">
|
||||
<listitem>
|
||||
@ -77,20 +77,20 @@ zone eth1:192.168.1.0/24,192.168.2.0/24
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.4.4</title>
|
||||
<para>
|
||||
If you are upgrading from 1.4.3 and have set the <varname>LOGMARKER</varname> variable in <filename class="directory">/etc/shorewall/</filename><filename>shorewall.conf</filename>, then you must set the new <varname>LOGFORMAT</varname> variable appropriately and remove your setting of <varname>LOGMARKER</varname>.
|
||||
</para>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version 1.4.4</title>
|
||||
<para>
|
||||
If you have zone names that are 5 characters long, you may experience problems starting Shorewall because the <option>--log-prefix</option> in a logging rule is too long. Upgrade to Version 1.4.4a to fix this problem.
|
||||
</para>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.4.2</title>
|
||||
<para>
|
||||
There are some cases where you may want to handle traffic from a particular group to itself. While I personally think that such a setups are ridiculous, there are two cases covered in this documentation where it can occur:
|
||||
@ -110,8 +110,8 @@ zone eth1:192.168.1.0/24,192.168.2.0/24
|
||||
|
||||
If you have either of these cases, you will want to review the current documentation and change your configuration accordingly.
|
||||
</para>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.4.1</title>
|
||||
<itemizedlist mark="bullet">
|
||||
<listitem>
|
||||
@ -166,8 +166,8 @@ z2 z1 NONE
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version 1.4.1</title>
|
||||
<itemizedlist mark="bullet">
|
||||
<listitem>
|
||||
@ -176,8 +176,8 @@ z2 z1 NONE
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.4.0</title>
|
||||
<important>
|
||||
<para>
|
||||
@ -248,8 +248,8 @@ error: failed dependencies:iproute is needed by shorewall-1.4.0-1
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</para>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version 1.4.0</title>
|
||||
<itemizedlist mark="bullet">
|
||||
<listitem>
|
||||
@ -270,8 +270,8 @@ error: failed dependencies:iproute is needed by shorewall-1.4.0-1
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.3.14</title>
|
||||
<para>
|
||||
Beginning in version 1.3.14, Shorewall treats entries in <filename class="directory">/etc/shorewall/</filename><filename>masq</filename> differently. The change involves entries with an <emphasis role="bold">interface name</emphasis> in the <varname>SUBNET</varname> (second) <emphasis role="bold">column</emphasis>:
|
||||
@ -340,8 +340,8 @@ eth0 192.168.1.0/24 206.124.146.176
|
||||
</programlisting>
|
||||
Version 1.3.14 also introduced simplified ICMP echo-request (ping) handling. The option <varname>OLD_PING_HANDLING=Yes</varname> in <filename class="directory">/etc/shorewall/</filename><filename>shorewall.conf</filename> is used to specify that the old (pre-1.3.14) ping handling is to be used (If the option is not set in your <filename class="directory">/etc/shorewall/</filename>shorewall.conf then <varname>OLD_PING_HANDLING=Yes</varname> is assumed). I don't plan on supporting the old handling indefinitely so I urge current users to migrate to using the new handling as soon as possible. See the 'Ping' handling documentation for details.
|
||||
</para>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version 1.3.10</title>
|
||||
<itemizedlist mark="bullet">
|
||||
<listitem>
|
||||
@ -353,8 +353,8 @@ rpm -Uvh --force shorewall-1.3.10-1.noarch.rpm
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.3.9</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -363,8 +363,8 @@ rpm -Uvh --force shorewall-1.3.10-1.noarch.rpm
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.3.8</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -373,8 +373,8 @@ rpm -Uvh --force shorewall-1.3.10-1.noarch.rpm
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.3.7</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -391,8 +391,8 @@ run_iptables -A icmpdef -p ICMP --icmp-type parameter-problem -j ACCEPT
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Upgrading Bering to Shorewall >= 1.3.3</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -427,8 +427,8 @@ ACCEPT loc fw tcp 80
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version 1.3.6 and 1.3.7</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -461,8 +461,8 @@ run_iptables -A common -p tcp --tcp-flags ACK,FIN,RST ACK -j ACCEPT
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Versions >= 1.3.5</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -491,8 +491,8 @@ REDIRECT loc 3128 tcp 80
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
<sect1>
|
||||
</section>
|
||||
<section>
|
||||
<title>Version >= 1.3.2</title>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -501,5 +501,5 @@ REDIRECT loc 3128 tcp 80
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</sect1>
|
||||
</section>
|
||||
</article>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user