forked from extern/shorewall_code
Doc updates
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
8927e62047
commit
3e6aae75d8
@ -17,7 +17,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2004-11-24</pubdate>
|
<pubdate>2004-12-04</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2001-2004</year>
|
<year>2001-2004</year>
|
||||||
@ -907,6 +907,21 @@ LOGBURST=""</programlisting>
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>@<source>2<dest></term>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>You have a policy for traffic from <<emphasis
|
||||||
|
role="bold">source</emphasis>> to <<emphasis
|
||||||
|
role="bold">dest</emphasis>> that specifies TCP connection rate
|
||||||
|
limiting (value in the LIMIT:BURST column). The logged packet
|
||||||
|
exceeds that limit and was dropped. Note that these log messages
|
||||||
|
themselves are severely rate-limited so that a syn-flood won't
|
||||||
|
generate a secondary DOS because of excessive log message. These
|
||||||
|
log messages were added in Shorewall 2.2.0 Beta 7.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><interface>_mac</term>
|
<term><interface>_mac</term>
|
||||||
|
|
||||||
|
|||||||
@ -13,7 +13,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2004-11-12</pubdate>
|
<pubdate>2004-12-02</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2001-2004</year>
|
<year>2001-2004</year>
|
||||||
@ -90,6 +90,28 @@
|
|||||||
<section>
|
<section>
|
||||||
<title>Problems in Version 2.0</title>
|
<title>Problems in Version 2.0</title>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<title>Shorewall 2.0.12</title>
|
||||||
|
|
||||||
|
<itemizedlist>
|
||||||
|
<listitem>
|
||||||
|
<para>The "shorewall add" command produces the error message:</para>
|
||||||
|
|
||||||
|
<programlisting>/usr/share/shorewall/firewall: line 1: match_destination_hosts: command not found</programlisting>
|
||||||
|
|
||||||
|
<para>You can correct the problem yourself by editing
|
||||||
|
/usr/share/shorewall/firewall and on line 5805, replace <emphasis
|
||||||
|
role="bold">match_destination_hosts</emphasis> with <emphasis
|
||||||
|
role="bold">match_dest_hosts</emphasis>.</para>
|
||||||
|
</listitem>
|
||||||
|
</itemizedlist>
|
||||||
|
|
||||||
|
<para>Corrected in <ulink
|
||||||
|
url="http://shorewall.net/pub/shorewall/errata/2.0.12/firewall">this
|
||||||
|
firewall script</ulink> which may be installed in
|
||||||
|
/usr/share/shorewall/firewall as described above.</para>
|
||||||
|
</section>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<title>Shorewall 2.0.10</title>
|
<title>Shorewall 2.0.10</title>
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user