Fix more %0 bugs in the samples

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@49 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Samples/one-interface/common

@@ -1,7 +1,7 @@
 #
 # Include the standard common.def file
 #
-. common.def
+. /etc/shorewall/common.def
 #
 # The following rule is non-standard and compensates for tardy
 # DNS replies

Samples/three-interfaces/common

@@ -1,7 +1,7 @@
 #
 # Include the standard common.def file
 #
-. common.def
+. /etc/shorewall/common.def
 #
 # The following rule is non-standard and compensates for tardy
 # DNS replies

Samples/three-interfaces/rules

@@ -167,14 +167,13 @@ ACCEPT	loc	  dmz			tcp	22
 ACCEPT	dmz       net			tcp	53	
 ACCEPT	dmz	  net			udp	53
 #
-# Make ping work
+# Make ping work between the DMZ, net and local zone (assumes that the loc->
+# net policy is ACCEPT).
 #
-ACCEPT		fw	  loc		icmp	8
-ACCEPT		loc	  fw		icmp	8
 ACCEPT		loc	  dmz           icmp    8
 ACCEPT		dmz	  loc		icmp	8
-ACCEPT		dmz	  fw		icmp	8
+ACCEPT		dmz	  net		icmp	8
-ACCEPT		fw	  dmz		icmp	8
+ACCEPT		net	  dmz		icmp	8 # Only with Proxy ARP and
-ACCEPT		fw	  net		icmp	8
+ACCEPT		net	  loc		icmp	8 # static NAT
 
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Samples/two-interfaces/common

@@ -1,7 +1,7 @@
 #
 # Include the standard common.def file
 #
-. common.def
+. /etc/shorewall/common.def
 #
 # The following rule is non-standard and compensates for tardy
 # DNS replies

Samples/two-interfaces/rules

@@ -154,16 +154,10 @@
 # Accept DNS connections from the firewall to the network
 #
 ACCEPT		fw	  net		tcp	53
-ACCEPT		net	  net		udp	53
+ACCEPT		fw	  net		udp	53
 #
 # Accept SSH connections from the local network for administration
 #
-ACCEPT		loc	  net		tcp	22
+ACCEPT		loc	  fw		tcp	22
-#
-# Make ping work
-#
-ACCEPT		fw	  loc		icmp	8
-ACCEPT		loc	  fw		icmp	8
-ACCEPT		fw	  net		icmp	8
 
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE