holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Remove anachronistic LEAF/Bering reference from the setup guide

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3072 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-11-26 19:28:44 +00:00
parent c5a49a7be6
commit 5b89260fbb
1 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Shorewall-docs2/shorewall_setup_guide.xml
View File

@ -53,19 +53,15 @@
necessary.</para> necessary.</para>
<caution> <caution>
<para>If you run LEAF Bering, your Shorewall configuration is NOT what I <para>Shorewall requires that the iproute/iproute2 package be installed
release -- I suggest that you consider installing a stock Shorewall lrp (on RedHat, the package is called iproute). You can tell if this package
from the shorewall.net site before you proceed. Shorewall requires that is installed by the presence of an <emphasis role="bold">ip</emphasis>
the iproute/iproute2 package be installed (on RedHat, the package is program on your firewall system. As root, you can use the
called iproute). You can tell if this package is installed by the <quote>which</quote> command to check for this program:</para>
presence of an <emphasis role="bold">ip</emphasis> program on your
firewall system. As root, you can use the <quote>which</quote> command
to check for this program:</para>
<programlisting>[root@gateway root]# <command>which ip</command> <programlisting>[root@gateway root]# <command>which ip</command>
/sbin/ip /sbin/ip
[root@gateway root]# [root@gateway root]#</programlisting>
</programlisting>
<para>I recommend that you first read through the guide to familiarize <para>I recommend that you first read through the guide to familiarize
yourself with what's involved then go back through it again making your yourself with what's involved then go back through it again making your
@ -252,7 +248,7 @@ dmz ipv4</programlisting>
A to the firewall and are also allowed from the firewall to zone B A to the firewall and are also allowed from the firewall to zone B
<emphasis role="bold">DOES NOT mean that these connections are allowed <emphasis role="bold">DOES NOT mean that these connections are allowed
from zone A to zone B</emphasis> (in other words, policies and rules from zone A to zone B</emphasis> (in other words, policies and rules
involving the firewall zone are not transitive). It rather means that you involving the firewall zone are not transitibe). It rather means that you
can have a proxy running on the firewall that accepts a connection from can have a proxy running on the firewall that accepts a connection from
zone A and then establishes its own separate connection from the firewall zone A and then establishes its own separate connection from the firewall
to zone B.</para> to zone B.</para>