diff --git a/Shorewall-docs/shorewall_setup_guide.xml b/Shorewall-docs/shorewall_setup_guide.xml
index 480dd2409..1a36cf29c 100644
--- a/Shorewall-docs/shorewall_setup_guide.xml
+++ b/Shorewall-docs/shorewall_setup_guide.xml
@@ -42,7 +42,7 @@
give you general guidelines and will point you to other resources as
necessary.
-
+
If you run LEAF Bering, your Shorewall configuration is NOT what I
@@ -63,7 +63,7 @@
yourself with what's involved then go back through it again making
your configuration changes. Points at which configuration changes are
recommended are flagged with .
+ fileref="images/BD21298_.gif" />.
@@ -140,14 +140,14 @@
Zones are defined in the file /etc/shorewall/zones.
Shorewall also recognizes the firewall system as its own zone - by
- default, the firewall itself is known as fw but that may be changed in the
- /etc/shorewall/shorewall.conf
- file. In this guide, the default name (fw) will be used. With the
- exception of fw, Shorewall attaches
- absolutely no meaning to zone names. Zones are entirely what YOU make of
- them. That means that you should not expect Shorewall to do something
- special "because this is the internet zone" or "because that
- is the DMZ".
+ default, the firewall itself is known as fw
+ but that may be changed in the /etc/shorewall/shorewall.conf
+ file. In this guide, the default name (fw)
+ will be used. With the exception of fw,
+ Shorewall attaches absolutely no meaning to zone names. Zones are entirely
+ what YOU make of them. That means that you should not expect Shorewall to
+ do something special "because this is the internet zone" or
+ "because that is the DMZ".
Edit the
/etc/shorewall/zones file and make any changes necessary.
@@ -168,7 +168,7 @@
- Shorewall is built on top of the Shorewall is built on top of the Netfilter kernel facility.
Netfilter implements a connection
@@ -187,13 +187,13 @@
- If the POLICY from the client's zone to the server's
+ If the POLICY from the client's zone to the server's
zone is what you want for this client/server pair, you need do nothing
further.
- If the POLICY is not what you want, then you must add a rule.
+ If the POLICY is not what you want, then you must add a rule.
That rule is expressed in terms of the client's zone and the
server's zone.
@@ -1066,7 +1066,7 @@
Otherwise, the above steps are repeated on the next entry in
- the table.
+ the table.
@@ -1118,7 +1118,7 @@
the card itself. Because IP uses IP addresses and Ethernet uses MAC
addresses, a mechanism is required to translate an IP address into a MAC
address; that is the purpose of the Address Resolution
- Protocol (ARP). Here is ARP in action:
+ Protocol (ARP). Here is ARP in action:
[root@gateway root]# tcpdump -nei eth2 arp
tcpdump: listening on eth2
@@ -1184,7 +1184,7 @@
their private use.
When selecting addresses from these ranges, there's a couple
- of things to keep in mind:
+ of things to keep in mind:
@@ -1286,7 +1286,7 @@
The astute reader may have noticed that the Firewall/Router's
external interface is actually part of the DMZ subnet (192.0.2.64/29).
What if DMZ 1 (192.0.2.67) tries to communicate with 192.0.2.65? The
- routing table on DMZ 1 will look like this:
+ routing table on DMZ 1 will look like this:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
@@ -1329,7 +1329,7 @@
Clearly, that set of addresses doesn't comprise a subnetwork
and there aren't enough addresses for all of the network interfaces.
There are four different techniques that can be used to work around this
- problem.
+ problem.
@@ -2302,7 +2302,7 @@ role="underline">0:4:e2:20:20:33 0:0:77:95:dd:19 ip 98: 192.0.2.177 &
modified from the original installation are shown.
/etc/shorewall/interfaces (The "options" will be very
- site-specific).
+ site-specific).
@@ -2871,7 +2871,7 @@ role="underline">0:4:e2:20:20:33 0:0:77:95:dd:19 ip 98: 192.0.2.177 &
Let's have the DNS server on 192.0.2.177 which will also be known by
the name ns1.foobar.net.
- The /etc/named.conf file would look like this:
+ The /etc/named.conf file would look like this:
diff --git a/Shorewall-docs/template.xml b/Shorewall-docs/template.xml
new file mode 100644
index 000000000..fbf649033
--- /dev/null
+++ b/Shorewall-docs/template.xml
@@ -0,0 +1,43 @@
+
+
+
+
+
+
+
+
+ Tom
+
+ Eastep
+
+
+
+ YYYY-MM-DD
+
+
+ 2001
+
+ 2002
+
+ 2003
+
+ Thomas M. Eastep
+
+
+
+ Permission is granted to copy, distribute and/or modify this
+ document under the terms of the GNU Free Documentation License, Version
+ 1.2 or any later version published by the Free Software Foundation; with
+ no Invariant Sections, with no Front-Cover, and with no Back-Cover
+ Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".
+
+
+
+
+
\ No newline at end of file