Clean up links and add missing sections in Documentation.xml

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@847 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-12-14 17:14:58 +00:00
parent 53a9e87cd9
commit 6e49b4c848

View File

@ -14,11 +14,7 @@
</authorgroup> </authorgroup>
<copyright> <copyright>
<year>2001</year> <year>2001-2003</year>
<year>2002</year>
<year>2003</year>
<holder>Thomas M. Eastep</holder> <holder>Thomas M. Eastep</holder>
</copyright> </copyright>
@ -268,7 +264,7 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term>accounting</term> <term><ulink url="Accounting.html">accounting</ulink></term>
<listitem> <listitem>
<para>a parameter file in /etc/shorewall used to define traffic <para>a parameter file in /etc/shorewall used to define traffic
@ -298,7 +294,8 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term>actions and action.template</term> <term><ulink url="User_defined_Actions.html">actions and
action.template</ulink></term>
<listitem> <listitem>
<para>files in /etc/shorewall that allow you to define your own <para>files in /etc/shorewall that allow you to define your own
@ -321,8 +318,7 @@
<example> <example>
<title>shell variables</title> <title>shell variables</title>
<programlisting>NET_IF=eth0 <programlisting>NET_IF=eth0 NET_BCAST=130.252.100.255
NET_BCAST=130.252.100.255
NET_OPTIONS=blacklist,norfc1918</programlisting> NET_OPTIONS=blacklist,norfc1918</programlisting>
</example> </example>
@ -961,8 +957,7 @@ NET_OPTIONS=blacklist,norfc1918</programlisting>
<title>Your local interface is eth1 and you have two groups of local <title>Your local interface is eth1 and you have two groups of local
hosts that you want to make into separate zones:</title> hosts that you want to make into separate zones:</title>
<programlisting>192.168.1.0/25 <programlisting>192.168.1.0/25 192.168.1.128/</programlisting>
192.168.1.128/</programlisting>
<para>Your /etc/shorewall/interfaces file might look like:</para> <para>Your /etc/shorewall/interfaces file might look like:</para>
@ -1044,8 +1039,7 @@ NET_OPTIONS=blacklist,norfc1918</programlisting>
<title>You have local interface eth1 with two IP addresses - <title>You have local interface eth1 with two IP addresses -
192.168.1.1/24 and 192.168.12.1/24</title> 192.168.1.1/24 and 192.168.12.1/24</title>
<programlisting>192.168.1.0/25 <programlisting>192.168.1.0/25 192.168.1.128/25</programlisting>
192.168.1.128/25</programlisting>
<para>Your /etc/shorewall/interfaces file might look like:</para> <para>Your /etc/shorewall/interfaces file might look like:</para>
@ -2053,7 +2047,8 @@ NET_OPTIONS=blacklist,norfc1918</programlisting>
rule by optionally following ACCEPT, DNAT[-], REDIRECT[-] or LOG rule by optionally following ACCEPT, DNAT[-], REDIRECT[-] or LOG
with</para> with</para>
<programlisting>&#60; &#60;rate&#62;/&#60;interval&#62;[:&#60;burst&#62;] &#62;</programlisting> <programlisting>&#60;
&#60;rate&#62;/&#60;interval&#62;[:&#60;burst&#62;] &#62;</programlisting>
<para>where &#60;rate&#62; is the number of connections per <para>where &#60;rate&#62; is the number of connections per
&#60;interval&#62; (&#34;sec&#34; or &#34;min&#34;) and &#60;interval&#62; (&#34;sec&#34; or &#34;min&#34;) and
@ -2292,7 +2287,8 @@ NET_OPTIONS=blacklist,norfc1918</programlisting>
<example> <example>
<title></title> <title></title>
<programlisting>DNAT loc:<emphasis role="bold">192.168.1.0/24</emphasis> loc:192.168.1.3 tcp www - 206.124.146.179:192.168.1.3</programlisting> <programlisting>DNAT loc:<emphasis role="bold">192.168.1.0/24</emphasis>
loc:192.168.1.3 tcp www - 206.124.146.179:192.168.1.3</programlisting>
</example> </example>
</note> </note>
@ -2988,7 +2984,7 @@ NET_OPTIONS=blacklist,norfc1918</programlisting>
<para><ulink url="ports.htm">Look here for information on other services.</ulink></para> <para><ulink url="ports.htm">Look here for information on other services.</ulink></para>
</section> </section>
<section> <section id="Common" xreflabel="/etc/shorewall/common">
<title>/etc/shorewall/common</title> <title>/etc/shorewall/common</title>
<para>Shorewall allows definition of rules that apply between all zones. <para>Shorewall allows definition of rules that apply between all zones.
@ -3345,9 +3341,9 @@ NET_OPTIONS=blacklist,norfc1918</programlisting>
<title>You have public IP addresses 155.182.235.0/28. You configure your <title>You have public IP addresses 155.182.235.0/28. You configure your
firewall as follows:</title> firewall as follows:</title>
<programlisting>eth0 - 155.186.235.1 (internet connection) <programlisting>eth0 - 155.186.235.1 (internet connection) eth1 -
eth1 - 192.168.9.0/24 (masqueraded local systems) 192.168.9.0/24 (masqueraded local systems) eth2 - 192.168.10.1
eth2 - 192.168.10.1 (interface to your DMZ)</programlisting> (interface to your DMZ)</programlisting>
<para>In your DMZ, you want to install a Web/FTP server with public <para>In your DMZ, you want to install a Web/FTP server with public
address 155.186.235.4. On the Web server, you subnet just like the address 155.186.235.4. On the Web server, you subnet just like the
@ -3850,8 +3846,7 @@ eth2 - 192.168.10.1 (interface to your DMZ)</programlisting>
<example> <example>
<title></title> <title></title>
<programlisting>LOGRATE=10/minute <programlisting>LOGRATE=10/minute LOGBURST=5</programlisting>
LOGBURST=5</programlisting>
</example> </example>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -4078,7 +4073,8 @@ LOGBURST=5</programlisting>
<para>The <emphasis>loadmodule</emphasis> function is called as follows:</para> <para>The <emphasis>loadmodule</emphasis> function is called as follows:</para>
<programlisting>loadmodule &#60;<emphasis>modulename</emphasis>&#62; [ &#60;<emphasis>module parameters</emphasis>&#62; ]</programlisting> <programlisting>loadmodule &#60;<emphasis>modulename</emphasis>&#62; [
&#60;<emphasis>module parameters</emphasis>&#62; ]</programlisting>
<para>where</para> <para>where</para>
@ -4107,7 +4103,8 @@ LOGBURST=5</programlisting>
<emphasis>moduledirectory</emphasis>; if so, then the following command is <emphasis>moduledirectory</emphasis>; if so, then the following command is
executed:</para> executed:</para>
<programlisting>insmod <emphasis>moduledirectory</emphasis>/&#60;<emphasis>modulename</emphasis>&#62;.o &#60;<emphasis>module parameters</emphasis>&#62;</programlisting> <programlisting>insmod <emphasis>moduledirectory</emphasis>/&#60;<emphasis>modulename</emphasis>&#62;.o
&#60;<emphasis>module parameters</emphasis>&#62;</programlisting>
<para>If the file doesn&#39;t exist, the function determines of the <para>If the file doesn&#39;t exist, the function determines of the
&#34;.o.gz&#34; file corresponding to the module exists in the &#34;.o.gz&#34; file corresponding to the module exists in the
@ -4115,7 +4112,8 @@ LOGBURST=5</programlisting>
that the running configuration supports compressed modules and execute the that the running configuration supports compressed modules and execute the
following command:</para> following command:</para>
<programlisting>insmod <emphasis>moduledirectory</emphasis>/&#60;<emphasis>modulename</emphasis>&#62;.o.gz &#60;<emphasis>module parameters</emphasis>&#62;</programlisting> <programlisting>insmod <emphasis>moduledirectory</emphasis>/&#60;<emphasis>modulename</emphasis>&#62;.o.gz
&#60;<emphasis>module parameters</emphasis>&#62;</programlisting>
</section> </section>
<section id="TOS" xreflabel="/etc/shorewall/tos"> <section id="TOS" xreflabel="/etc/shorewall/tos">
@ -4326,8 +4324,7 @@ LOGBURST=5</programlisting>
<example> <example>
<title></title> <title></title>
<programlisting>130.252.100.69 <programlisting>130.252.100.69 206.124.146.0/24</programlisting>
206.124.146.0/24</programlisting>
</example> </example>
<para>Packets <emphasis role="bold">from</emphasis> hosts listed in the <para>Packets <emphasis role="bold">from</emphasis> hosts listed in the
@ -4510,4 +4507,18 @@ LOGBURST=5</programlisting>
<para>This file is described in the <ulink url="ECN.html">ECN Control <para>This file is described in the <ulink url="ECN.html">ECN Control
Documentation</ulink>.</para> Documentation</ulink>.</para>
</section> </section>
<section id="UserSets" xreflabel="/usr/shorewall/Users">
<title>/etc/shorewall/users and /etc/shorewall/usersets</title>
<para>These files are described in the<ulink url="UserSets.html">UID/GID-based
Rules Documentation</ulink> .</para>
</section>
<section id="Accounting" xreflabel="/usr/shorewall/accounting">
<title>/etc/shorewall/accounting</title>
<para>This file is described in the <ulink url="Accounting.html">Traffic
Accounting Documentation</ulink>.</para>
</section>
</article> </article>