From 881577cbdadf728f9c0745457d1bf7d9f34c1670 Mon Sep 17 00:00:00 2001 From: teastep Date: Sat, 21 May 2005 02:26:25 +0000 Subject: [PATCH] Add crossbeam support git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2153 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-docs2/Documentation.xml | 55 ++++++++++++++++++++++++++++--- 1 file changed, 50 insertions(+), 5 deletions(-) diff --git a/Shorewall-docs2/Documentation.xml b/Shorewall-docs2/Documentation.xml index 1ebca43ae..c0bb1644c 100644 --- a/Shorewall-docs2/Documentation.xml +++ b/Shorewall-docs2/Documentation.xml @@ -15,7 +15,7 @@ - 2005-04-29 + 2005-05-20 2001-2005 @@ -350,6 +350,24 @@ actions included as a standard part of Shorewall. + + + providers + + + file in /etc/shorewall that is used to define multiple + Internet Service Providers and load-balancing. + + + + + routes + + + file in /etc/shorewall that is used to interface to the + experimental ROUTE target from Netfilter patch-o-matic-ng. + + @@ -2970,10 +2988,11 @@ eth0 eth1 206.124.146.176 state. When ADMINISABSENTMINDES=No, only traffic to/from those addresses listed in /etc/shorewall/routestopped is accepted when Shorewall is stopped.When ADMINISABSENTMINDED=Yes, in addition - to traffic to/from addresses in /etc/shorewall/routestopped, - connections that were active when Shorewall stopped continue to work - and all new connections from the firewall system itself are allowed. - If this variable is not set or is given the empty value then + to traffic to/from addresses in + /etc/shorewall/routestopped, connections that + were active when Shorewall stopped continue to work and all new + connections from the firewall system itself are allowed. If this + variable is not set or is given the empty value then ADMINISABSENTMINDED=No is assumed. @@ -3521,6 +3540,32 @@ LOGBURST=5 the started state. The default value is no. + + + CROSSBEAM and CROSSBEAM_BACKBONE + + + (Added in Shorewall 2.4.0) — If Shorewall is running in a + Crossbeam System (http://www.crossbeamsystems.com) + you need to activate this directive if you don't want the CPM to + think the system is down and send a reset signal. Also Crossbeam has + a backplane chassis that needs to be configured in such a way that + it accepts all traffic continuously. If CROSSBEAM=Yes, then during a + Shorewall start, restart or clear instead of setting default + policies to DROP and then activating established connections, + Shorewall will first set default policies to ACCEPT, activate + established connections and then sets the default policies to DROP. + After that, Shorewall starts generating rules as usual. + + If CROSSBEAM=No, CROSSBEAM_BACKBONE is not used. If + CROSSBEAM_BACKBONE is set to Yes, CROSSBEAM_BACKBONE indicates the + network interface used by the backbone. + + If not specified or if specified as empty (e.g., CROSSBEAM="") + then CROSSBEAM=No is assumed. + +