forked from extern/shorewall_code
fixed quotes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@940 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
06516f33b5
commit
8e9dc1fcc3
@ -32,8 +32,8 @@
|
||||
document under the terms of the GNU Free Documentation License, Version
|
||||
1.2 or any later version published by the Free Software Foundation; with
|
||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
||||
Texts. A copy of the license is included in the section entitled "<ulink
|
||||
url="GnuCopyright.htm">GNU Free Documentation License</ulink>".</para>
|
||||
Texts. A copy of the license is included in the section entitled <quote><ulink
|
||||
url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
|
||||
</legalnotice>
|
||||
</articleinfo>
|
||||
|
||||
@ -61,7 +61,7 @@
|
||||
<para>We want systems in the 2002:100:333::/64 subnetwork to be able to
|
||||
communicate with the systems in the 2002:488:999::/64 network. This is
|
||||
accomplished through use of the /etc/shorewall/tunnels file and the
|
||||
"ip" utility for network interface and routing configuration.</para>
|
||||
<quote>ip</quote> utility for network interface and routing configuration.</para>
|
||||
|
||||
<para>Unlike GRE and IPIP tunneling, the /etc/shorewall/policy,
|
||||
/etc/shorewall/interfaces and /etc/shorewall/zones files are not used.
|
||||
|
@ -30,8 +30,8 @@
|
||||
document under the terms of the GNU Free Documentation License, Version
|
||||
1.2 or any later version published by the Free Software Foundation; with
|
||||
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
||||
Texts. A copy of the license is included in the section entitled "<ulink
|
||||
url="GnuCopyright.htm">GNU Free Documentation License</ulink>".</para>
|
||||
Texts. A copy of the license is included in the section entitled <quote><ulink
|
||||
url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
|
||||
</legalnotice>
|
||||
</articleinfo>
|
||||
|
||||
@ -163,7 +163,7 @@
|
||||
connections, from the outside, these would fail and I could not
|
||||
understand why. Eventually, I changed the default route on the internal
|
||||
system I was trying to access, to point to the new firewall and
|
||||
"bingo", everything worked as expected. This oversight delayed
|
||||
<quote>bingo</quote>, everything worked as expected. This oversight delayed
|
||||
my deployment by a couple of days not to mention level of frustration it
|
||||
produced.</para>
|
||||
|
||||
@ -171,11 +171,11 @@
|
||||
system in the DMZ. Initially I forgot to remove the entry for the eth2
|
||||
from the /etc/shorewall/masq file. Once my file settings were correct, I
|
||||
started verifying that the ARP caches on the firewall, as well as the
|
||||
outside system "kaos", were showing the correct Ethernet MAC
|
||||
outside system <quote>kaos</quote>, were showing the correct Ethernet MAC
|
||||
address. However, in testing remote access, I could access the system in
|
||||
the DMZ only from the firewall and LAN but not from the Internet. The
|
||||
message I received was "connection denied" on all protocols.
|
||||
What I did not realize was that a "helpful" administrator that
|
||||
message I received was <quote>connection denied</quote> on all protocols.
|
||||
What I did not realize was that a <quote>helpful</quote> administrator that
|
||||
had turned on an old system and assigned the same address as the one I
|
||||
was using for Proxyarp without notifying me. How did I work this out. I
|
||||
shutdown the system in the DMZ, rebooted the router and flushed the ARP
|
||||
@ -255,7 +255,7 @@
|
||||
# L O G G I N G
|
||||
##############################################################################
|
||||
LOGFILE=/var/log/messages
|
||||
LOGFORMAT="Shorewall:%s:%s:"
|
||||
LOGFORMAT=<quote>Shorewall:%s:%s:</quote>
|
||||
LOGRATE=
|
||||
LOGBURST=
|
||||
LOGUNCLEAN=info
|
||||
@ -519,7 +519,7 @@ qt service ipsec start</programlisting>
|
||||
# Shorewall 1.4 -- /etc/shorewall/stop
|
||||
#
|
||||
# Add commands below that you want to be executed at the beginning of a
|
||||
# "shorewall stop" command.
|
||||
# <quote>shorewall stop</quote> command.
|
||||
#
|
||||
qt service ipsec stop</programlisting>
|
||||
</section>
|
||||
@ -531,7 +531,7 @@ qt service ipsec stop</programlisting>
|
||||
# Shorewall 1.4 -- /etc/shorewall/init
|
||||
#
|
||||
# Add commands below that you want to be executed at the beginning of
|
||||
# a "shorewall start" or "shorewall restart" command.
|
||||
# a <quote>shorewall start</quote> or <quote>shorewall restart</quote> command.
|
||||
#
|
||||
qt service ipsec stop</programlisting>
|
||||
</section>
|
||||
|
Loading…
Reference in New Issue
Block a user