forked from extern/shorewall_code
bridge ->minor edit. I added in samba.xml a quick note suggested by an user about the windows xp firewall ..
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2755 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
07f609f993
commit
b25040c8d1
@ -36,16 +36,22 @@
|
|||||||
</legalnotice>
|
</legalnotice>
|
||||||
</articleinfo>
|
</articleinfo>
|
||||||
|
|
||||||
|
<caution>
|
||||||
|
<para><emphasis role="bold">This article applies to Shorewall 3.0 and
|
||||||
|
later. If you are running a version of Shorewall earlier than Shorewall
|
||||||
|
3.0.0 then please see the documentation for that
|
||||||
|
release.</emphasis></para>
|
||||||
|
</caution>
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<title>Background</title>
|
<title>Background</title>
|
||||||
|
|
||||||
<para>Systems where Shorewall runs normally function as
|
<para>Systems where Shorewall runs normally function as
|
||||||
<firstterm>routers</firstterm>. In the context of the Open System
|
<firstterm>routers</firstterm>. In the context of the Open System
|
||||||
Interconnect (OSI) reference model, a router operates at layer 3.
|
Interconnect (OSI) reference model, a router operates at layer 3,
|
||||||
Beginning with Shorewall version 2.0.1, Shorewall may also be deployed on
|
Shorewall may also be deployed on a GNU Linux System that acts as a
|
||||||
a GNU Linux System that acts as a <firstterm>bridge</firstterm>. Bridges
|
<firstterm>bridge</firstterm>. Bridges are layer-2 devices in the OSI
|
||||||
are layer-2 devices in the OSI model (think of a bridge as an ethernet
|
model (think of a bridge as an ethernet switch).</para>
|
||||||
switch).</para>
|
|
||||||
|
|
||||||
<para>Some differences between routers and bridges are:</para>
|
<para>Some differences between routers and bridges are:</para>
|
||||||
|
|
||||||
@ -100,10 +106,6 @@
|
|||||||
<para>You must have the bridge utilities (bridge-utils) package
|
<para>You must have the bridge utilities (bridge-utils) package
|
||||||
installed.</para>
|
installed.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>You must be running Shorewall 2.0.1 Beta 1 or later.</para>
|
|
||||||
</listitem>
|
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
|
|
||||||
<para>Note that if you need a bridge but do not need to restrict the
|
<para>Note that if you need a bridge but do not need to restrict the
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2005-09-16</pubdate>
|
<pubdate>2005-09-30</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2002-2005</year>
|
<year>2002-2005</year>
|
||||||
@ -34,6 +34,13 @@
|
|||||||
</legalnotice>
|
</legalnotice>
|
||||||
</articleinfo>
|
</articleinfo>
|
||||||
|
|
||||||
|
<caution>
|
||||||
|
<para><emphasis role="bold">This article applies to Shorewall 3.0 and
|
||||||
|
later. If you are running a version of Shorewall earlier than Shorewall
|
||||||
|
3.0.0 then please see the documentation for that
|
||||||
|
release.</emphasis></para>
|
||||||
|
</caution>
|
||||||
|
|
||||||
<para>If you wish to run Samba on your firewall and access shares between
|
<para>If you wish to run Samba on your firewall and access shares between
|
||||||
the firewall and local hosts, you need the following rules:</para>
|
the firewall and local hosts, you need the following rules:</para>
|
||||||
|
|
||||||
@ -50,9 +57,9 @@ SMB/ACCEPT Z1 Z2
|
|||||||
SMB/ACCEPT Z2 Z1</programlisting>
|
SMB/ACCEPT Z2 Z1</programlisting>
|
||||||
|
|
||||||
<para>To make network browsing (<quote>Network Neighborhood</quote>) work
|
<para>To make network browsing (<quote>Network Neighborhood</quote>) work
|
||||||
properly between Z1 and Z2 requires a Windows Domain Controller and/or a
|
properly between Z1 and Z2 <emphasis role="bold">requires a Windows Domain
|
||||||
WINS server. I have run Samba on my firewall to handle browsing between two
|
Controller and/or a WINS server.</emphasis> I have run Samba on my firewall
|
||||||
zones connected to my firewall.</para>
|
to handle browsing between two zones connected to my firewall.</para>
|
||||||
|
|
||||||
<para>When debugging Samba/SMB problems, I recommend that you do the
|
<para>When debugging Samba/SMB problems, I recommend that you do the
|
||||||
following:</para>
|
following:</para>
|
||||||
@ -79,6 +86,9 @@ SMB/ACCEPT Z2 Z1</programlisting>
|
|||||||
<para>The above steps will cause SMB traffic that is dropped or rejected by
|
<para>The above steps will cause SMB traffic that is dropped or rejected by
|
||||||
policy to be logged rather than handled silently.</para>
|
policy to be logged rather than handled silently.</para>
|
||||||
|
|
||||||
|
<para>If you are using <trademark>Windows XP</trademark> to test your
|
||||||
|
setup,make you sure you have a properly configured client firewall .</para>
|
||||||
|
|
||||||
<para>You can just remove the copies and <command>shorewall
|
<para>You can just remove the copies and <command>shorewall
|
||||||
restart</command> when you are finished debugging.</para>
|
restart</command> when you are finished debugging.</para>
|
||||||
</article>
|
</article>
|
Loading…
Reference in New Issue
Block a user