forked from extern/shorewall_code
Add warning about default routes to multi-interface HOWTOs
This commit is contained in:
parent
5b02ef68a5
commit
c1001d7cc9
@ -460,6 +460,12 @@ root@lists:~# </programlisting>
|
||||
against</emphasis>.</para>
|
||||
</caution>
|
||||
|
||||
<caution>
|
||||
<para><emphasis role="bold">Do not configure a default route on your
|
||||
internal and DMZ interfaces.</emphasis> Your firewall should have
|
||||
exactly one default route via your ISP's Router.</para>
|
||||
</caution>
|
||||
|
||||
<para><inlinegraphic fileref="images/BD21298_.gif" format="GIF" /></para>
|
||||
|
||||
<para>The Shorewall three-interface sample configuration assumes that the
|
||||
@ -1135,4 +1141,4 @@ ACCEPT net $FW tcp 80 </programlisting><it
|
||||
url="starting_and_stopping_shorewall.htm">Operating Shorewall and
|
||||
Shorewall Lite</ulink> contains a lot of useful operational hints.</para>
|
||||
</section>
|
||||
</article>
|
||||
</article>
|
||||
|
@ -418,6 +418,10 @@ root@lists:~# </programlisting>
|
||||
for all interfaces connected to the common hub/switch. <emphasis
|
||||
role="bold">Using such a setup with a production firewall is strongly
|
||||
recommended against</emphasis>.</para>
|
||||
</warning><warning>
|
||||
<para><emphasis role="bold">Do not configure a default route on your
|
||||
internal interface.</emphasis> Your firewall should have exactly one
|
||||
default route via your ISP's Router.</para>
|
||||
</warning> <inlinegraphic fileref="images/BD21298_.gif"
|
||||
format="GIF" /></para>
|
||||
|
||||
@ -1142,4 +1146,4 @@ eth0 wlan0</programlisting>
|
||||
requires the rules listed in the <ulink url="samba.htm">Shorewall/Samba
|
||||
documentation</ulink>.</para>
|
||||
</section>
|
||||
</article>
|
||||
</article>
|
||||
|
Loading…
Reference in New Issue
Block a user