holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add example of nat-only fix

Browse Source
This commit is contained in:
Tom Eastep 2009-09-06 14:03:36 -07:00
parent 70ebe17cb3
commit cf9bb616b8
1 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/LennyToSqueeze.xml
View File

@ -75,7 +75,7 @@
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>The compiler is very much faster</para> <para>The compiler is much faster</para>
</listitem> </listitem>
<listitem> <listitem>
@ -83,6 +83,11 @@
configuration, thus avoiding run-time errors.</para> configuration, thus avoiding run-time errors.</para>
</listitem> </listitem>
<listitem>
<para>The compiler produces better and more consistent diagnostic
messages.</para>
</listitem>
<listitem> <listitem>
<para>The compiler produces a script that runs much faster and <para>The compiler produces a script that runs much faster and
that does not reject/drop connections during start/restart.</para> that does not reject/drop connections during start/restart.</para>
@ -506,6 +511,20 @@ eth0 172.20.1.0/24</programlisting>
</simplelist> </simplelist>
<para>To eliminate the warning, remove the DEST zone.</para> <para>To eliminate the warning, remove the DEST zone.</para>
<para>Example.</para>
<para>Before:</para>
<programlisting>#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
NONAT loc net tcp 80</programlisting>
<para>After:</para>
<programlisting>#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
NONAT loc - tcp 80</programlisting>
</section> </section>
</section> </section>