Add example of nat-only fix

This commit is contained in:
Tom Eastep 2009-09-06 14:03:36 -07:00
parent 70ebe17cb3
commit cf9bb616b8

View File

@ -75,7 +75,7 @@
<itemizedlist>
<listitem>
<para>The compiler is very much faster</para>
<para>The compiler is much faster</para>
</listitem>
<listitem>
@ -83,6 +83,11 @@
configuration, thus avoiding run-time errors.</para>
</listitem>
<listitem>
<para>The compiler produces better and more consistent diagnostic
messages.</para>
</listitem>
<listitem>
<para>The compiler produces a script that runs much faster and
that does not reject/drop connections during start/restart.</para>
@ -506,6 +511,20 @@ eth0 172.20.1.0/24</programlisting>
</simplelist>
<para>To eliminate the warning, remove the DEST zone.</para>
<para>Example.</para>
<para>Before:</para>
<programlisting>#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
NONAT loc net tcp 80</programlisting>
<para>After:</para>
<programlisting>#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
NONAT loc - tcp 80</programlisting>
</section>
</section>