Shorewall 2.2.0 RC2

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1851 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-12-25 03:13:18 +00:00 · 2004-12-25 03:13:18 +00:00 · d6f9f805f1
commit d6f9f805f1
parent 0671733256
5 changed files with 42 additions and 21 deletions
--- a/Shorewall-docs2/IPSEC.xml
+++ b/Shorewall-docs2/IPSEC.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>

-    <pubdate>2004-08-15</pubdate>
+    <pubdate>2004-12-23</pubdate>

    <copyright>
      <year>2001-2004</year>
@ -47,6 +47,13 @@
    Shorewall.</para>
  </warning>

+  <section>
+    <title>Preliminary Reading</title>
+
+    <para>I recommend reading the <ulink url="VPNBasics.html">VPN
+    Basics</ulink> article if you plan to implement any type of VPN.</para>
+  </section>
+
  <section>
    <title>Configuring FreeS/Wan</title>

--- a/Shorewall-docs2/NAT.xml
+++ b/Shorewall-docs2/NAT.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>

-    <pubdate>2004-12-16</pubdate>
+    <pubdate>2004-12-23</pubdate>

    <copyright>
      <year>2001-2004</year>
@ -81,11 +81,11 @@
      INTERFACE column should undergo NAT. If you leave this column empty,
      <quote>No</quote> is assumed (Shorewall 2.0.0 and later -- prior to
      this, <quote>Yes</quote> was assumed). <emphasis role="bold">Specifying
-      <quote>Yes</quote> in this column will not allow systems on the lower
-      LAN to access each other using their public IP addresses.</emphasis> For
-      example, the lower left-hand system (10.1.1.2) cannot connect to
-      130.252.100.19 and expect to be connected to the lower right-hand
-      system. <ulink url="FAQ.htm#faq2a">See FAQ 2a</ulink>.</para>
+      <quote>Yes</quote> in this column will not by itself allow systems on
+      the lower LAN to access each other using their public IP
+      addresses.</emphasis> For example, the lower left-hand system (10.1.1.2)
+      cannot connect to 130.252.100.19 and expect to be connected to the lower
+      right-hand system. <ulink url="FAQ.htm#faq2a">See FAQ 2a</ulink>.</para>
    </note>

    <note>
--- a/Shorewall-docs2/OPENVPN.xml
+++ b/Shorewall-docs2/OPENVPN.xml
@ -8,27 +8,27 @@
    <title>OpenVPN Tunnels</title>

    <authorgroup>
-      <author>
-        <firstname>Tom</firstname>
-
-        <surname>Eastep</surname>
-      </author>
-
      <author>
        <firstname>Simon</firstname>

        <surname>Mater</surname>
      </author>
+
+      <author>
+        <firstname>Tom</firstname>
+
+        <surname>Eastep</surname>
+      </author>
    </authorgroup>

-    <pubdate>2004-12-20</pubdate>
+    <pubdate>2004-12-23</pubdate>

    <copyright>
      <year>2003</year>

-      <holder>Thomas M. Eastep</holder>
-
      <holder>Simon Mater</holder>
+
+      <holder>Thomas M. Eastep</holder>
    </copyright>

    <legalnotice>
@ -60,6 +60,13 @@
    version of Shorewall and OpenVPN that you are using.</para>
  </warning>

+  <section>
+    <title>Preliminary Reading</title>
+
+    <para>I recommend reading the <ulink url="VPNBasics.html">VPN
+    Basics</ulink> article if you plan to implement any type of VPN.</para>
+  </section>
+
  <section>
    <title>Bridging two Masqueraded Networks</title>

--- a/Shorewall-docs2/PPTP.xml
+++ b/Shorewall-docs2/PPTP.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>

-    <pubdate>2004-11-02</pubdate>
+    <pubdate>2004-12-23</pubdate>

    <copyright>
      <year>2001</year>
@ -143,6 +143,13 @@
    current patches and <quote>roll their own</quote>.</para>
  </section>

+  <section>
+    <title>Preliminary Reading</title>
+
+    <para>I recommend reading the <ulink url="VPNBasics.html">VPN
+    Basics</ulink> article if you plan to implement any type of VPN.</para>
+  </section>
+
  <section id="ServerFW">
    <title>PPTP Server Running on your Firewall</title>

--- a/Shorewall-docs2/VPNBasics.xml
+++ b/Shorewall-docs2/VPNBasics.xml
@ -15,7 +15,7 @@
      </author>
    </authorgroup>

-    <pubdate>2004-12-18</pubdate>
+    <pubdate>2004-12-23</pubdate>

    <copyright>
      <year>2004</year>
@ -187,7 +187,7 @@
    cases, remote zone definition is similar to zones that you have already
    defined.</para>

-    <para><filename>/etc/shorewall/zones</filename>: </para>
+    <para><filename>/etc/shorewall/zones</filename>:</para>

    <programlisting>#ZONE           DISPLAY              COMMENT
 net             Internet             The big bad net
@ -245,7 +245,7 @@ loc             eth1               detect
 rem2          tun+:10.0.1.0/24</emphasis></programlisting>

    <para>The <filename>/etc/shorewall/hosts</filename> file is also used with
-    <ulink url="IPSEC-2.6.html">kernel 2.6 native IPSEC</ulink>. </para>
+    <ulink url="IPSEC-2.6.html">kernel 2.6 native IPSEC</ulink>.</para>
  </section>

  <section>
@ -284,7 +284,7 @@ ACCEPT   $FW            Z2:1.2.3.4      udp     500
 ACCEPT   Z2:1.2.3.4     $FW             udp     500</programlisting>
      </blockquote>

-      <para>The "noah" option causes the rules for protocol 50 to be
+      <para>The "noah" option causes the rules for protocol 51 to be
      eliminated. The "ipsecnat" causes UDP port 4500 to be accepted in both
      directions. If no GATEWAY ZONE is given then the last two rules above
      are omitted.</para>