From d6f9f805f1911000775df1645d55200620ac058a Mon Sep 17 00:00:00 2001 From: teastep Date: Sat, 25 Dec 2004 03:13:18 +0000 Subject: [PATCH] Shorewall 2.2.0 RC2 git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1851 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-docs2/IPSEC.xml | 9 ++++++++- Shorewall-docs2/NAT.xml | 12 ++++++------ Shorewall-docs2/OPENVPN.xml | 25 ++++++++++++++++--------- Shorewall-docs2/PPTP.xml | 9 ++++++++- Shorewall-docs2/VPNBasics.xml | 8 ++++---- 5 files changed, 42 insertions(+), 21 deletions(-) diff --git a/Shorewall-docs2/IPSEC.xml b/Shorewall-docs2/IPSEC.xml index 0b483a505..0379bc9ce 100644 --- a/Shorewall-docs2/IPSEC.xml +++ b/Shorewall-docs2/IPSEC.xml @@ -15,7 +15,7 @@ - 2004-08-15 + 2004-12-23 2001-2004 @@ -47,6 +47,13 @@ Shorewall. +
+ Preliminary Reading + + I recommend reading the VPN + Basics article if you plan to implement any type of VPN. +
+
Configuring FreeS/Wan diff --git a/Shorewall-docs2/NAT.xml b/Shorewall-docs2/NAT.xml index 9a57f73a2..85c1f8079 100644 --- a/Shorewall-docs2/NAT.xml +++ b/Shorewall-docs2/NAT.xml @@ -15,7 +15,7 @@ - 2004-12-16 + 2004-12-23 2001-2004 @@ -81,11 +81,11 @@ INTERFACE column should undergo NAT. If you leave this column empty, No is assumed (Shorewall 2.0.0 and later -- prior to this, Yes was assumed). Specifying - Yes in this column will not allow systems on the lower - LAN to access each other using their public IP addresses. For - example, the lower left-hand system (10.1.1.2) cannot connect to - 130.252.100.19 and expect to be connected to the lower right-hand - system. See FAQ 2a. + Yes in this column will not by itself allow systems on + the lower LAN to access each other using their public IP + addresses. For example, the lower left-hand system (10.1.1.2) + cannot connect to 130.252.100.19 and expect to be connected to the lower + right-hand system. See FAQ 2a. diff --git a/Shorewall-docs2/OPENVPN.xml b/Shorewall-docs2/OPENVPN.xml index e498b3f36..98649b8e4 100644 --- a/Shorewall-docs2/OPENVPN.xml +++ b/Shorewall-docs2/OPENVPN.xml @@ -8,27 +8,27 @@ OpenVPN Tunnels - - Tom - - Eastep - - Simon Mater + + + Tom + + Eastep + - 2004-12-20 + 2004-12-23 2003 - Thomas M. Eastep - Simon Mater + + Thomas M. Eastep @@ -60,6 +60,13 @@ version of Shorewall and OpenVPN that you are using. +
+ Preliminary Reading + + I recommend reading the VPN + Basics article if you plan to implement any type of VPN. +
+
Bridging two Masqueraded Networks diff --git a/Shorewall-docs2/PPTP.xml b/Shorewall-docs2/PPTP.xml index 9331b126e..7a86c4757 100644 --- a/Shorewall-docs2/PPTP.xml +++ b/Shorewall-docs2/PPTP.xml @@ -15,7 +15,7 @@ - 2004-11-02 + 2004-12-23 2001 @@ -143,6 +143,13 @@ current patches and roll their own.
+
+ Preliminary Reading + + I recommend reading the VPN + Basics article if you plan to implement any type of VPN. +
+
PPTP Server Running on your Firewall diff --git a/Shorewall-docs2/VPNBasics.xml b/Shorewall-docs2/VPNBasics.xml index 18856bf70..dedfd7995 100644 --- a/Shorewall-docs2/VPNBasics.xml +++ b/Shorewall-docs2/VPNBasics.xml @@ -15,7 +15,7 @@ - 2004-12-18 + 2004-12-23 2004 @@ -187,7 +187,7 @@ cases, remote zone definition is similar to zones that you have already defined. - /etc/shorewall/zones: + /etc/shorewall/zones: #ZONE DISPLAY COMMENT net Internet The big bad net @@ -245,7 +245,7 @@ loc eth1 detect rem2 tun+:10.0.1.0/24 The /etc/shorewall/hosts file is also used with - kernel 2.6 native IPSEC. + kernel 2.6 native IPSEC.
@@ -284,7 +284,7 @@ ACCEPT $FW Z2:1.2.3.4 udp 500 ACCEPT Z2:1.2.3.4 $FW udp 500 - The "noah" option causes the rules for protocol 50 to be + The "noah" option causes the rules for protocol 51 to be eliminated. The "ipsecnat" causes UDP port 4500 to be accepted in both directions. If no GATEWAY ZONE is given then the last two rules above are omitted.