Commit Graph

1653 Commits

Author SHA1 Message Date
Tom Eastep
aba63d5c9b More action/macro documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-13 09:06:29 -08:00
Tom Eastep
e8b26236e2 Shuffle the Compiled Program article 2010-12-12 19:00:15 -08:00
Tom Eastep
b786da4abb Document lack of configfiles/ in Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-12 08:45:54 -08:00
Tom Eastep
48b00d719e Complete Proxy NDP implementation 2010-12-11 10:04:07 -08:00
Tom Eastep
2f70c0b71a Add Optional/Required interface section to the config basics doc 2010-12-09 10:04:52 -08:00
Tom Eastep
627733d925 Mention DHCPfwd in the DHCP doc - TAKE 2 2010-12-01 11:39:48 -08:00
Tom Eastep
b573826226 Mention DHCPfwd in the DHCP doc 2010-12-01 11:37:40 -08:00
Tom Eastep
c0ba395276 Update IPSEC title
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-28 10:00:31 -08:00
Tom Eastep
095345f95c Mention 'weak host model' in the Fool's firewall article 2010-11-27 11:14:51 -08:00
Tom Eastep
681529b664 Clarify 'switch' in the Fool's firewall article 2010-11-27 11:01:20 -08:00
Tom Eastep
2702d7f208 Implement header matching 2010-11-24 10:46:06 -08:00
Tom Eastep
972d00c300 Add another SNAT virtual alias example 2010-11-22 12:04:20 -08:00
Tom Eastep
93f9e8914c Add another SNAT virtual alias example 2010-11-22 11:59:59 -08:00
Tom Eastep
9b31906c6c Update bogus link in the features page 2010-11-21 21:40:56 -08:00
Tom Eastep
6083693181 Tweak FAQ 16c - LOGFILE 2010-11-21 19:37:54 -08:00
Tom Eastep
fdd1500971 Add FAQ 16c - LOGFILE 2010-11-21 12:05:28 -08:00
Tom Eastep
a17c47b017 Add FAQ 16b - dmesg 2010-11-21 10:48:23 -08:00
Tom Eastep
eac128b5e2 Add routes file to manpage indexes; modify links in the features page 2010-11-20 13:51:16 -08:00
Tom Eastep
e052951890 More /etc/shorewall/routes documentation 2010-11-17 17:27:48 -08:00
Tom Eastep
4ca1098e3e Be more explicit about route rules with SOURCE lo 2010-11-15 21:03:53 -08:00
Tom Eastep
17cc0bad45 Mention IPv6 in the tcfilters section 2010-11-15 12:38:28 -08:00
Tom Eastep
c9737930a2 Complete Shared TC documentation 2010-11-14 14:48:16 -08:00
Tom Eastep
a1e3683651 Documentation updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-10 14:38:55 -08:00
Tom Eastep
8c1bdc803b Fix typo in address-type section; add faq 94 2010-11-04 09:57:33 -07:00
Tom Eastep
e9b7b8acad Add address-type info to config file basics doc 2010-11-03 16:31:50 -07:00
Tom Eastep
5b7a2f002a Add helpers file to advice about modifying loaded modules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-03 12:47:50 -07:00
Tom Eastep
d3f729c56e Clarify applications running on the firewall section 2010-10-27 15:51:29 -07:00
Tom Eastep
54fdce9e22 Fix typos in Introduction 2010-10-26 07:32:50 -07:00
Tom Eastep
0f1370f265 Correct typo in upgrade issues 2010-10-21 07:57:39 -07:00
Tom Eastep
959b8f5167 Revise Vserver article 2010-10-10 08:29:19 -07:00
Tom Eastep
aad8a7b213 Clear FORWARD_CLEAR_MARK setting in the remaining config files 2010-10-09 11:31:19 -07:00
Tom Eastep
38851fe446 Delete obsolete options from shorewall.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-04 07:44:28 -07:00
Tom Eastep
ac8c7ed7d4 Updating bridge documents 2010-10-03 14:12:38 -07:00
Tom Eastep
2599e44fca More Tweaks to FAQ 93
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 13:03:11 -07:00
Tom Eastep
4c1c63617b Tweak FAQ 93 2010-10-03 12:56:09 -07:00
Tom Eastep
e62033ed13 Add FAQ 93 re bridging.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:46 -07:00
Tom Eastep
cee05d9763 Refine -lite handling of scfilter.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:30 -07:00
Tom Eastep
432534a650 Eliminate need to restart -lite to extract scfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 10:56:55 -07:00
Tom Eastep
5b86cbdabf Document scfilter in the Extensions Scripts Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 12:29:41 -07:00
Tom Eastep
468c918121 Correct grammar in FAQ 92 2010-09-28 08:05:18 -07:00
Tom Eastep
a7be406fb9 Add FAQ 92 2010-09-28 08:04:02 -07:00
Tom Eastep
26ec7cee1d Update ipset doc with multiple match syntax 2010-09-21 06:59:55 -07:00
Tom Eastep
c21a4d786d add ipset manpage to the index 2010-09-20 16:00:19 -07:00
Tom Eastep
1d650b41cd Remove blacklisting by destination IP address support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 15:24:58 -07:00
Tom Eastep
2ff06f5f0a Update simple TC doc 2010-09-14 07:59:01 -07:00
Tom Eastep
9f786b7c59 Delete mention of triggers in ipset doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 08:01:54 -07:00
Tom Eastep
b937290740 Add version cautions to blacklisting doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 07:58:13 -07:00
Tom Eastep
7e8979157c Update Features Page re: Virtualization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-08 15:47:23 -07:00
Tom Eastep
2cb5aaeb07 Correct interface reference 2010-09-08 13:12:19 -07:00
Tom Eastep
a4606bee80 Pretty up Network Diagram -- exchange caption location 2010-09-08 12:57:35 -07:00
Tom Eastep
bbe5dae9b0 Pretty up Network Diagram some more 2010-09-08 12:44:40 -07:00
Tom Eastep
0907a7b6c2 Pretty up Network Diagram 2010-09-08 12:38:14 -07:00
Tom Eastep
7f72d66b90 A couple of documentation updates 2010-09-08 11:55:16 -07:00
Tom Eastep
8853de0c2e Fix links to secmark manpages 2010-09-07 15:03:05 -07:00
Tom Eastep
8d63e04926 Yet more docunentation updates 2010-09-06 20:37:34 -07:00
Tom Eastep
50b4bd8dfe More Blacklist and Secmark documentation updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 17:26:49 -07:00
Tom Eastep
c6f58ba924 Enhance SELinux support:
- Add state match
- Add user/group match
- Add examples to the man pages
2010-09-06 09:06:40 -07:00
Tom Eastep
f93413b2a7 Update Multi-ISP doc for variable name change in 4.4.8.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-31 15:33:22 -07:00
Tom Eastep
8077c9e1c3 Add FAQ 91 2010-08-30 11:07:37 -07:00
Tom Eastep
c2558af9c8 Document and correct implementation of EXCLUSION_MASK
1. Require KLUDGEFREE if existing rule uses mark match
2. Pretty up the code
3. Use MASK_BITS rather than TC_BITS when calculating the offset of EXCLUSION_MASK

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-28 08:29:47 -07:00
Tom Eastep
6b0fa8b4e2 Change note about MARK_IN_FORWARD_CHAIN 2010-08-19 15:33:12 -07:00
Tom Eastep
baf8e21a80 Add reference to manual chains article for the compile extension 2010-08-17 09:23:43 -07:00
Tom Eastep
bc19a80ac4 Correct FAQ 2 for Shorewall-lite 2010-08-14 07:14:52 -07:00
Tom Eastep
1510e111c4 Fix typo in conf basics doc 2010-08-13 20:27:14 -07:00
Tom Eastep
000873575e Update Shorewall Lite Doc 2010-08-11 15:59:24 -07:00
Tom Eastep
965ad7ced1 Minor tweaks to the IPAddrs module 2010-08-11 11:46:26 -07:00
Tom Eastep
0234564a1b Add destination IP blacklisting 2010-08-10 17:33:50 -07:00
Tom Eastep
3ce8ff5741 Bump version to Beta 4 2010-08-01 16:10:32 -07:00
Tom Eastep
f75c5809b5 Advocate use of 'ip' to examine routing tables 2010-08-01 11:56:06 -07:00
Tom Eastep
967629569b Taylor Universal config to work with Shorewall-init and streamline ruleset
- Make interface 'all' optional and set REQUIRE_INTERFACE=Yes
- Add COMPLETE option
- Set FASTACCEPT in Universal samples
- Reset SUBSYSLOCK in Universal samples

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-01 08:36:56 -07:00
Tom Eastep
a88e2afa69 Tweak the Universal documentation 2010-07-31 18:43:54 -07:00
Tom Eastep
c6404f1a74 Reword last title in Universal ruleset doc 2010-07-31 14:51:52 -07:00
Tom Eastep
ee5d2a56da Add Universal doc 2010-07-31 13:52:09 -07:00
Tom Eastep
bebeba8cae Document Universal Configuration and allow for empty LOGFILE 2010-07-31 12:45:43 -07:00
Tom Eastep
d483725474 Update Accounting doc 2010-07-29 16:49:40 -07:00
Tom Eastep
6a1fea3a40 Add 'user marks' 2010-07-27 11:02:36 -07:00
Tom Eastep
aac343b476 Document mark geometry capability 2010-07-27 08:05:54 -07:00
Tom Eastep
7f4a7372ef Remove nic registration requirement for IRC channel 2010-07-24 16:04:21 -07:00
Tom Eastep
a9a19c4da6 Remove another link to a Russian-language page 2010-07-24 11:08:06 -07:00
Tom Eastep
242f13f6bd Delete foreign language links -- docs are very out of date 2010-07-24 09:33:47 -07:00
Tom Eastep
9ab66c3b07 More config basic doc tweaks 2010-07-24 07:09:02 -07:00
Tom Eastep
039ac17fe6 Correct SOURCE/DEST section 2010-07-23 14:32:11 -07:00
Tom Eastep
93e5fc2deb Correct SOURCE/DEST section 2010-07-23 14:19:05 -07:00
Tom Eastep
c2717b9eec Correct SOURCE/DEST section 2010-07-23 14:17:38 -07:00
Tom Eastep
00352baba7 Add warning about Upstart 2010-07-23 07:38:28 -07:00
Tom Eastep
c536680bd6 Add FAQ 90 2010-07-21 13:31:43 -07:00
Tom Eastep
eb2dcb46cd Remove mention of 4.5 from Manpages6 index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-21 12:36:18 -07:00
Tom Eastep
46644a0336 Add instructions for disabling existing firewalls 2010-07-21 11:49:37 -07:00
Tom Eastep
d897635af5 Allow bizarre overriding of SOURCE/DEST with ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-20 16:03:12 -07:00
Tom Eastep
c9423491f2 Don't mention 4.5 on Manpages page 2010-07-19 15:11:55 -07:00
Tom Eastep
8eeb71dc1b Fix inconsistencies in manpages 2010-07-19 14:45:05 -07:00
Tom Eastep
cbb524b067 Implement ADD/DEL commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-18 08:46:38 -07:00
Tom Eastep
d2bb96be88 Emphasize that you must have a Nic to post on the Shorewall channel 2010-07-18 07:34:03 -07:00
Tom Eastep
9977f778ad Link to a better Netfilter Diagram 2010-07-15 11:07:14 -07:00
Tom Eastep
35a4b8e7f4 Update Vserver FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:12:06 -07:00
Tom Eastep
c8274f0538 Minor vserver doc update 2010-07-02 13:34:21 -07:00
Tom Eastep
ba535b8937 Correct IPv6 zones file in Vserver doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-01 15:56:34 -07:00
Tom Eastep
f538aecd82 Update the Vserver article with IPv6 and a graphic 2010-07-01 15:13:29 -07:00
Tom Eastep
7dbf829e9b Clean up Vserver doc 2010-07-01 07:22:54 -07:00
Tom Eastep
e4afc15370 Finish Vserver Implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-30 20:35:46 -07:00
Tom Eastep
ac4349e930 Add more IPv6 configuration info 2010-06-27 17:46:12 -07:00
Tom Eastep
236269eafc Add IPv6 example to the OpenVPN doc 2010-06-27 16:26:40 -07:00
Tom Eastep
ed72afd8a0 Add comment about the unfortunate name of the tcrules file 2010-06-25 06:33:14 -07:00
Tom Eastep
40f57bf926 Update Squid Document 2010-06-16 09:24:01 -07:00
Tom Eastep
625f254d02 Add tcfilters to manpage index 2010-06-10 06:15:15 -07:00
Tom Eastep
f50a609d1d Update the UPnP document with the 4.4.10 changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-08 11:34:37 -07:00
Tom Eastep
e061d15baf Update blacklisting doc with 4.4.10 behavior.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-08 11:32:39 -07:00
Tom Eastep
f412f96153 Add introduction to config file basics document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-06 08:24:28 -07:00
Tom Eastep
5e74427332 Update the Build document with the current release model
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-02 16:23:09 -07:00
Tom Eastep
91840acb18 Remove unused RUNLEVELS variable from the install scripts.
Add some documentation

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-01 07:12:19 -07:00
Tom Eastep
0553f232b5 Remove apparent restriction on files where shell variables can be used
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-31 10:25:53 -07:00
Tom Eastep
78aaea749e Mention Shorewall-init in the beginner HOWTOs 2010-05-31 09:40:20 -07:00
Tom Eastep
47c4cbd85a Remove extra step in DSL modem access 2010-05-30 11:31:41 -07:00
Tom Eastep
07366ac819 Enhance FAQ 89 -- DSL modem access 2010-05-30 09:30:56 -07:00
Tom Eastep
97d8fd1588 Add FAQ 89 -- DSL modem access 2010-05-30 08:59:38 -07:00
Tom Eastep
ff5f2ab15a Emphasize 'routeback' in the OpenVZ doc 2010-05-28 17:14:31 -07:00
Tom Eastep
98dff075ca Mention SAFESTOP in the start/stop document 2010-05-27 13:55:07 -07:00
Tom Eastep
e1c04f5ad6 Add Shorewall Init Documentation 2010-05-27 13:36:00 -07:00
Tom Eastep
eaad566978 Update documents for Shorewall-lite 2010-05-20 17:06:53 -07:00
Tom Eastep
5bab407da2 Remove mention of 4.5 from the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-13 16:40:07 -07:00
Tom Eastep
46b3a2a81a Remove dire threats about installing remotely
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-13 16:40:01 -07:00
Tom Eastep
a0a08c918d Apply patch from Fog_Watch 2010-05-13 16:39:39 -07:00
Tom Eastep
74c515016e Add back stuff merged earlier: 2010-05-08 16:32:03 -07:00
Tom Eastep
e9b836bbad Document OS X as an Administrative system
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-06 09:07:33 -07:00
Tom Eastep
5456c9fba3 Add instructions for proxying firewall-local connections
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-01 08:26:22 -07:00
Tom Eastep
83d8d497d7 Correct typos in IPSEC article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-28 08:12:41 -07:00
Tom Eastep
4b6bff7693 Add link from the netmap article to the OpenVPN doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-27 07:04:33 -07:00
Tom Eastep
eab6387817 Add solution for handling duplicate networks in an OpenVPN environment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-27 07:04:06 -07:00
Tom Eastep
40bc2cc4a2 Update Link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-26 18:06:16 -07:00
Tom Eastep
6e04c7eec8 Mention 6in4 Tunnels in the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-26 11:11:12 -07:00
Tom Eastep
33801bb8a9 Add 6in4 information to 6to4 article 2010-04-24 19:53:15 -07:00
Tom Eastep
f2f8bcd804 Add link to 2010 Linuxfest presentation 2010-04-24 08:06:07 -07:00
Tom Eastep
32d3e50c05 Remove extra <emphasis> <\emphasis>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-17 08:54:37 -07:00
Tom Eastep
66a07c3ce6 Update copyright in UPnP Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-17 08:51:57 -07:00
Tom Eastep
a620aa22f9 Remove outdated information from the UPnP doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-17 08:51:11 -07:00
Tom Eastep
0a9b7c75d0 Delete misleading wording in the explaination of rate limiting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-16 06:24:35 -07:00
Tom Eastep
704eb1ee8e Fix lib.private in the Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-14 19:05:42 -07:00
Tom Eastep
3b6b7a4099 Add simple tc files to basics doc 2010-04-11 17:00:19 -07:00
Tom Eastep
b3f57ae5dc Add 'preview' to Perl doc 2010-04-11 14:31:32 -07:00
Tom Eastep
eb0abb3dd7 Remove 'Beta' status from 4.4 2010-04-11 12:49:30 -07:00
Tom Eastep
7ab3c6a612 Add /etc/shorewall/interfaces to the IFB instructions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 16:14:58 -07:00
Tom Eastep
450f2787ba Cover 1:1 NAT in FAQ 2d.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 08:06:06 -07:00
Tom Eastep
9bf87bc5e1 Add FAQ 2d.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 08:02:20 -07:00
Tom Eastep
a670c05043 Reword reference to RFC 4787.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 07:48:35 -07:00
Tom Eastep
5e30c5683c Tone down response to Shorewall FAQ 2 and provide RFC reference.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-06 07:44:43 -07:00
Tom Eastep
430cbf310f Revise FAQ 73 to match reality.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-31 08:38:29 -07:00
Tom Eastep
ee8270aadf Correct typo in the FAQ.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-30 11:35:33 -07:00
Tom Eastep
ad08d2195e Add a short section about bridged OpenVPN configurations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-25 15:30:46 -07:00
Tom Eastep
8fc1a08766 Expand Split DNS Article 2010-03-22 19:57:23 -07:00
Tom Eastep
a01fa345b7 Add support for UDP Lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-16 09:42:50 -07:00
Tom Eastep
472425cc62 Add FAQ 6c re: dmesg 2010-03-12 12:22:39 -08:00
Tom Eastep
0fb9333346 Update release model doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-08 13:50:24 -08:00
Tom Eastep
696f7d6b2b Update copyright on basics doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-07 09:34:27 -08:00
Tom Eastep
7ee96c41e0 Tweak OpenVZ doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-07 07:26:12 -08:00
Tom Eastep
1c293d17dc Formatting improvements in OpenVZ doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 12:46:42 -08:00
Tom Eastep
9b1483d93e Update OpenBZ Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 12:40:52 -08:00
Tom Eastep
e9dffbace2 Correct Type in Extension Script Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 06:43:14 -08:00
Tom Eastep
a963c8f955 Don't export CONFDIR or SHAREDIR
Document CONFDIR, SHAREDIR and VARDIR
Add FILEMODE to the old reserved variable names

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 11:46:23 -08:00
Tom Eastep
49c1350aa0 Documentation for final cleanup of variable names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 10:28:09 -08:00
Tom Eastep
2656a9b0c7 Eliminate use of PRODUCT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 12:34:36 -08:00
Tom Eastep
5613d0105a Remove all reliance on HOSTNAME
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 11:59:38 -08:00
Tom Eastep
82bb80cbba Put real fwlogwatch output in the FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 08:18:20 -08:00
Tom Eastep
55e1124bbe Update docs regarding VERSION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 08:18:01 -08:00
Tom Eastep
5fc6d58e19 Eliminate STOPPING variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 07:37:30 -08:00
Tom Eastep
9ec5f36549 Add fwlogwatch info 2010-03-01 12:17:09 -08:00
Tom Eastep
53c73bc8e9 Eliminate VERBOSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-28 17:58:01 -08:00
Tom Eastep
8fadaa8f2c Add FAQ 25a 2010-02-27 16:56:23 -08:00
Tom Eastep
f0dc720740 Document -s installer option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-27 12:09:48 -08:00
Tom Eastep
061d850c16 Rename RESTOREPATH to g_restorepath
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-26 08:35:50 -08:00
Tom Eastep
c1ac19a81e Correct a couple of typos 2010-02-25 16:35:19 -08:00
Tom Eastep
8aaddf368b More reserved variable names documented
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-25 12:37:22 -08:00
Tom Eastep
570497766b Add COMMAND to the list of reserved variable names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 07:18:54 -08:00
Tom Eastep
4320ebb8b0 Add SW_* to the list of reserved variable names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 06:57:29 -08:00
Tom Eastep
efa41d1801 Correct a typo 2010-02-22 08:36:31 -08:00
Tom Eastep
8bc6f2144a Remove mention of variable name change in 4.4.8
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-21 15:14:40 -08:00
Tom Eastep
8c3bb22511 Additions to reserved shell variables 2010-02-21 08:34:21 -08:00
Tom Eastep
70242c0d00 Correct typo in Build document
separete -> separate

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-21 06:58:23 -08:00
Tom Eastep
3a9416fb87 Correct Build article:
- Change lists.shorewall.net to www1.shorewall.net
- Correct partial upload example

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-21 06:56:12 -08:00
Tom Eastep
c030bc900c List variable names to be avoided in manpages and config file basics doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-19 08:12:56 -08:00
Tom Eastep
ba01cecbcd Explain RATE and BURST in the basics doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-14 08:54:34 -08:00
Tom Eastep
01521e4941 Correct typo in simple TC doc 2010-02-08 15:40:07 -08:00
Tom Eastep
1f86f54a8e Update simple TC doc with 4.4.7 workaround for lack of 'flow'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-08 08:44:40 -08:00
Tom Eastep
6239218db5 Warn about absense of the 'flow' classifier.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-08 06:45:11 -08:00
Tom Eastep
28b1139ef7 Add 'Tips and Hints' as an alias for the config file basics doc -- Take 2 2010-02-06 17:08:00 -08:00
Tom Eastep
b449d8168e Add 'Tips and Hints' as an alias for the config file basics doc 2010-02-06 17:03:22 -08:00
Tom Eastep
e788b4c0f6 Mention DYNAMIC_BLACKLIST in the blacklisting doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-02 11:13:44 -08:00
Tom Eastep
193fdc85f0 Add 'Make Install' to iptables installation instructions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-31 12:12:55 -08:00
Tom Eastep
17fa381409 Update Build doc for revised Git layout 2010-01-25 16:27:50 -08:00
Tom Eastep
c5f64848f6 Tweak bridge/firewall doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-24 15:28:37 -08:00
Tom Eastep
bb1f2993cc Tweaks to aliased interfaces doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-24 13:52:25 -08:00
Tom Eastep
83565f7a22 Updates to Actions doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-24 12:06:56 -08:00
Tom Eastep
8dd835be2b Document LOAD_HELPERS_ONLY in the three basic HOWTOs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-22 13:12:41 -08:00
Tom Eastep
f74771a118 More LOAD_HELPERS_ONLY documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-21 20:30:35 -08:00
Tom Eastep
61a0e85410 Renumber FAQ 87
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-19 10:43:56 -08:00
Tom Eastep
8b50966f80 sip_direct_media was added in 2.6.26.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-19 10:36:13 -08:00
Tom Eastep
f731e04388 Mention sip_direct_media=0 in FAQ 77.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-19 10:32:34 -08:00
Tom Eastep
146a738e4c Document TPROXY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-17 08:20:15 -08:00
Tom Eastep
c39f3c12c9 Add FAQ about Snort
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-16 08:32:24 -08:00
Tom Eastep
81a5723009 Add appropriate 'use' statement to Limit code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-14 08:04:08 -08:00
Tom Eastep
505a2bac22 Make it clear that the variable expansion restriction applies to config files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-13 08:38:16 -08:00
Tom Eastep
ed3d3855f2 Correct typo in Shell Variable section
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-13 08:10:56 -08:00
Tom Eastep
2b39d7f522 Update version references for simplified TC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 17:33:47 -08:00
Tom Eastep
d164880381 Update Lenny->Squeeze doc to indicate that 4.4 is now in Sid
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 12:28:35 -08:00
Tom Eastep
3822fe98c2 Correct typo in Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 11:20:56 -08:00
Tom Eastep
4be3cbe97b Expand DHCP relay instructions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 09:13:29 -08:00
Tom Eastep
341617b5b8 Update DHCP document for forwarding.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 07:55:58 -08:00
Tom Eastep
ab86994d68 Delete tc4shorewall link from the traffic shaping page
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-11 12:48:23 -08:00
Tom Eastep
a1e46b68f0 Add [...] to IPv6 doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-08 15:11:19 -08:00
Tom Eastep
a2efc8e827 Correct log file for Debian and derivatives
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-07 11:41:27 -08:00
Tom Eastep
bbce309791 Bring 4.4.6 Lenny->Squeeze in sync with the 4.5.3 version
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-06 09:09:36 -08:00
Tom Eastep
556170c990 Replace SVN by GIT in Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-05 07:48:47 -08:00
Tom Eastep
1f49d49464 Update Build Document
- Copyright
- Add additional options to build44
- Add warning about xmlto
- Correct a couple of typos

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-05 07:41:27 -08:00
Tom Eastep
0c92e05509 Update the Shorewall-perl document regarding SAVE_IPSETS.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-04 14:45:27 -08:00
Tom Eastep
a7865e7e0e Fix simple TC typo 2009-12-26 12:44:42 -08:00
Tom Eastep
7e3675fb30 Move 4.5 manpage/doc updates to master 2009-12-26 12:40:16 -08:00
Tom Eastep
4bbbcc20dd Add additional advise about the routestopped file 2009-12-16 11:11:28 -08:00
Tom Eastep
c8c523622b Fix a couple of typos 2009-12-13 07:22:18 -08:00
Tom Eastep
0e19ad5ea0 Fix nonsensical combo of logmartians and routefilter 2009-12-13 07:14:13 -08:00
Tom Eastep
17802a4555 Fix typo 2009-12-13 07:08:05 -08:00
Tom Eastep
c56ff69c8f Another minor retitling 2009-12-11 14:25:45 -08:00
Tom Eastep
c40f8e3742 Retitle the Lenny to Squeeze article 2009-12-11 13:36:33 -08:00
Tom Eastep
6a62ced2c6 Add footnote and proviso regarding two links from the same ISP 2009-12-11 07:22:00 -08:00
Tom Eastep
0e5293ffc5 Describe checking for cls_flow support 2009-12-05 09:34:39 -08:00
Tom Eastep
acc985a290 Update 'flow=' description in the TC doc 2009-12-05 08:07:34 -08:00
Tom Eastep
083debb34e More add Debian logo to Debian-specific configuration steps 2009-12-04 09:15:15 -08:00
Tom Eastep
0e71ed18c0 Add Debian logo to Debian-specific configuration steps 2009-12-04 09:06:00 -08:00
Tom Eastep
66d07955b0 Fix inconsistency in the Traffic Shaping Document 2009-11-30 07:39:01 -08:00
Cristian Rodríguez
add564e07a Update broken link 2009-11-29 15:27:30 -03:00
Tom Eastep
fedb26fe1e Revise Logging section of beginner HOWTOs 2009-11-22 10:11:50 -08:00
Tom Eastep
1150ef72d3 Move Logging section forward in the HOWTOs 2009-11-22 09:52:53 -08:00
Tom Eastep
c1001d7cc9 Add warning about default routes to multi-interface HOWTOs 2009-11-22 09:30:45 -08:00
Tom Eastep
de9c088972 Fix reported issues in the Macro article 2009-11-18 20:08:50 -08:00
Cristian Rodríguez
d7c084c9c6 comment out broken link until we find a suitable substitute 2009-11-18 16:22:17 -03:00
Tom Eastep
1c1f16661f Tweak per-IP section 2009-11-14 11:56:37 -08:00
Tom Eastep
cb67513160 Document per-IP traffic shaping: 2009-11-14 08:52:47 -08:00
Tom Eastep
8ddc2e804d Document Logical Interfaces some more 2009-11-11 11:29:21 -08:00
Tom Eastep
7014bd3ea0 Add 'physical' interface option for bridge ports 2009-11-06 08:07:13 -08:00
Tom Eastep
c1898d1c80 Remove anachronistic 'LAST LINE' from INtro 2009-11-05 13:30:18 -08:00
Tom Eastep
7e21488aec Document ICMP codes 2009-11-05 11:58:54 -08:00
Tom Eastep
b4199fd068 Document ICMP codes 2009-11-05 11:44:40 -08:00
Tom Eastep
4548db58da Relax port list limitation in /etc/shorewall/routestopped 2009-11-03 11:36:32 -08:00
Tom Eastep
1892160ed5 Update copyright year list 2009-11-03 07:39:27 -08:00
Tom Eastep
f0b4b1f42e Add limit option to tcclasses 2009-10-26 12:23:32 -07:00
Tom Eastep
58ef1d3b63 Correct typo; elaborate on how PERL is processed 2009-10-21 09:39:50 -07:00
Tom Eastep
d0cda6b6ea Add TRACK_PROVIDERS option 2009-10-20 13:24:17 -07:00
Tom Eastep
49f361124e Make 'track' the default 2009-10-20 12:24:28 -07:00
Tom Eastep
c4af105ee4 Update display of capabilities in FAQ 2009-10-19 08:41:29 -07:00
Tom Eastep
f6913953fe Add Raw table to Netfilter Overview 2009-10-16 11:25:57 -07:00
Tom Eastep
a61c9a9e06 Fix typo 2009-10-16 10:45:46 -07:00
Tom Eastep
62c7ad7fbb Update Netfilter Overview 2009-10-16 10:29:36 -07:00
Tom Eastep
80f41779f8 Replace keyword 'object' with 'script' 2009-10-12 08:24:47 -07:00
Tom Eastep
fe3b8be029 Expand the answer to FAQ 1h 2009-10-12 07:38:19 -07:00
Tom Eastep
7612c895e5 Attempt to clarify LSM some more 2009-10-08 14:05:46 -07:00
Tom Eastep
28b0e99492 Explain how to list the dynamic blacklist 2009-10-06 10:20:09 -07:00
Tom Eastep
3171d3bfc2 Update FAQ regarding ACCEPT/DNAT 2009-10-02 10:45:56 -07:00
Tom Eastep
a8cc7d2a7e More clarification of masq file changes 2009-10-01 12:34:34 -07:00
Tom Eastep
d323c5b9c5 Delete shorewall-perl and shorewall-shell during upgrade 2009-10-01 07:37:30 -07:00
Tom Eastep
9f853d02d9 Make Tuomo Happy 2009-09-25 13:35:37 -04:00
Tom Eastep
111464ad95 Clarify 'loose' -- tweak wording 2009-09-25 06:17:49 -04:00
Tom Eastep
795ffb7212 Clarify 'loose' 2009-09-25 06:15:56 -04:00
Tom Eastep
0d651f093b Correct file name 2009-09-15 10:33:52 -07:00
Tom Eastep
326ac90596 Remove pre-4.4 cruft from article 2009-09-15 06:59:59 -07:00
Tom Eastep
d6b641b000 Add FAQ 86 2009-09-14 14:14:20 -07:00
Tom Eastep
a5f3a05341 Fix typo in the Introduction 2009-09-14 13:43:32 -07:00
Tom Eastep
0e8cb3b74d Improve wording of 'masq' section; add IDs to all sections 2009-09-14 09:01:02 -07:00
Tom Eastep
8180f45382 Add footnotes for non-Debian users 2009-09-14 08:29:49 -07:00
Tom Eastep
f25646d819 Add missing link to ipset section 2009-09-14 08:10:18 -07:00
Tom Eastep
b8e772a416 More Lenny->Squeeze additions (ipsets, extension scripts, more shorewall.conf options) 2009-09-14 07:49:47 -07:00
Tom Eastep
d5d4c451f9 Mention DYNAMIC_ZONES is Lenny->Squeeze article 2009-09-14 07:01:39 -07:00
Tom Eastep
9f102a1fba More tweaks to Lenny->Squeeze article 2009-09-14 06:53:25 -07:00
Tom Eastep
e814dc7b75 Make index entry for Lenny->Squeeze more generic 2009-09-13 09:32:06 -07:00
Tom Eastep
e1f7048107 More tweaks to the Lenny->Squeeze article 2009-09-13 09:28:58 -07:00
Tom Eastep
485ddd5e9f Note that the Lenny->Squeeze article is useful to non-Debian users 2009-09-13 09:25:45 -07:00
Tom Eastep
57f4458ec9 Avoid repetative wording 2009-09-13 08:19:07 -07:00
Tom Eastep
8fdebf0c38 Add new columns to macros 2009-09-13 08:09:40 -07:00
Tom Eastep
66765dcf75 Minor rewording 2009-09-12 15:03:19 -07:00
Tom Eastep
07d8872823 Indicate that Squeeze 'will' include 4.4 2009-09-12 09:20:38 -07:00
Tom Eastep
0336a77120 Fix ID 2009-09-11 16:36:56 -07:00
Tom Eastep
95d422b15f Add Extension Scripts to Lenny->Squeeze Article 2009-09-11 16:33:06 -07:00
Tom Eastep
82eaf124ca Add section about SOURCE and DEST 2009-09-10 14:55:50 -07:00
Tom Eastep
9a1cb0c6b6 Admin that PKTTYPE is a no-op 2009-09-07 16:44:19 -07:00
Tom Eastep
b2c7b583f5 Add Lenny->Squeeze article to index 2009-09-07 16:26:32 -07:00
Tom Eastep
bc7e65732e Add upgrade warning 2009-09-07 14:13:32 -07:00
Tom Eastep
993bbe8a4e Fix broken links in Lenny->Squeeze doc 2009-09-07 09:43:53 -07:00
Tom Eastep
1ef90b4f0f Add means for handling 'norfc1918' warning in Lenny->Squeeze doc 2009-09-07 09:39:00 -07:00
Tom Eastep
8da5fd42d0 Yet more enhancements to Lenny->Squeeze doc 2009-09-07 09:35:15 -07:00
Tom Eastep
180024c1fc More enhancements to Lenny->Squeeze doc 2009-09-07 09:21:47 -07:00
Tom Eastep
06e85d6191 Add routestopped file to Lenny->Squeeze doc 2009-09-07 09:07:07 -07:00
Tom Eastep
c4eeb7b77e Link upgrade issues back to the home page 2009-09-06 17:25:39 -07:00
Tom Eastep
cf9bb616b8 Add example of nat-only fix 2009-09-06 14:03:36 -07:00
Tom Eastep
70ebe17cb3 Reimplement MAPOLDACTIONS=Yes 2009-09-06 13:37:24 -07:00
Tom Eastep
477c0ef9e8 Update Lenny->Squeeze doc 2009-09-06 12:46:22 -07:00
Tom Eastep
1a33596ada Update Lenny->Squeeze doc 2009-09-06 12:41:36 -07:00
Tom Eastep
7192b47289 Add a Lenny->Squeeze Howto 2009-09-06 09:51:32 -07:00
Tom Eastep
f126755a96 Add notes about find_first_interface_address_if_any() 2009-09-05 08:59:45 -07:00
Tom Eastep
496a9449f1 Add note to simple bridge doc 2009-09-05 08:23:35 -07:00
Tom Eastep
4368af9525 Add /etc/shorewall/masq to Simple Bridge article 2009-09-05 07:24:29 -07:00
Tom Eastep
0a39672b46 Add FAQ 85 2009-09-01 08:19:53 -07:00
Tom Eastep
3647b801dc Add another image file 2009-08-31 14:29:06 -07:00
Tom Eastep
fbfa4b4e49 Update release documents and make minor change to faq 2009-08-31 14:19:15 -07:00