[gentoo-doc-cvs] cvs commit: linux-24-stateful-fw-design.xml - gentoo-doc-cvs

From:	Xavier Neys <neysx@×××××××××××.org>
To:	gentoo-doc-cvs@l.g.o
Subject:	[gentoo-doc-cvs] cvs commit: linux-24-stateful-fw-design.xml
Date:	Fri, 26 Aug 2005 23:30:20
Message-Id:	`200508262328.j7QNSi2R017673@robin.gentoo.org`

1

neysx       05/08/26 23:30:10

2

3

  Modified:    xml/htdocs/doc/en/articles linux-24-stateful-fw-design.xml

4

  Log:

5

  #103863 Install iptables w/ emerge instead of ./configure....

6

7

Revision  Changes    Path

8

1.3       +15 -22    xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml

9

10

file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml?rev=1.3&content-type=text/x-cvsweb-markup&cvsroot=gentoo

11

plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml?rev=1.3&content-type=text/plain&cvsroot=gentoo

12

diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml.diff?r1=1.2&r2=1.3&cvsroot=gentoo

13

14

Index: linux-24-stateful-fw-design.xml

15

===================================================================

16

RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v

17

retrieving revision 1.2

18

retrieving revision 1.3

19

diff -u -r1.2 -r1.3

20

--- linux-24-stateful-fw-design.xml	15 Aug 2005 23:16:06 -0000	1.2

21

+++ linux-24-stateful-fw-design.xml	26 Aug 2005 23:30:10 -0000	1.3

22

@@ -1,5 +1,5 @@

23

 <?xml version='1.0' encoding="UTF-8"?>

24

-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v 1.2 2005/08/15 23:16:06 cam Exp $ -->

25

+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v 1.3 2005/08/26 23:30:10 neysx Exp $ -->

26

 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">

27

28

 <guide link="/doc/en/articles/linux-24-stateful-fw-design.xml">

29

@@ -22,8 +22,8 @@

30

 version of the original article, and contains various improvements made by the

31

 Gentoo Linux Documentation team -->

32

33

-<version>1.0</version>

34

-<date>2005-07-28</date>

35

+<version>1.1</version>

36

+<date>2005-08-27</date>

37

38

 <chapter>

39

 <title>About this tutorial</title>

40

@@ -106,18 +106,11 @@

41

 Before we start designing a firewall, we need to do two things. First, we need

42

 to make sure that the <c>iptables</c> command is available. As root, type

43

 <c>iptables</c> and see if it exists. If it doesn't, then we'll need to get it

44

-installed first.  Here's how: head over to the netfilter/iptables project page

45

-(<uri>http://www.netfilter.org/</uri>) and grab the most recent version of

46

-<path>iptables.tar.gz</path> (currently <path>iptables-1.1.2.tar.gz</path>) you

47

-can find. Then, install it by typing in the following commands (output omitted

48

-for brevity):

49

+installed first. Here's how we do that:

50

 </p>

51

52

 <pre caption="Installing necessary tools">

53

-# <i>tar xzvf iptables-1.1.2.tar.gz</i>

54

-# <i>cd iptables-1.1.2</i>

55

-# <i>make</i>

56

-# <i>make install</i>

57

+# <i>emerge iptables</i>

58

 </pre>

59

60

 </body>

61

@@ -620,7 +613,7 @@

62

 if [ -e /proc/sys/net/ipv4/tcp_ecn ]

63

 then

64

         echo 0 > /proc/sys/net/ipv4/tcp_ecn

65

-fi

66

+fi

67

 </pre>

68

69

 </body>

70

@@ -710,7 +703,7 @@

71

 <pre caption="Spoof protection">

72

 for x in lo eth0 eth1

73

do

74

-        echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter     

75

+        echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter

76

 done

77

 </pre>

78

79

@@ -873,12 +866,12 @@

80

         if [ -e /proc/sys/net/ipv4/tcp_ecn ]

81

         then

82

                 echo 0 > /proc/sys/net/ipv4/tcp_ecn

83

-        fi   

84

+        fi

85

86

         <comment># Disable spoofing on all interfaces</comment>

87

-        for x in ${INTERFACES} 

88

-        do        

89

-                echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter     

90

+        for x in ${INTERFACES}

91

+        do

92

+                echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter

93

         done

94

95

         if [ "$ROUTER" = "yes" ]

96

@@ -897,7 +890,7 @@

97

                         iptables -t nat -A POSTROUTING -o ${UPLINK} -j SNAT --to ${UPIP}

98

fi

99

fi

100

-

101

+

102

 elif [ "$1" = "stop" ]

103

 then

104

         echo "Stopping firewall..."

105

@@ -1068,12 +1061,12 @@

106

         if [ -e /proc/sys/net/ipv4/tcp_ecn ]

107

         then

108

                 echo 0 > /proc/sys/net/ipv4/tcp_ecn

109

-        fi   

110

+        fi

111

112

         <comment># Disable spoofing on all interfaces</comment>

113

-        for x in ${INTERFACES} 

114

+        for x in ${INTERFACES}

115

do

116

-        echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter     

117

+        echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter

118

         done

119

120

         if [ "$ROUTER" = "yes" ]

--

125

gentoo-doc-cvs@g.o mailing list

1	neysx 05/08/26 23:30:10
2
3	Modified: xml/htdocs/doc/en/articles linux-24-stateful-fw-design.xml
4	Log:
5	#103863 Install iptables w/ emerge instead of ./configure....
6
7	Revision Changes Path
8	1.3 +15 -22 xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml
9
10	file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml?rev=1.3&content-type=text/x-cvsweb-markup&cvsroot=gentoo
11	plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml?rev=1.3&content-type=text/plain&cvsroot=gentoo
12	diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml.diff?r1=1.2&r2=1.3&cvsroot=gentoo
13
14	Index: linux-24-stateful-fw-design.xml
15	===================================================================
16	RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v
17	retrieving revision 1.2
18	retrieving revision 1.3
19	diff -u -r1.2 -r1.3
20	--- linux-24-stateful-fw-design.xml 15 Aug 2005 23:16:06 -0000 1.2
21	+++ linux-24-stateful-fw-design.xml 26 Aug 2005 23:30:10 -0000 1.3
22	@@ -1,5 +1,5 @@
23	<?xml version='1.0' encoding="UTF-8"?>
24	-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v 1.2 2005/08/15 23:16:06 cam Exp $ -->
25	+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v 1.3 2005/08/26 23:30:10 neysx Exp $ -->
26	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
27
28	<guide link="/doc/en/articles/linux-24-stateful-fw-design.xml">
29	@@ -22,8 +22,8 @@
30	version of the original article, and contains various improvements made by the
31	Gentoo Linux Documentation team -->
32
33	-<version>1.0</version>
34	-<date>2005-07-28</date>
35	+<version>1.1</version>
36	+<date>2005-08-27</date>
37
38	<chapter>
39	<title>About this tutorial</title>
40	@@ -106,18 +106,11 @@
41	Before we start designing a firewall, we need to do two things. First, we need
42	to make sure that the <c>iptables</c> command is available. As root, type
43	<c>iptables</c> and see if it exists. If it doesn't, then we'll need to get it
44	-installed first. Here's how: head over to the netfilter/iptables project page
45	-(<uri>http://www.netfilter.org/</uri>) and grab the most recent version of
46	-<path>iptables.tar.gz</path> (currently <path>iptables-1.1.2.tar.gz</path>) you
47	-can find. Then, install it by typing in the following commands (output omitted
48	-for brevity):
49	+installed first. Here's how we do that:
50	</p>
51
52	<pre caption="Installing necessary tools">
53	-# <i>tar xzvf iptables-1.1.2.tar.gz</i>
54	-# <i>cd iptables-1.1.2</i>
55	-# <i>make</i>
56	-# <i>make install</i>
57	+# <i>emerge iptables</i>
58	</pre>
59
60	</body>
61	@@ -620,7 +613,7 @@
62	if [ -e /proc/sys/net/ipv4/tcp_ecn ]
63	then
64	echo 0 > /proc/sys/net/ipv4/tcp_ecn
65	-fi
66	+fi
67	</pre>
68
69	</body>
70	@@ -710,7 +703,7 @@
71	<pre caption="Spoof protection">
72	for x in lo eth0 eth1
73	do
74	- echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
75	+ echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
76	done
77	</pre>
78
79	@@ -873,12 +866,12 @@
80	if [ -e /proc/sys/net/ipv4/tcp_ecn ]
81	then
82	echo 0 > /proc/sys/net/ipv4/tcp_ecn
83	- fi
84	+ fi
85
86	<comment># Disable spoofing on all interfaces</comment>
87	- for x in ${INTERFACES}
88	- do
89	- echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
90	+ for x in ${INTERFACES}
91	+ do
92	+ echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
93	done
94
95	if [ "$ROUTER" = "yes" ]
96	@@ -897,7 +890,7 @@
97	iptables -t nat -A POSTROUTING -o ${UPLINK} -j SNAT --to ${UPIP}
98	fi
99	fi
100	-
101	+
102	elif [ "$1" = "stop" ]
103	then
104	echo "Stopping firewall..."
105	@@ -1068,12 +1061,12 @@
106	if [ -e /proc/sys/net/ipv4/tcp_ecn ]
107	then
108	echo 0 > /proc/sys/net/ipv4/tcp_ecn
109	- fi
110	+ fi
111
112	<comment># Disable spoofing on all interfaces</comment>
113	- for x in ${INTERFACES}
114	+ for x in ${INTERFACES}
115	do
116	- echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
117	+ echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
118	done
119
120	if [ "$ROUTER" = "yes" ]
121
122
123
124	--
125	gentoo-doc-cvs@g.o mailing list

Gentoo Archives: gentoo-doc-cvs