From: "Xavier Neys" <neysx@lark.gentoo.org>
To: gentoo-doc-cvs@lists.gentoo.org
Subject: [gentoo-doc-cvs] cvs commit: linux-24-stateful-fw-design.xml
Date: Fri, 26 Aug 2005 23:30:10 +0000 [thread overview]
Message-ID: <200508262328.j7QNSi2R017673@robin.gentoo.org> (raw)
neysx 05/08/26 23:30:10
Modified: xml/htdocs/doc/en/articles linux-24-stateful-fw-design.xml
Log:
#103863 Install iptables w/ emerge instead of ./configure....
Revision Changes Path
1.3 +15 -22 xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml
file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml?rev=1.3&content-type=text/x-cvsweb-markup&cvsroot=gentoo
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml?rev=1.3&content-type=text/plain&cvsroot=gentoo
diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml.diff?r1=1.2&r2=1.3&cvsroot=gentoo
Index: linux-24-stateful-fw-design.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- linux-24-stateful-fw-design.xml 15 Aug 2005 23:16:06 -0000 1.2
+++ linux-24-stateful-fw-design.xml 26 Aug 2005 23:30:10 -0000 1.3
@@ -1,5 +1,5 @@
<?xml version='1.0' encoding="UTF-8"?>
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v 1.2 2005/08/15 23:16:06 cam Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/linux-24-stateful-fw-design.xml,v 1.3 2005/08/26 23:30:10 neysx Exp $ -->
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
<guide link="/doc/en/articles/linux-24-stateful-fw-design.xml">
@@ -22,8 +22,8 @@
version of the original article, and contains various improvements made by the
Gentoo Linux Documentation team -->
-<version>1.0</version>
-<date>2005-07-28</date>
+<version>1.1</version>
+<date>2005-08-27</date>
<chapter>
<title>About this tutorial</title>
@@ -106,18 +106,11 @@
Before we start designing a firewall, we need to do two things. First, we need
to make sure that the <c>iptables</c> command is available. As root, type
<c>iptables</c> and see if it exists. If it doesn't, then we'll need to get it
-installed first. Here's how: head over to the netfilter/iptables project page
-(<uri>http://www.netfilter.org/</uri>) and grab the most recent version of
-<path>iptables.tar.gz</path> (currently <path>iptables-1.1.2.tar.gz</path>) you
-can find. Then, install it by typing in the following commands (output omitted
-for brevity):
+installed first. Here's how we do that:
</p>
<pre caption="Installing necessary tools">
-# <i>tar xzvf iptables-1.1.2.tar.gz</i>
-# <i>cd iptables-1.1.2</i>
-# <i>make</i>
-# <i>make install</i>
+# <i>emerge iptables</i>
</pre>
</body>
@@ -620,7 +613,7 @@
if [ -e /proc/sys/net/ipv4/tcp_ecn ]
then
echo 0 > /proc/sys/net/ipv4/tcp_ecn
-fi
+fi
</pre>
</body>
@@ -710,7 +703,7 @@
<pre caption="Spoof protection">
for x in lo eth0 eth1
do
- echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
+ echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
done
</pre>
@@ -873,12 +866,12 @@
if [ -e /proc/sys/net/ipv4/tcp_ecn ]
then
echo 0 > /proc/sys/net/ipv4/tcp_ecn
- fi
+ fi
<comment># Disable spoofing on all interfaces</comment>
- for x in ${INTERFACES}
- do
- echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
+ for x in ${INTERFACES}
+ do
+ echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
done
if [ "$ROUTER" = "yes" ]
@@ -897,7 +890,7 @@
iptables -t nat -A POSTROUTING -o ${UPLINK} -j SNAT --to ${UPIP}
fi
fi
-
+
elif [ "$1" = "stop" ]
then
echo "Stopping firewall..."
@@ -1068,12 +1061,12 @@
if [ -e /proc/sys/net/ipv4/tcp_ecn ]
then
echo 0 > /proc/sys/net/ipv4/tcp_ecn
- fi
+ fi
<comment># Disable spoofing on all interfaces</comment>
- for x in ${INTERFACES}
+ for x in ${INTERFACES}
do
- echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
+ echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
done
if [ "$ROUTER" = "yes" ]
--
gentoo-doc-cvs@gentoo.org mailing list
next reply other threads:[~2005-08-26 23:30 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-08-26 23:30 Xavier Neys [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-07-27 21:03 [gentoo-doc-cvs] cvs commit: linux-24-stateful-fw-design.xml Shyam Mani
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200508262328.j7QNSi2R017673@robin.gentoo.org \
--to=neysx@lark.gentoo.org \
--cc=docs-team@lists.gentoo.org \
--cc=gentoo-doc-cvs@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox