mirror of https://github.com/tLDP/LDP
updated
This commit is contained in:
gferg
parent
de33c258cb
commit
2ac6c8d949
|
|
@ -16,11 +16,11 @@
|
|||
</AUTHOR>
|
||||
|
||||
<pubdate>
|
||||
May 05, 2005
|
||||
May 22, 2005
|
||||
</pubdate>
|
||||
<Abstract>
|
||||
<para>
|
||||
May 05, 2005
|
||||
May 22, 2005
|
||||
</para>
|
||||
|
||||
<para>
|
||||
|
|
@ -7911,13 +7911,15 @@ Cannot work at present (it makes invalid assumptions about addresses).
|
|||
#
|
||||
# rc.firewall-iptables-stronger
|
||||
#
|
||||
FWVER=0.86s
|
||||
FWVER=0.87s
|
||||
|
||||
# An example of a stronger IPTABLES firewall with IP Masquerade
|
||||
# support for 2.4.x kernels.
|
||||
#
|
||||
# Log:
|
||||
#
|
||||
# 0.87s - Removed the unused drop-and-logit chain as it was only later
|
||||
# being deleted anyway
|
||||
# 0.86s - Fixed a typo that had a preceeding ; instead of a #
|
||||
# 0.85s - renamed from rc.firewall-2.4-stronger to rc.firewall-iptables-
|
||||
# stronger to reflect this script works for all IPTABLES enabled
|
||||
|
|
@ -8331,16 +8333,14 @@ $IPTABLES -F FORWARD
|
|||
$IPTABLES -F -t nat
|
||||
|
||||
#Not needed and it will only load the unneeded kernel module
|
||||
#
|
||||
#$IPTABLES -F -t mangle
|
||||
#
|
||||
# Flush the user chain.. if it exists
|
||||
if [ -n "`$IPTABLES -L | $GREP drop-and-log-it`" ]; then
|
||||
$IPTABLES -F drop-and-log-it
|
||||
fi
|
||||
#
|
||||
|
||||
|
||||
# Delete all User-specified chains
|
||||
$IPTABLES -X
|
||||
#
|
||||
|
||||
|
||||
# Reset all IPTABLES counters
|
||||
$IPTABLES -Z
|
||||
|
||||
|
|
@ -13623,9 +13623,21 @@ have three possibilites:
|
|||
</para>
|
||||
|
||||
<para>
|
||||
Though this howto doesn't cover items #1 and #2 yet, email me and I can
|
||||
give you a hand. For item #3, this isn't IPMASQ anymore and thus I can't
|
||||
help you. Fortunately, there are a few HOWTOs out there on the topic:
|
||||
Each of these solutions have pros and cons
|
||||
</para>
|
||||
<para>
|
||||
Item #1: If you're lucky enough to have an ISP that will set this up for you
|
||||
(pretty rare), all you need to do is use basic 'route' commands to get this
|
||||
running. This is the most rebust solution and doesn't require any form of
|
||||
IPMASQ or NAT to work.
|
||||
</para>
|
||||
<para>
|
||||
Item #2: 1:1 NAT isn't covered in this HOWTO yet but if you need a hand, just
|
||||
email me and I'll give you a hand.
|
||||
</para>
|
||||
<para>
|
||||
Item #3: this isn't IPMASQ anymore and thus I can't really help you.
|
||||
Fortunately, there are a few HOWTOs out there on the topic:
|
||||
<ItemizedList>
|
||||
<listitem>
|
||||
<para>
|
||||
|
|
@ -15047,6 +15059,26 @@ Update the portfw FTP patch
|
|||
|
||||
|
||||
<!-- ChangeLOG -->
|
||||
<para>
|
||||
Changes from 05/03/05 to 05/22/05
|
||||
<ItemizedList>
|
||||
<listitem>
|
||||
<para>
|
||||
05/22/05 - Updated the rc.firewall-iptables-stronger ruleset to 0.87s.
|
||||
Removed the unused drop-and-logit chain as it was only later being deleted
|
||||
anyway. Thanks to Matthew Concannon for this one.
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
05/21/05 - Updated the Multiple-IPs FAQ entry a bit
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
</ItemizedList>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Changes from 04/17/05 to 05/03/05
|
||||
<ItemizedList>
|
||||
|
|
|
|||
Loading…
Reference in New Issue