cosmetic update

LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html

@@ -11542,7 +11542,12 @@ WIDTH="100%"
 COLOR="#000000"
 ><PRE
 CLASS="SCREEN"
-># nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept</PRE
+># nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 1 accept
+# nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 255 accept</PRE
 ></FONT
 ></TD
 ></TR
@@ -11613,8 +11618,10 @@ table ip6 filter {
 	chain input {
 		 type filter hook input priority 1;
 		 icmpv6 type echo-request counter packets 0 bytes 0 accept
-		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
-		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 1 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
 	}
 }</PRE
 ></FONT

LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx

@@ -12898,10 +12898,32 @@ Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-
 
 \begin_layout Code
 
-# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-adv
-ert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter
- input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert
- } ip6 hoplimit 255 accept
+# nft add rule ip6 filter input icmpv6 type
+\end_layout
+
+\begin_layout Code
+
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+\end_layout
+
+\begin_layout Code
+
+¬  ip6 hoplimit 1 accept
+\end_layout
+
+\begin_layout Code
+
+# nft add rule ip6 filter input icmpv6 type
+\end_layout
+
+\begin_layout Code
+
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+\end_layout
+
+\begin_layout Code
+
+¬  ip6 hoplimit 255 accept
 \end_layout
 
 \begin_layout Standard
@@ -13012,14 +13034,22 @@ table ip6 filter {
 
 \begin_layout Code
 
-		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
- nd-router-advert} accept
+		 ip6 hoplimit 1 icmpv6 type
 \end_layout
 
 \begin_layout Code
 
-		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
- nd-router-advert} accept
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+\end_layout
+
+\begin_layout Code
+
+		 ip6 hoplimit 255 icmpv6 type
+\end_layout
+
+\begin_layout Code
+
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
 \end_layout
 
 \begin_layout Code

LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml

@@ -2003,7 +2003,12 @@ Chain intOUT (1 references)
 <![CDATA[# nft add rule ip filter input icmp type { echo-request } counter accept 
 # nft add rule ip6 filter input icmpv6 type echo-request counter accept 
 ]]></screen><para>Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-Prüfung (erhöht die Sicherheit)</para><screen>
-<![CDATA[# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept
+<![CDATA[# nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 1 accept
+# nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 255 accept
 ]]></screen><para>Erlauben von eingehenden SSH-Verbindungen für IPv4 und IPv6 unter Nutzung der IP-Version unabhängigen Tabelle &ldquo;inet&rdquo;</para><screen>
 <![CDATA[# nft add rule inet filter input tcp dport 22 ct state new tcp flags \& \(syn \| ack\) == syn counter accept
 ]]></screen></sect3><sect3>
@@ -2022,8 +2027,10 @@ table ip6 filter {
 	chain input {
 		 type filter hook input priority 1;
 		 icmpv6 type echo-request counter packets 0 bytes 0 accept
-		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
-		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 1 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
 	}
 }
 ]]></screen><para>Tabelle für IP unabhängigen Filter</para><screen>

LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html

@@ -11659,7 +11659,12 @@ WIDTH="100%"
 COLOR="#000000"
 ><PRE
 CLASS="SCREEN"
-># nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept</PRE
+># nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 1 accept
+# nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 255 accept</PRE
 ></FONT
 ></TD
 ></TR
@@ -11730,8 +11735,10 @@ table ip6 filter {
 	chain input {
 		 type filter hook input priority 1;
 		 icmpv6 type echo-request counter packets 0 bytes 0 accept
-		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
-		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 1 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
 	}
 }</PRE
 ></FONT

LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml

@@ -2010,7 +2010,12 @@ Chain intOUT (1 references)
 <![CDATA[# nft add rule ip filter input icmp type { echo-request } counter accept 
 # nft add rule ip6 filter input icmpv6 type echo-request counter accept 
 ]]></screen><para>Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit for security</para><screen>
-<![CDATA[# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept
+<![CDATA[# nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 1 accept
+# nft add rule ip6 filter input icmpv6 type
+¬  { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬  ip6 hoplimit 255 accept
 ]]></screen><para>Allow incoming SSH for IPv4 and IPv6, using therefore the IP version aware table &ldquo;inet&rdquo;</para><screen>
 <![CDATA[# nft add rule inet filter input tcp dport 22 ct state new tcp flags \& \(syn \| ack\) == syn counter accept
 ]]></screen></sect3><sect3>
@@ -2029,8 +2034,10 @@ table ip6 filter {
 	chain input {
 		 type filter hook input priority 1;
 		 icmpv6 type echo-request counter packets 0 bytes 0 accept
-		 ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
-		 ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 1 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+		 ip6 hoplimit 255 icmpv6 type
+¬         { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
 	}
 }
 ]]></screen><para>Table for IP version aware filter</para><screen>

LDP/users/Peter-Bieringer/lyxcodelinewrapper.pl

@@ -26,7 +26,7 @@
 # Known limitations:
 #  * Code lines containing LyX tags are currently not supported and skipped
 
-my $lyx_format_supported = "345";
+my $lyx_format_supported = "474";
 
 sub print_long_line ($);