On 11/4/10 12:10 PM, wfdudley wrote: > Tom, > > Thanks for your reply. I've been mulling this over since then. > > I'm not sure what "pulled all documentation from the up-stream config > files in favor of man pages" means, but when I type "man shorewall-rules" > I get the helpful message "man: not found", so that's "a fail", in the current > parlance. I understand that's somebody else's problem, but it's still broken. > > So the answer to my initial query appears to be that in order to configure a > LEAF/Bering/Shorewall router firewall, one has to read all the man pages > for the 30 or so configuration files, plus have a solid understanding of the > particular version of ip filtering that is on that week's version of Linux. >
As Shorewall is released from shorewall.net, smart first-time users: a) Go to shorewall.net b) Click on the "Getting started with Shorewall" link. c) Click on the "Quickstart Guide" link. d) Follow the instructions. Note: I'm uncertain if the LEAF developers package the sample configurations on which those instructions are based. They may have omitted them for the same reason that they omitted the man pages. I believe that at the outset, you said that you wanted to do proxy arp subnetting. For that you need to disable masquerading for the proxy arp subnet (that's /etc/shorewall/masq) and set the 'proxyarp' option on the involved network interfaces. -Tom PS -- Linux has had the same "ip filtering" for the last 10 years which is only one year longer than Shorewall has been around. -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book "Blueprint to a Billion" shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev
------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
