Tom, Thanks for the docs you have written. I have tremendous respect for people who have actually written documentation. I know how much work it is as I have also contributed to projects.
I'm just dismayed at the lack of examples to guide me in getting this running. My ancient Dachstein/Eigerstein LRP was much easier to configure, and so is m0n0wall and pfSense, so I'm having difficulty with the learning curve. I don't *want* to be a firewall guru. I'm already guru in enough other things. > We eagerly await your contribution. First I have to figure out how to get it working. Since I have a day job, and need my firewall to be up to do anything, I don't have a lot of time to just f--- around with this experimenting and trying to get it to work. Bill Dudley On 11/4/10, Tom Eastep <teas...@shorewall.net> wrote: > On 11/4/10 6:11 PM, wfdudley wrote: >> I'll stop being grumpy now. >> >> I was just dismayed that the docs for this are, um, more diffuse that my >> old >> LRP install. >> >> I'd suggest that the floppy is way past it's time, and now its time to >> make a LRP >> release that assumes real storage, like a 250Meg CF card, or other solid >> state >> "disk drive". Then you can have the docs, a real editor, even a real GUI >> if >> somebody gets ambitious and codes it up. >> >> So: my REAL problem. >> >> My ISP (and my employer) gives me a block of 16 public IP addresses. >> xxx.xxx.xxx.16/28 >> xxx.xxx.xxx.17 is the pipeline >> xxx.xxx.xxx.18 is the WAN port on the firewall >> The LAN port is 192.168.1.254, for laptops, Winders boxes, other stuff >> without fixed >> address >> The DMZ port is xxx.xxx.xxx.16/28. The current LRP/Dachstein uses Proxy >> Arp >> (not bridging, I was mistaken, the m0n0wall does bridged firewall) so that >> the >> servers on the DMZ have some ports visible to the outside world. >> >> The shorewall docs say "use the three port example -- unless you've got >> multiple >> IPs, in which case, never mind, you'll have to read all the docs". >> I'm paraphrasing, >> obviously. This is about when I threw up my hands. >> >> I've been looking at >> http://www.shorewall.net/3.0/shorewall_setup_guide.htm just now, >> which is apparently *it* for documentation on my situation. > > If you happen to be running Shorewall 3.x; the last such Shorewall > release was in 2007. The current version of that doc is at > http://www.shorewall.net/shorewall_setup_guide.htm. > >> I find it >> both spends too >> much time on beginner stuff, like "what is an IP address", and doesn't >> have enough >> examples to make it easy for that same beginner. >> >> Anyway, a concise set of example shorewall config files would be a big >> help. >> >> I'll be happy to write a web page describing it all for the documentation >> pages >> if anybody is interested. > > There are over 100 articles in the index at > http://www.shorewall.net/Documentation_Index.html. > > We eagerly await your contribution. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book "Blueprint to a Billion" shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/