--- Tom Eastep <[EMAIL PROTECTED]> wrote:
> Simon Matter wrote:
>
> >
> > The issue is not Gentoo specific. With rpm based
> distributions, rpm
> > doesn't even try to merge configs. I have my own
> script to do that so I
> > always have the original header after an upgrade.
> Your idea with includes
> > sounds like a possible solution. Maybe there are
> other solutions as well,
> > let's wait for more people to think about.
> >
>
> My preferred solution is to remove documentation
> from the config files entirely
> and move it somewhere else. I see no point in having
> the conf files INCLUDE the
> documentation or vice versa.
>
> My second choice would be to include Simon's script
> (or a flavor of that script)
> in the product and allow users to generate
> configuration files that have
> documentation in them.
Just a thought but maybe most of the comments in the
config files could be moved to separate documentation
files. However, I think it is very useful especially
during upgrades to have a quick overview of available
parameters and general format (such as number of
columns which may vary between versions).
A trimmed rules file could look something like this:
# Shorewall version X
# Columns are:
#
# ACTION
# ACCEPT
# ACCEPT+
# NONAT
# DROP
# REJECT
# DNAT
# DNAT-
# SAME
# SAME-
# REDIRECT
# REDIRECT-
# CONTINUE
# LOG
# QUEUE
# <action>
# <macro>
#
# SOURCE
# [<zone>][:<interface>][:<address>]
#
# DEST
# [<zone>][:<address>]
#
# PROTO
# <protocol name or number>
#
# DEST PORT(S)
# <port>
#
# CLIENT PORT(S) (Optional)
# <port>
#
# ORIGINAL DEST (0ptional)
# <address>
#
# RATE LIMIT
# <rate>/<interval>[:<burst>]
#
# USER/GROUP
# [!][<user name or number>][:<group name or
number>][+<program name>]
#
#ACTION SOURCE DEST PROTO DEST SOURCE
ORIGINAL RATE
USER/
# PORT PORT(S) DEST
LIMIT GROUP
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO
NOT REMOVE
It's more like keeping general synopsis so that people
know at a glance what changed and where.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
