r3343 - trunk/BOOK/postlfs/security

randy at linuxfromscratch.org randy at linuxfromscratch.org
Wed Jan 26 18:31:08 PST 2005


Author: randy
Date: 2005-01-26 19:31:07 -0700 (Wed, 26 Jan 2005)
New Revision: 3343

Modified:
   trunk/BOOK/postlfs/security/iptables.xml
Log:
Added indexing tags to iptables

Modified: trunk/BOOK/postlfs/security/iptables.xml
===================================================================
--- trunk/BOOK/postlfs/security/iptables.xml	2005-01-27 01:41:14 UTC (rev 3342)
+++ trunk/BOOK/postlfs/security/iptables.xml	2005-01-27 02:31:07 UTC (rev 3343)
@@ -18,6 +18,9 @@
 </sect1info>
 <?dbhtml filename="iptables.html"?>
 <title>iptables-&iptables-version;</title>
+<indexterm zone="iptables">
+<primary sortas="a-Iptables">Iptables</primary>
+</indexterm>
 
 <para>The next part of this chapter deals with firewalls.  The principle
 firewall tool for Linux, as of the 2.4 kernel series, is
@@ -73,14 +76,6 @@
 &iptables-time;</para></listitem></itemizedlist>
 </sect3>
 
-<!-- <sect3><title>Additional downloads</title>
-<itemizedlist spacing='compact'>
-<listitem><para>Required Patch (fixes a build issue with 
-<application>linux</application>-2.6.7): <ulink 
-url="&patch-root;/iptables-&iptables-version;-build_fix-1.patch"/></para>
-</listitem>
-</itemizedlist></sect3> -->
-
 </sect2>
 
 <sect2>
@@ -89,9 +84,12 @@
 <para>Install <application>iptables</application> by running the following 
 commands:</para>
 
-<screen><userinput><command>make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin &&
-make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin install</command></userinput></screen>
+<screen><userinput><command>make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin</command></userinput></screen>
 
+<para>Now, as the root user:</para>
+
+<screen><userinput role='root'><command>make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin install</command></userinput></screen>
+
 </sect2>
 
 <sect2>
@@ -112,39 +110,73 @@
 <sect2>
 <title>Contents</title>
 
-<para>The <application>iptables</application> package contains 
-<command>iptables</command>, <command>iptables-restore</command>, 
-<command>iptables-save</command>, <command>ip6tables</command> 
-and the <filename class='libraryfile'>libip*.so</filename> library
-modules.</para>
+<segmentedlist>
+<segtitle>Installed Programs</segtitle>
+<segtitle>Installed Libraries</segtitle>
+<segtitle>Installed Directory</segtitle>
 
-</sect2>
+<seglistitem>
+<seg>iptables, iptables-restore, iptables-save and ip6tables</seg>
+<seg>libip6t_*.so and libipt_*.so</seg>
+<seg>/lib/iptables</seg>
+</seglistitem>
+</segmentedlist>
 
-<sect2><title>Description</title>
+<variablelist>
+<bridgehead renderas="sect3">Short Descriptions</bridgehead>
+<?dbfo list-presentation="list"?>
 
-<sect3><title>iptables</title>
-<para><command>iptables</command> is used to set up, maintain, and inspect the 
-tables of <acronym>IP</acronym> packet filter rules in the Linux kernel.</para>
-</sect3>
+<varlistentry id="iptables-prog">
+<term><command>iptables</command></term>
+<listitem><para>is used to set up, maintain, and inspect the tables of 
+<acronym>IP</acronym> packet filter rules in the Linux kernel.</para>
+<indexterm zone="iptables iptables-prog">
+<primary sortas="b-iptables">iptables</primary>
+</indexterm></listitem>
+</varlistentry>
 
-<sect3><title>iptables-restore, iptables-save</title>
-<para>These are used to save and to restore your elaborated set of chains and 
-rules. Until <application>iptables</application>-1.2.5, they were declared 
-experimental.</para>
-</sect3>
+<varlistentry id="iptables-restore">
+<term><command>iptables-restore</command></term>
+<listitem><para>is used to restore <acronym>IP</acronym> Tables from data 
+specified on <acronym>STDIN</acronym>. Use I/O redirection provided by your 
+shell to read from a file.</para>
+<indexterm zone="iptables iptables-restore">
+<primary sortas="b-iptables-restore">iptables-restore</primary>
+</indexterm></listitem>
+</varlistentry>
 
-<sect3 id="ip6tables" xreflabel="ip6tables"><title>ip6tables</title>
-<para>This is the same as <command>iptables</command> but for use with
-<acronym>IP</acronym>v6.  As of v1.2.5, it is not as complete as the standard 
-<acronym>IP</acronym>v4 version, especially with regard to some of the 
-modules.</para>
-</sect3>
+<varlistentry id="iptables-save">
+<term><command>iptables-save</command></term>
+<listitem><para>is used to dump the contents of an <acronym>IP</acronym> Table 
+in easily parseable format to <acronym>STDOUT</acronym>. Use I/O-redirection 
+provided by your shell to write to a file.</para>
+<indexterm zone="iptables iptables-save">
+<primary sortas="b-iptables-save">iptables-save</primary>
+</indexterm></listitem>
+</varlistentry>
 
-<sect3><title>libip*.so library modules</title>
-<para>These are various modules (implemented as dynamic libraries) which
-extend the core functionality of <command>iptables</command>.</para>
-</sect3>
+<varlistentry id="ip6tables">
+<term><command>ip6tables</command></term>
+<listitem><para>is used to set up, maintain, and inspect the tables of 
+<acronym>IP</acronym>v6 packet filter rules in the Linux kernel. Several 
+different tables may be defined. Each table contains a number of built-in 
+chains and may also contain user-defined chains.</para>
+<indexterm zone="iptables ip6tables">
+<primary sortas="b-ip6tables">ip6tables</primary>
+</indexterm></listitem>
+</varlistentry>
 
+<varlistentry id="libip-iptables">
+<term><filename class='libraryfile'>libip*.so</filename></term>
+<listitem><para>library modules are various modules (implemented as dynamic 
+libraries) which extend the core functionality of 
+<command>iptables</command>.</para>
+<indexterm zone="iptables libip-iptables">
+<primary sortas="c-libip-iptables">libip*.so</primary>
+</indexterm></listitem>
+</varlistentry>
+</variablelist>
+
 </sect2>
 
 </sect1>




More information about the blfs-book mailing list