[blfs-book] r9351 - in trunk/BOOK: introduction/welcome networking/connect postlfs/filesystems postlfs/security

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Fri Feb 10 10:58:08 PST 2012


Author: bdubbs
Date: 2012-02-10 11:58:04 -0700 (Fri, 10 Feb 2012)
New Revision: 9351

Modified:
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/networking/connect/dhcp-client.xml
   trunk/BOOK/postlfs/filesystems/aboutraid.xml
   trunk/BOOK/postlfs/security/firewalling.xml
Log:
Add a reference on maintaining a RAID system.
Minor updates to firewall script.
Fix instructions for creating dhclient version of ifconfig.eth0.


Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2012-02-10 18:30:44 UTC (rev 9350)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2012-02-10 18:58:04 UTC (rev 9351)
@@ -45,6 +45,17 @@
       <para>February 11th, 2012</para>
       <itemizedlist>
         <listitem>
+          <para>[bdubbs] - Add a reference on maintaining a RAID system.</para>
+        </listitem>
+        <listitem>
+          <para>[bdubbs] - Minor updates to firewall script. Fixes 
+          <ulink url="&blfs-ticket-root;2813">#2813</ulink>.</para>
+        </listitem>
+        <listitem>
+          <para>[bdubbs] - Fix instructions for creating dhclient version of
+          ifconfig.eth0. Fixes <ulink url="&blfs-ticket-root;3272">#3272</ulink>.</para>
+        </listitem>
+        <listitem>
           <para>[ken] - merge metacity-2.34.1 from Wayne, but move it into the gnome
           part of the book because it can no longer be run without the gnome daemons.
           </para>

Modified: trunk/BOOK/networking/connect/dhcp-client.xml
===================================================================
--- trunk/BOOK/networking/connect/dhcp-client.xml	2012-02-10 18:30:44 UTC (rev 9350)
+++ trunk/BOOK/networking/connect/dhcp-client.xml	2012-02-10 18:58:04 UTC (rev 9351)
@@ -48,7 +48,7 @@
 <screen role='root'><userinput>make install-service-dhclient</userinput></screen>
 
     <para id="dhclient-config1">Next, create the
-    <filename>/etc/sysconfig/ifconfig.eth0/dhclient</filename>
+    <filename>/etc/sysconfig/ifconfig.eth0</filename>
     configuration file with the following commands as the <systemitem
     class="username">root</systemitem> user.  Adjust as
     necessary for additional interfaces:</para>
@@ -57,8 +57,7 @@
       <primary sortas="e-etc-sysconfig-...-dhclient">/etc/sysconfig/ifconfig.eth0</primary>
     </indexterm>
 
-<screen role='root'><userinput>install -v -d /etc/sysconfig/ifconfig.eth0 &&
-cat > /etc/sysconfig/ifconfig.eth0/dhclient << "EOF"
+<screen role='root'><userinput>cat > /etc/sysconfig/ifconfig.eth0 << "EOF"
 <literal>ONBOOT="yes"
 IFACE="eth0"
 SERVICE="dhclient"

Modified: trunk/BOOK/postlfs/filesystems/aboutraid.xml
===================================================================
--- trunk/BOOK/postlfs/filesystems/aboutraid.xml	2012-02-10 18:30:44 UTC (rev 9350)
+++ trunk/BOOK/postlfs/filesystems/aboutraid.xml	2012-02-10 18:58:04 UTC (rev 9351)
@@ -175,6 +175,11 @@
    <para>For further options and management details of RAID devices, refer to
    <userinput>man mdadm</userinput>.</para>
 
+   <para>Additional details for monitoring RAID arrays and dealing with
+   problems can be found at the <ulink
+   url="https://raid.wiki.kernel.org/index.html">Linux RAID
+   Wiki</ulink>.</para>
+
   </sect2>
 
 </sect1>

Modified: trunk/BOOK/postlfs/security/firewalling.xml
===================================================================
--- trunk/BOOK/postlfs/security/firewalling.xml	2012-02-10 18:30:44 UTC (rev 9350)
+++ trunk/BOOK/postlfs/security/firewalling.xml	2012-02-10 18:58:04 UTC (rev 9351)
@@ -329,7 +329,7 @@
 # Disable ICMP Redirect Acceptance
 echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
 
-# Don¹t send Redirect Messages
+# Don't send Redirect Messages
 echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
 
 # Drop Spoofed Packets coming in on an interface where responses
@@ -494,11 +494,11 @@
         <listitem>
           <para>To log and drop invalid packets (packets
           that came in after netfilter's timeout or some types of
-          network scans):</para>
+          network scans) insert these rules at the top of the chain:</para>
 
-<screen><literal>iptables -I INPUT -p tcp -m state --state INVALID \
+<screen><literal>iptables -I INPUT 0 -p tcp -m state --state INVALID \
   -j LOG --log-prefix "FIREWALL:INVALID "
-iptables -I INPUT -p tcp -m state --state INVALID -j DROP</literal></screen>
+iptables -I INPUT 1 -p tcp -m state --state INVALID -j DROP</literal></screen>
 
         </listitem>
         <listitem>




More information about the blfs-book mailing list