On 09/08/2018 16:55, Dave Turvene - Work wrote:
On 06/08/2018 22:07, Dave Turvene - Work wrote:
Greetings -
I cleaned up the documentation in
https://openwrt.org/docs/guide-user/base-system/log.essentials
as a prelude to adding a section on iptable logging rules. The wiki
source just has the following snippet:
"pagequery>@:docs:guide-user:firewall:netfilter-iptables *"
How do I go about adding a page under (git directory?)
netfilter-iptables so I can document my iptable logging chains/rules?
Thanks,
David Turvene
you can create the new page by writing the link to it in the browser and
then editing the page you land in.
For example this is a link to a page called "asdadasd"
https://openwrt.org/docs/guide-user/services/automation/asdasdasd
Which does not exist yet. Click on the pencil button on the right to
edit/create it.
You can write the link however you like and it will land in the same
"there is no page yet" page and you will be able to create a page there.
https://openwrt.org/docs/guide-user/services/automation/domoticz_another_page
The page made with that link will then appear automatically in the
"automation" category in other pages that show all pages from a specific
category, like here
https://openwrt.org/docs/guide-user/services/automation/start
We actually discussed wiki plugins to let people add new pages with a
more intuitive way here
https://forum.openwrt.org/t/lede-openwrt-wiki-merge/10861/108 but I
didn't yet find the time to do that.
-Alberto
Thanks, I added a page to the firewall configuration section:
https://openwrt.org/docs/guide-user/firewall/iptables-log-forwarded-packets
and then I looked at other pages in the firewall section. Many, if not
most, are very old and no longer a good way to set up the firewall.
I started adding a warning to those pages I KNOW are inaccurate but that
became tedious - especially considering some of the pages are still
valid but there is a better/less-difficult mechanism. One repeated
issue I see is the openwrt firewall3 (fw3) user-space executable has
replaced the need for still-referenced but un-supported executables used
to generate iptable chains/rules (fwBuilder, Essence, Shorewall).
Many of the iptable shell scripts are suspicious, confusing, or specific
to a device configuration - and appear to be from the freifunk effort.
There are several references to ebtables and nftables - one appears to
be deprecated and one not integrated. All the netfilter kernel modules
and openwrt packages are concisely documented for the 2.6.32 kernel.
So there is a good amount of work to clean up the firewall section -
which is central to the purpose of openwrt. I'm willing to clean it up
but not through-the-web. I would use emacs to edit multiple markup
pages quickly.
Maybe it's better to leave this section alone for historical purposes
and with a deprecation warning like the old wiki.openwrt.org pages?
David Turvene
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Yeah I saw that. Wiki maintainers are notified of each edit in the wiki.
Looks good, follows wiki guidelines.
I cannot say how good it actually is, as I don't know much about manual
firewall usage.
That said, many thanks for volunteering to do a cleanup, I know it's not
trivial,
and it needs someone that actually *knows* how to use the firewall in
the first place,
which isn't a so common skill apparently.
I'd say you can go ahead, afaik there is nothing that really *needs* to
be saved in the firewall section.
Pretty much all current firewall documentation was cloned from the old wiki
(which is now the read-only wiki.openwrt.org), and was at best split up
or re-arranged a bit by me.
You can easily check this for yourself, if it's already in the old wiki
(and it's obsolete stuff) it can be safely removed.
People can still access the original legacy info from the old read-only
wiki,
if they need legacy info.
-Alberto
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
