summaryrefslogtreecommitdiff
path: root/docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po
diff options
context:
space:
mode:
authorrebortg <github@ghlr.de>2022-10-24 21:49:31 +0200
committerrebortg <github@ghlr.de>2022-10-24 21:49:31 +0200
commitb18aa2f9d853b92e193269a53c1b00c9f48dd73f (patch)
treef5b33453ef9ffcbe6567ce9220a785fdc8236220 /docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po
parent99ccd5cd0e0ac2efdc50f3eda88744601a0a996a (diff)
downloadvyos-documentation-b18aa2f9d853b92e193269a53c1b00c9f48dd73f.tar.gz
vyos-documentation-b18aa2f9d853b92e193269a53c1b00c9f48dd73f.zip
migrate to new transifex client
Diffstat (limited to 'docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po')
-rw-r--r--docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po323
1 files changed, 0 insertions, 323 deletions
diff --git a/docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po b/docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po
deleted file mode 100644
index 7ae4c684..00000000
--- a/docs/_locale/de_DE/LC_MESSAGES/configexamples/zone-policy.po
+++ /dev/null
@@ -1,323 +0,0 @@
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) 2021, VyOS maintainers and contributors
-# This file is distributed under the same license as the VyOS package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-#
-#, fuzzy
-msgid ""
-msgstr ""
-"Project-Id-Version: VyOS 1.4\n"
-"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-10-21 12:01+0200\n"
-"PO-Revision-Date: 2022-10-21 10:05+0000\n"
-"Language-Team: German (Germany) (https://www.transifex.com/vyos/teams/155110/de_DE/)\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Language: de_DE\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-
-#: ../../configexamples/zone-policy.rst:6 3c76f26421954ac884480d0cffe55150
-msgid "Zone-Policy example"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:8 b000af62a2ff45e3bea0983ff08c6ca9
-msgid ""
-"In :vytask:`T2199` the syntax of the zone configuration was changed. The "
-"zone configuration moved from ``zone-policy zone <name>`` to ``firewall zone"
-" <name>``."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:13 518ed4192332498b988ad701dbe4ae94
-msgid "Native IPv4 and IPv6"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:15 e785499caee9483ebbfa8fea63bd3f60
-msgid "We have three networks."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:24 d5184c69966f41c5acd57ba576316df4
-msgid ""
-"**This specific example is for a router on a stick, but is very easily "
-"adapted for however many NICs you have**:"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:28 dc181a02a98a45da8888bc017de3ea1f
-msgid "Internet - 192.168.200.100 - TCP/80"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:29 4e066389682c40048d57dec2c83a5aae
-msgid "Internet - 192.168.200.100 - TCP/443"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:30 99c22b93805b4a9d97c17590c0d1ff93
-msgid "Internet - 192.168.200.100 - TCP/25"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:31 98671bd795584e58ab09f67a17c41bf1
-msgid "Internet - 192.168.200.100 - TCP/53"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:32 132e6aa544e14ab68d588186821b0cf1
-msgid "VyOS acts as DHCP, DNS forwarder, NAT, router and firewall."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:33 378d3439fdd441d0b598dee31369da95
-msgid ""
-"192.168.200.200/2001:0DB8:0:BBBB::200 is an internal/external DNS, web and "
-"mail (SMTP/IMAP) server."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:35 45a4384bc0fc4bd1a25c98a27c2a81ce
-msgid ""
-"192.168.100.10/2001:0DB8:0:AAAA::10 is the administrator's console. It can "
-"SSH to VyOS."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:37 5cc8e033a70c48bcbc424e36c169c4af
-msgid "LAN and DMZ hosts have basic outbound access: Web, FTP, SSH."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:38 7345f3e3a5874d65b6922d88f3117ecd
-msgid "LAN can access DMZ resources."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:39 2413bb4e87ee4a92922530672b633c3c
-msgid "DMZ cannot access LAN resources."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:40 604e13042cc6421fa69f297748ae55ab
-msgid "Inbound WAN connect to DMZ host."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rstNone c296c8f6b6874d18872c119a8cc8ee57
-msgid "Network Topology Diagram"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:47 8aacd45be8534832803d7d08a1a8b19d
-msgid ""
-"The VyOS interface is assigned the .1/:1 address of their respective "
-"networks. WAN is on VLAN 10, LAN on VLAN 20, and DMZ on VLAN 30."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:50 5e0f72b4b2db4789ac8dd371ba669517
-msgid "It will look something like this:"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:79 74742cf5724e4f2cb3049240b8b10f52
-msgid "Zones Basics"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:81 634e5b24c3f749cc9428984dd8206b28
-msgid ""
-"Each interface is assigned to a zone. The interface can be physical or "
-"virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the "
-"same."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:85 6224d85ed139427b8bec0f53015beeb3
-msgid ""
-"Traffic flows from zone A to zone B. That flow is what I refer to as a zone-"
-"pair-direction. eg. A->B and B->A are two zone-pair-destinations."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:88 8cfb35f32511467cb39a75b1d6cd9548
-msgid "Ruleset are created per zone-pair-direction."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:90 ab2f3b9301084a50ac3c4342abfc2cfa
-msgid ""
-"I name rule sets to indicate which zone-pair-direction they represent. eg. "
-"ZoneA-ZoneB or ZoneB-ZoneA. LAN-DMZ, DMZ-LAN."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:93 c7c352c3ba8341ee9563ded10b507dd9
-msgid ""
-"In VyOS, you have to have unique Ruleset names. In the event of overlap, I "
-"add a \"-6\" to the end of v6 rulesets. eg. LAN-DMZ, LAN-DMZ-6. This allows "
-"for each auto-completion and uniqueness."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:97 c0ee89a6de5b40e8b7b1f41327938ce7
-msgid ""
-"In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the"
-" firewall itself."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:100 25d67004a0b34f2d80fe07eb586b31eb
-msgid ""
-"If your computer is on the LAN and you need to SSH into your VyOS box, you "
-"would need a rule to allow it in the LAN-Local ruleset. If you want to "
-"access a webpage from your VyOS box, you need a rule to allow it in the "
-"Local-LAN ruleset."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:105 074031ebe23742cf9ab553c1d3c89851
-msgid ""
-"In rules, it is good to keep them named consistently. As the number of rules"
-" you have grows, the more consistency you have, the easier your life will "
-"be."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:123 36212be96d234f809e3aa0635b224e23
-msgid ""
-"The first two rules are to deal with the idiosyncrasies of VyOS and "
-"iptables."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:126 cdaf927567ba470a843b6daed8e148a5
-msgid ""
-"Zones and Rulesets both have a default action statement. When using Zone-"
-"Policies, the default action is set by the zone-policy statement and is "
-"represented by rule 10000."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:130 b923769f3fa648cabd265468da6f0ed8
-msgid ""
-"It is good practice to log both accepted and denied traffic. It can save you"
-" significant headaches when trying to troubleshoot a connectivity issue."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:134 8cdbfa157d0c40c5aaa5ce98e2e10eba
-msgid "To add logging to the default rule, do:"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:141 8370b1669e3244a6a370ab9344a5e114
-msgid ""
-"By default, iptables does not allow traffic for established sessions to "
-"return, so you must explicitly allow this. I do this by adding two rules to "
-"every ruleset. 1 allows established and related state packets through and "
-"rule 2 drops and logs invalid state packets. We place the "
-"established/related rule at the top because the vast majority of traffic on "
-"a network is established and the invalid rule to prevent invalid state "
-"packets from mistakenly being matched against other rules. Having the most "
-"matched rule listed first reduces CPU load in high volume environments. "
-"Note: I have filed a bug to have this added as a default action as well."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:152 b98728b4c0444251a8ddd9aae0061313
-msgid ""
-"''It is important to note, that you do not want to add logging to the "
-"established state rule as you will be logging both the inbound and outbound "
-"packets for each session instead of just the initiation of the session. Your"
-" logs will be massive in a very short period of time.''"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:157 5731588a00a1445aae957e1dfca6f6a9
-msgid ""
-"In VyOS you must have the interfaces created before you can apply it to the "
-"zone and the rulesets must be created prior to applying it to a zone-policy."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:161 214fa70e97f947ecb6bcb6ee8a95f7d7
-msgid ""
-"I create/configure the interfaces first. Build out the rulesets for each "
-"zone-pair-direction which includes at least the three state rules. Then I "
-"setup the zone-policies."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:165 ff4bfdb0fea6403bbb05ec6ea9fa65b7
-msgid ""
-"Zones do not allow for a default action of accept; either drop or reject. It"
-" is important to remember this because if you apply an interface to a zone "
-"and commit, any active connections will be dropped. Specifically, if you are"
-" SSH’d into VyOS and add local or the interface you are connecting through "
-"to a zone and do not have rulesets in place to allow SSH and established "
-"sessions, you will not be able to connect."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:172 217de4fa5abe448d8c381c002f97e539
-msgid ""
-"The following are the rules that were created for this example (may not be "
-"complete), both in IPv4 and IPv6. If there is no IP specified, then the "
-"source/destination address is not explicit."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:226 68c0c6d0b20b468f99608f851ae72f5f
-msgid "Since we have 4 zones, we need to setup the following rulesets."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:243 5b84e1b04a934648956fa3d46c7d7ab3
-msgid ""
-"Even if the two zones will never communicate, it is a good idea to create "
-"the zone-pair-direction rulesets and set enable-default-log. This will allow"
-" you to log attempts to access the networks. Without it, you will never see "
-"the connection attempts."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:248 633e0ef63aa44eb68b1f92674e715140
-msgid "This is an example of the three base rules."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:272 617108f6e8a04def8d089d3373c5fdc4
-msgid "Here is an example of an IPv6 DMZ-WAN ruleset."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:345 a17a13e6dca3416fb9c3d5fa95aff51b
-msgid ""
-"Once you have all of your rulesets built, then you need to create your zone-"
-"policy."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:348 2570cdfd598542d4ab4b7e38b8fb7d1e
-msgid "Start by setting the interface and default action for each zone."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:355 ac4dd0fd6ee24b81a3d208db070b0029
-msgid ""
-"In this case, we are setting the v6 ruleset that represents traffic sourced "
-"from the LAN, destined for the DMZ. Because the zone-policy firewall syntax "
-"is a little awkward, I keep it straight by thinking of it backwards."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:364 ded641d51758415e9f0cf27ae1e9b3c4
-msgid ""
-"DMZ-LAN policy is LAN-DMZ. You can get a rhythm to it when you build out a "
-"bunch at one time."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:367 f3adf536211a4f12817bf30695b1b65f
-msgid ""
-"In the end, you will end up with something like this config. I took out "
-"everything but the Firewall, Interfaces, and zone-policy sections. It is "
-"long enough as is."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:373 d4a2cf9526ec4602822a592145060277
-msgid "IPv6 Tunnel"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:375 44a092c185cb4956b7b4bec83f6da9b6
-msgid ""
-"If you are using a IPv6 tunnel from HE.net or someone else, the basis is the"
-" same except you have two WAN interfaces. One for v4 and one for v6."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:378 a9091d4fcd5b424088a2352f008d5947
-msgid ""
-"You would have 5 zones instead of just 4 and you would configure your v6 "
-"ruleset between your tunnel interface and your LAN/DMZ zones instead of to "
-"the WAN."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:382 eb7fd578bb60426f8d96fd0016a0d005
-msgid "LAN, WAN, DMZ, local and TUN (tunnel)"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:384 c4c7ca9af6244fcf9b0b9ff4ad49cd10
-msgid "v6 pairs would be:"
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:401 28572036af8b4fd4b48436a393b06d90
-msgid "Notice, none go to WAN since WAN wouldn't have a v6 address on it."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:403 0c5f292540b24741a12114027008fe61
-msgid ""
-"You would have to add a couple of rules on your wan-local ruleset to allow "
-"protocol 41 in."
-msgstr ""
-
-#: ../../configexamples/zone-policy.rst:406 36b65f4c07e644a7b2d18c4ca8639c83
-msgid "Something like:"
-msgstr ""