Flag iptables doc as outdated

- Place a large caution box at the top of the file, warning
  users of the outdated information on the page and directing
  them to the more current "Using firewalld" quick doc.

- Drop the second and third iptables section partials entirely,
  as it's been years since either 'system-config-firewall' or
  'system-config-firewall-tui' has been available in the repos.

modules/ROOT/pages/_partials/iptables-gui.adoc

@@ -1,85 +0,0 @@
-= Graphical User Interface
-
-There are several graphical user interfaces available to configure iptables.
-
-* link:http://www.fwbuilder.org/_fwbuilder[fwbuilder]: Very complete GUI tools
-  to configure iptables.
-* link:http://shorewall.net/_Shorewall[Shorewall]: Another very complete GUI
-  like fwbuilder.
-* link:http://www.turtlefirewall.com/_Turtle_firewall_project[Turtle firewall
-  project]: Web interface and integrated to webmin. But it can not handle all
-  iptables options.
-* link:http://users.telenet.be/stes/ipmenu.html_IPmenu[IPmenu] :A console based
-  interface that covers all iptables functionality.
-
-The following section describes yet another frontend: `system-config-firewall`.
-
-== system-config-firewall
-
-The GUI interface is similar to the text based interface just more friendly.
-
-The first time you start the GUI you will receive a warning. The program will
-*not* load your custom configuration. So any preexisting rules will be
-overwritten.
-
-image:Firewall_GUI_First_Time_Startup.PNG[First time
-startup message,title="fig:First time startup message"]
-
-Before you start, you have to enable your firewall to activate the
-configuration utility.
-
-image:FireWwall_GUI_startup.PNG[Firewall Gui startup
-screen,title="Firewall Gui startup screen"]
-
-The initial configuration is empty and will not allow any network traffic.
-
-image:No_configuration.PNG[No firewall
-configuration,title="No firewall configuration"]
-
-You can ignore the warning and start the wizard. Click _forward_:
-
-image:Firewall_Wizard.PNG[Firewall Wizard : welcome
-screen,title="Firewall Wizard : welcome screen"]
-
-Choose _System with network access_ to enable the firewall. The other option
-_System without network access_ would disable the firewall and don't allow
-access to any network.
-
-image:Firewall_Wizard_2.PNG[Firewall Wizard : network
-access?,title="Firewall Wizard : network access?"]
-
-Next, you have to choose your skill level. The *Beginner* options only
-allows the configuration of _trusted services_. This option is fine if you only
-want to use services like _ftp_, _dns_, _http_, etc. It does not allow you to
-configure customs port ranges.  If you select *Expert*, you will have access to
-firewall options. You can change the skill level later via _Options_ in the
-main window.
-
-image:Firewall_Wizard_3.PNG[Firewall Wizard :
-skill?,title="Firewall Wizard : skill?"]
-
-You can choose from a set of default configurations to start with. The *Server*
-template will only enable SSH on the firewall. The _desktop template_ enables
-additional ports (_IPsec_, _multicast DNS_, _Network Printing Client_ and
-_SSH_). For convenience select *Desktop* and continue:
-
-image:Firewall_Wizard_4.PNG[Firewall Wizard : configuration
-base?,title="Firewall Wizard : configuration base?"]
-
-To enable additional _trusted services_ just choose the services from the list.
-
-image:Firewall_Wizard_5.PNG[Firewall Main interface :
-enabled,title="Firewall Main interface : enabled"]
-
-You can add custom rules after choosing *Other ports* from the side bar. Click
-the *Add* button and either choose form services list on the right or tick
-*User Defined* and fill in the requested information.
-
-image:Firewall_GUI_other_ports.PNG[Firewall GUI : edit other ports
-rules.,title="Firewall GUI : edit other ports rules."]
-
-The other options in the sidebar *Trusted Interfaces*, *Masquerading*, *Port
-Forwarding* and so on work exactly as in the text based interface.
-
-When you finished the configuration, click *Apply* to save and activate the
-firewall.

modules/ROOT/pages/_partials/iptables-tui.adoc

@@ -1,98 +0,0 @@
-= Text-based User Interface
-
-There are two ways to manage iptables rules using a text-based user
-interface. These are `setup` and `system-config-firewall-tui`. If you start
-`setup`, you will see something similar to the following:
-
-image:Firewall-tui.PNG[setup menu
-utility,title="setup menu utility",width=700]
-
-If you select "Firewall configuration" you will see the screen below. You could
-also invoke `system-config-firewall-tui`. This will take you directly to the
-same screen. Make sure that "Firewall" is enabled, otherwise you cannot edit its
-rule set. Continue by selecting "Customize":
-
-image:First_menu_firewall_tui.PNG[Firewall Configuration by TUI. First
-screen.,title="Firewall Configuration by TUI. First screen.",width=700]
-
-There is a good chance, that a service you want to modify is part of the
-list of standard "trusted services". Select the services you want to
-trust (i.e. open their ports) and press "Forward". (This has to be read as
-"next", it has nothing to do with port forwarding):
-
-image:Firewall_TUI_Trusted_services.PNG[Editing trusted service with
-firewall tui
-interface.,title="Editing trusted service with firewall tui interface.",width=700]
-
-The "Other ports" menu lets you open additional ports which are not in the list
-of standard trusted services:
-
-image:Firewall_TUI_other_ports.PNG[Editing Other ports on firewall
-configuration by TUI
-interface.,title="Editing Other ports on firewall configuration by TUI interface.",width=700]
-
-To add other ports, specify one port or a port range. Choose between
-_tcp_ and _udp_ for the protocol. The port range format is: _beginningPort
-- endingPort_.
-
-The "Trusted interfaces" menu allows you to trust all traffic on a network
-interface. All traffic will be allowed and the port filtering rules will
-never apply. You should only select interfaces which face private
-networks. Never trust an interface that deals with traffic from networks which
-are not under your full control.
-
-image:Firewall_TUI_trusted_interfaces.PNG[Trusted
-interfaces.,title="Trusted interfaces.",width=700]
-
-The masquerading menu lets you select an interface to be masqueraded.
-Masquerading is better known as
-*https://en.wikipedia.org/wiki/Network_address_translation[NAT]* (Network
-Address Translation). It is useful, to setup your computer as a gateway
-between different networks:
-
-image:Firewall_TUI_masquerading.PNG[Firewall TUI interface :
-masquerading.,title="Firewall TUI interface : masquerading.",width=700]
-
-Port forwarding, also known as
-*https://en.wikipedia.org/wiki/Network_address_translation#Port_address_translation[PAT]*
-(Port Address Translation), permits traffic from one port to be "rerouted" to
-another port.
-
-image:Firewall_TUI_Port_Forwarding.PNG[Firewall TUI interface :
-configuring Port
-Forwarding.,title="Firewall TUI interface : configuring Port Forwarding.",width=700]
-
-You have to specify source and destination, as well as the interface and protocol
-accordingly:
-
-image:Firewall_TUI_Port_Forwarding_Adding.PNG[Firewall TUI : adding port
-forwarding
-rules.,title="Firewall TUI : adding port forwarding rules.",width=700]
-
-The ICMP Filter menu lets you reject various types of ICMP packets. By
-default, no limitations are made. You may define rules to reject
-ICMP traffic, define the return type to ICMP request, etc.
-
-image:Firewall_TUI_ICMP_Filter.PNG[Firewall TUI: configuring ICMP
-behaviour.,title="Firewall TUI: configuring ICMP behaviour.",width=700]
-
-Finally, you can add custom firewall rules. These must be prepared ahead
-of time in files that use the same format for the command line interface.
-
-image:Firewall_TUI_Custom_Rules.PNG[Firewall TUI: create custom
-rules.,title="Firewall TUI: create custom rules.",width=700]
-
-For adding custom rules you have specify the protocol (i.e. _ipv4_ or
-_ipv6_) and the table you want your rules add to (_filter_, _mangle_, _nat_,...)
-and - of course - the file containing your rules:
-
-image:Firewall_TUI_Custom_Rules_Adding.PNG[Firewall TUI: adding a custom
-rules.,title="Firewall TUI: adding a custom rules.",width=700]
-
-When you have completed all menus, choose "Close" to resume to the first screen.
-Select "OK" and confirm your changes by choosing "Yes". If you choose "No" you
-will get back the configuration screen with no changes applied to your
-firewall.
-
-image:Firewall_TUI_Warning.PNG[Firewall TUI
-warning.,title="Firewall TUI warning.",width=700]

modules/ROOT/pages/how-to-edit-iptables-rules.adoc

@@ -1,14 +1,23 @@
 = How to edit iptables rules
 
-In this how-to, we will illustrate three ways of editing iptables rules, via:
+.Outdated information
+[CAUTION]
+====
+A newer, more flexible access control service, firewalld,
+is now the default firewall manager for Fedora/CentOS.
+For most regular users' needs,
+firewalld has eliminated the need to edit iptables rules directly.
 
-* Command line interface (CLI): `iptables` and system configuration file `/etc/sysconfig/iptables`.
-* Text-based interfaces (TUI): `setup` or `system-config-firewall-tui`
-* Graphical user interface(GUI): `system-config-firewall`
+You may wish to read the <<firewalld.adoc#,Using firewalld>> Quick Doc instead of this document,
+as the information provided here is no longer current.
+It is preserved mainly for historical interest.
+====
 
-NOTE: This how-to illustrates editing existing iptables rules, not the
-initial creation of rules chains.
+In this how-to, we will illustrate how to edit iptables rules
+using the `iptables` command and the system configuration file
+`/etc/sysconfig/iptables`.
+
+NOTE: This how-to illustrates editing existing iptables rules,
+not the initial creation of rules chains.
 
 include::{partialsdir}/iptables-cli.adoc[leveloffset=+1]
-include::{partialsdir}/iptables-tui.adoc[leveloffset=+1]
-include::{partialsdir}/iptables-gui.adoc[leveloffset=+1]