Update man pages for rp_filter fix

Shorewall/releasenotes.txt

@@ -203,12 +203,14 @@ Shorewall 4.4.5 Patch Release 1.
     d)  The ROUTE_FILTER option in shorewall.conf now accepts the
     	following values:
 
-	0 or Off - Shorewall sets net.ipv4.config.all.rp_filter to 0.
+	0 or Yes - Shorewall sets net.ipv4.config.all.rp_filter to 0.
-	1 or On  - Shorewall sets net.ipv4.config.all.rp_filter to 1.
+	1 or No  - Shorewall sets net.ipv4.config.all.rp_filter to 1.
 	2        - Shorewall sets net.ipv4.config.all.rp_filter to 2.
-	Empty	 - Shorewall does not change the setting of
+	Keep	 - Shorewall does not change the setting of
 	           net.ipv4.config.all.rp_filter if the kernel version
 		   is 2.6.31 or later.
+        
+	The default remains No.
 
     e)  The 'routefilter' interface option can have values 0,1 or 2. If
     	'routefilter' is specified without a value, the value 1 is

manpages/shorewall-interfaces.xml

@@ -499,7 +499,7 @@ loc     eth2            -</programlisting>
 
             <varlistentry>
               <term><emphasis
-              role="bold">routefilter[={0|1}]</emphasis></term>
+              role="bold">routefilter[={0|1|2}]</emphasis></term>
 
               <listitem>
                 <para>Turn on kernel route filtering for this interface
@@ -510,7 +510,10 @@ loc     eth2            -</programlisting>
                 changes; the value assigned to the setting will be the value
                 specified (if any) or 1 if no value is given.</para>
 
-                <para></para>
+                <para>The value 2 is only available with Shorewall 4.4.5.1 and
+                later when the kernel version is 2.6.31 or later. It specifies
+                a <firstterm>loose</firstterm> form of reverse path
+                filtering.</para>
 
                 <note>
                   <para>This option does not work with a wild-card

manpages/shorewall.conf.xml

@@ -1291,24 +1291,28 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
 
       <varlistentry>
         <term><emphasis role="bold">ROUTE_FILTER=</emphasis>[<emphasis
-        role="bold">Yes</emphasis>|<emphasis
+        role="bold">Yes</emphasis>|1|<emphasis
-        role="bold">No</emphasis>|Keep]</term>
+        role="bold">No|0</emphasis>|2|Keep]</term>
 
         <listitem>
           <para>If this parameter is given the value <emphasis
           role="bold">Yes</emphasis> or <emphasis role="bold">yes</emphasis>
-          then route filtering (anti-spoofing) is enabled on all network
+          or 1 then route filtering (anti-spoofing) is enabled on all network
           interfaces which are brought up while Shorewall is in the started
-          state. The default value is <emphasis
+          state. The default value is <emphasis role="bold">no</emphasis>
-          role="bold">no</emphasis>.</para>
+          (0).</para>
 
           <para>The value <emphasis role="bold">Keep</emphasis> causes
           Shorewall to ignore the option. If the option is set to <emphasis
-          role="bold">Yes</emphasis>, then route filtering occurs on all
+          role="bold">Yes</emphasis> or 1, then route filtering occurs on all
           interfaces. If the option is set to <emphasis
           role="bold">No</emphasis>, then route filtering is disabled on all
           interfaces except those specified in <ulink
           url="shorewall-interfaces.html">shorewall-interfaces</ulink>(5).</para>
+
+          <para>The value 2 is only available with Shorewall 4.4.5.1 and later
+          running on kernel 2.6.31 or later. It specifies a looser form of
+          reverse path filtering than the value Yes (1).</para>
         </listitem>
       </varlistentry>