diff --git a/docs/ECN.xml b/docs/ECN.xml
index b31f67d21..41e5e51df 100644
--- a/docs/ECN.xml
+++ b/docs/ECN.xml
@@ -26,6 +26,8 @@
2005
+ 2016
+
Thomas M. Eastep
@@ -118,5 +120,5 @@
-
+
diff --git a/docs/FAQ.xml b/docs/FAQ.xml
index d311b462d..7045717df 100644
--- a/docs/FAQ.xml
+++ b/docs/FAQ.xml
@@ -412,7 +412,7 @@ DNAT net loc:192.168.1.3:22 tcp 1022
following rule, then you will have access on port 4104 from the net
and on port 22 from your LAN.
- #ACTION SOURCE DEST PROTO DEST PORT(S)
+ #ACTION SOURCE DEST PROTO DPORT
DNAT net fw:192.168.1.1:22 tcp 4104
@@ -1476,8 +1476,9 @@ net-fw DROP eth2 5 packets from 61.158.162.9 to 206.124.146.177
- Alternatively, if you do not set BLACKLIST_LOGLEVEL you can blacklist
- the port. In /etc/shorewall/blrules:
+ Alternatively, if you do not set BLACKLIST_LOGLEVEL you can
+ blacklist the port. In
+ /etc/shorewall/blrules:
#ACTION SOURCE DEST PROTO DPORT
@@ -3039,8 +3040,8 @@ REJECT fw net:pagead2.googlesyndication.com all#ACTION SOURCE DEST PROTO
REJECT $FW net:216.239.37.99 all
-REJECT $FW net:216.239.39.99 allGiven that
- name-based multiple hosting is a common practice (another example:
+REJECT $FW net:216.239.39.99 allGiven
+ that name-based multiple hosting is a common practice (another example:
lists.shorewall.net and www1.shorewall.net are both hosted on the same
system with a single IP address), it is not possible to filter
connections to a particular name by examination of protocol headers
diff --git a/docs/IPP2P.xml b/docs/IPP2P.xml
index 61723543a..93af7d98b 100644
--- a/docs/IPP2P.xml
+++ b/docs/IPP2P.xml
@@ -26,6 +26,8 @@
2009
+ 2016
+
Thomas M. Eastep
diff --git a/docs/IPv6Support.xml b/docs/IPv6Support.xml
index e26363d22..ef4a23c01 100644
--- a/docs/IPv6Support.xml
+++ b/docs/IPv6Support.xml
@@ -22,6 +22,8 @@
2009
+ 2016
+
Thomas M. Eastep
@@ -515,7 +517,7 @@ ACCEPT net:wlan0:<2002:ce7c:92b4::3> $FW tcp 22
-
+
@@ -523,9 +525,9 @@ ACCEPT net:wlan0:<2002:ce7c:92b4::3> $FW tcp 22
Macros
- The Shorewall6 package depends on Shorewall-common for
- application macros. Only certain address-family specific macros such
- as macro.AllowICMPs are included in Shorewall6. As a consequence,
+ The Shorewall6 package depends on Shorewall for application
+ macros. Only certain address-family specific macros such as
+ macro.AllowICMPs are included in Shorewall6. As a consequence,
/usr/share/shorewall/ is included in the default Shorewall6
CONFIG_PATH.
diff --git a/docs/Macros.xml b/docs/Macros.xml
index ce88c055e..4d55951c7 100644
--- a/docs/Macros.xml
+++ b/docs/Macros.xml
@@ -26,6 +26,8 @@
2005
+ 2016
+
Thomas M. Eastep
@@ -252,9 +254,6 @@ ACCEPT $FW loc tcp 135,139,445
-
- One additional restriction should be noted: macros that are invoked
- from actions cannot themselves invoke other actions.
@@ -282,6 +281,13 @@ ACCEPT $FW loc tcp 135,139,445
+
+ Shorewall 5.0.0 and Later
+
+ The columns in a macro file are the same as those in shorewall-rules(5).
+
+
Shorewall 4.4.16 and Later