More manpage updates for 4.4.13

2025-08-09 07:31:00 +02:00 · 2010-09-14 16:47:45 -07:00
parent 94cdc73ec2
commit 10a9ae496a
5 changed files with 75 additions and 33 deletions
--- a/manpages/shorewall-interfaces.xml
+++ b/manpages/shorewall-interfaces.xml
@ -231,13 +231,16 @@ loc     eth2            -</programlisting>
                <ulink
                url="shorewall-blacklist.html">shorewall-blacklist</ulink>(5)
                file. The value may be specified when running Shorewall 4.4.13
-                or later and can have a value in the range 1-2</para>
+                or later and can have a value in the range 1-2; entering no
+                value is equivalent to blacklist=1.</para>

                <orderedlist>
                  <listitem>
-                    <para>Input blacklisting (default if no value given).
-                    Traffic entering this interface are passed against the
-                    entries in <ulink
+                    <para>Input blacklisting (default if no value given). This
+                    setting is intended for Internet-facing interfaces.</para>
+
+                    <para>Traffic entering this interface is passed against
+                    the entries in <ulink
                    url="shorewall-blacklist.html">shorewall-blacklist</ulink>(5)
                    that have the <emphasis role="bold">from</emphasis> option
                    (specified or defaulted). Traffic originating on the
@ -249,9 +252,11 @@ loc     eth2            -</programlisting>
                  </listitem>

                  <listitem>
-                    <para>Output blacklisting. Forward traffic that entered
-                    through this interface is passed against the entries in
-                    <ulink
+                    <para>Output blacklisting. This setting is intended for
+                    internal interfaces.</para>
+
+                    <para>Forwarded traffic that entered through this
+                    interface is passed against the entries in <ulink
                    url="shorewall-blacklist.html">shorewall-blacklist</ulink>(5)
                    that have the <emphasis role="bold">to</emphasis>
                    option.</para>
--- a/manpages/shorewall-modules.xml
+++ b/manpages/shorewall-modules.xml
@ -18,14 +18,25 @@
    <cmdsynopsis>
      <command>/usr/share/shorewall/modules</command>
    </cmdsynopsis>
+
+    <cmdsynopsis>
+      <command>/usr/share/shorewall/helpers</command>
+    </cmdsynopsis>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

-    <para>This file specifies which kernel modules Shorewall will load before
-    trying to determine your iptables/kernel's capabilities. Each record in
-    the file has the following format:</para>
+    <para>These files specify which kernel modules Shorewall will load before
+    trying to determine your iptables/kernel's capabilities.</para>
+
+    <para>The <filename>modules</filename> file is used when
+    LOAD_HELPERS_ONLY=No in <ulink
+    url="shorewall.conf.html">shorewall.conf</ulink>(8); the
+    <filename>helpers</filename> file is used when
+    LOAD_HELPERS_ONLY=Yes</para>
+
+    <para>Each record in the files has the following format:</para>

    <cmdsynopsis>
      <command>loadmodule</command>
@ -45,7 +56,8 @@

    <para>The /usr/share/shorewall/modules file contains a large number of
    modules. Users are encouraged to copy the file to /etc/shorewall/modules
-    and modify the copy to load only the modules required.<note>
+    and modify the copy to load only the modules required or to use
+    LOAD_HELPERS_ONLY=Yes.<note>
        <para>If you build monolithic kernels and have not installed
        module-init-tools, then create an empty /etc/shorewall/modules file;
        that will prevent Shorewall from trying to load modules at all.</para>
@ -63,7 +75,11 @@

    <para>/usr/share/shorewall/modules</para>

+    <para>/usr/share/shorewall/helpers</para>
+
    <para>/etc/shorewall/modules</para>
+
+    <para>/etc/shorewall/helpers</para>
  </refsect1>

  <refsect1>
@ -74,8 +90,9 @@
    shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5),
    shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
    shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_rules(5),
-    shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5),
-    shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
-    shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)</para>
+    shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
+    shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
+    shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
+    shorewall-zones(5)</para>
  </refsect1>
 </refentry>