mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-17 20:01:09 +01:00
Document new options (IP, IPSET and TC)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
990fda9f19
commit
11018b072b
@ -661,6 +661,17 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis
|
||||
role="bold">IP</emphasis>=[<emphasis>pathname</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>If specified, gives the pathname of the 'ip' executable. If
|
||||
not specified, 'ip' is assumed and the utility will be located using
|
||||
the current PATH setting.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">IP_FORWARDING=</emphasis>[<emphasis
|
||||
role="bold">On</emphasis>|<emphasis
|
||||
@ -712,14 +723,13 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">IPSECFILE=</emphasis>{<emphasis
|
||||
role="bold">zones</emphasis>|<emphasis
|
||||
role="bold">ipsec</emphasis>}</term>
|
||||
<term><emphasis
|
||||
role="bold">IPSET</emphasis>=[<emphasis>pathname</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>This should be set to <emphasis role="bold">zones</emphasis>
|
||||
for all new Shorewall installations. IPSECFILE=ipsec is only used
|
||||
for compatibility with pre-Shorewall-3.0 configurations.</para>
|
||||
<para>If specified, gives the pathname of the 'ipset' executable. If
|
||||
not specified, 'ipset' is assumed and the utility will be located
|
||||
using the current PATH setting.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -1504,6 +1514,17 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis
|
||||
role="bold">TC</emphasis>=[<emphasis>pathname</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>If specified, gives the pathname of the 'tc' executable. If
|
||||
not specified, 'tc' is assumed and the utility will be located using
|
||||
the current PATH setting.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">TC_ENABLED=</emphasis>[<emphasis
|
||||
role="bold">Yes</emphasis>|<emphasis
|
||||
|
@ -514,6 +514,17 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis
|
||||
role="bold">IP</emphasis>=[<emphasis>pathname</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>If specified, gives the pathname of the 'ip' executable. If
|
||||
not specified, 'ip' is assumed and the utility will be located using
|
||||
the current PATH setting.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">IP_FORWARDING=</emphasis>[<emphasis
|
||||
role="bold">On</emphasis>|<emphasis
|
||||
@ -550,13 +561,11 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
|
||||
<listitem>
|
||||
<para>Shorewall6 will neither enable nor disable packet
|
||||
forwarding.</para>
|
||||
forwarding</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
||||
<para></para>
|
||||
|
||||
<blockquote>
|
||||
<para>If this variable is not set or is given an empty value
|
||||
(IP_FORWARD="") then IP_FORWARD=On is assumed.</para>
|
||||
@ -581,6 +590,17 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis
|
||||
role="bold">IPSET</emphasis>=[<emphasis>pathname</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>If specified, gives the pathname of the 'ipset' executable. If
|
||||
not specified, 'ipset' is assumed and the utility will be located
|
||||
using the current PATH setting.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">KEEP_RT_TABLES=</emphasis>{<emphasis
|
||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
|
||||
@ -1056,6 +1076,17 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis
|
||||
role="bold">TC</emphasis>=[<emphasis>pathname</emphasis>]</term>
|
||||
|
||||
<listitem>
|
||||
<para>If specified, gives the pathname of the 'tc' executable. If
|
||||
not specified, 'tc' is assumed and the utility will be located using
|
||||
the current PATH setting.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">TC_ENABLED=</emphasis>[<emphasis
|
||||
role="bold">Yes</emphasis>|<emphasis
|
||||
|
Loading…
Reference in New Issue
Block a user