Add links from config files to associated man pages

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4966 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-11-21 18:45:12 +00:00
parent 81c2847db6
commit 118c3f166a
27 changed files with 136 additions and 59 deletions

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Accounting File # Shorewall version 3.3 - Accounting File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-accounting"
# #
# Please see http://shorewall.net/Accounting.html for examples and # Please see http://shorewall.net/Accounting.html for examples and
# additional information about how to use this file. # additional information about how to use this file.

View File

@ -3,19 +3,7 @@
# #
# /etc/shorewall/actions # /etc/shorewall/actions
# #
# This file allows you to define new ACTIONS for use in rules # For information about this file, type "man shorewall-actions"
# (/etc/shorewall/rules). You define the iptables rules to
# be performed in an ACTION in
# /etc/shorewall/action.<action-name>.
#
# ACTION names should begin with an upper-case letter to
# distinguish them from Shorewall-generated chain names and
# they must meet the requirements of a Netfilter chain. If
# you intend to log from the action then the name must be
# no longer than 11 character in length. Names must also
# meet the requirements for a Bourne Shell identifier (must
# begin with a letter and be composed of letters, digits and
# underscore characters).
# #
# Please see http://shorewall.net/Actions.html for additional information. # Please see http://shorewall.net/Actions.html for additional information.
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Blacklist File # Shorewall version 3.3 - Blacklist File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-blacklist"
# #
# Please see http://shorewall.net/blacklisting_support.htm for additional # Please see http://shorewall.net/blacklisting_support.htm for additional
# information. # information.

View File

@ -839,13 +839,13 @@ setup_ecn() # $1 = file name
for interface in $interfaces; do for interface in $interfaces; do
chain=$(ecn_chain $interface) chain=$(ecn_chain $interface)
if havemanglechain $chain; then if havemanglechain $chain; then
flushmangle $chain flushmangle $chain
else else
createmanglechain $chain createmanglechain $chain
run_iptables -t mangle -A POSTROUTING -p tcp -o $interface -j $chain run_iptables -t mangle -A POSTROUTING -p tcp -o $interface -j $chain
run_iptables -t mangle -A OUTPUT -p tcp -o $interface -j $chain run_iptables -t mangle -A OUTPUT -p tcp -o $interface -j $chain
fi fi
done done
for host in $hosts; do for host in $hosts; do

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Ecn File # Shorewall version 3.3 - Ecn File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-ecn"
# #
# For additional information, see http://shorewall.net/Documentation.htm#ECN # For additional information, see http://shorewall.net/Documentation.htm#ECN
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Hosts file # Shorewall version 3.3 - Hosts file
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-hosts"
# #
# For additional information, see http://shorewall.net/Documentation.htm#Hosts # For additional information, see http://shorewall.net/Documentation.htm#Hosts
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Interfaces File # Shorewall version 3.3 - Interfaces File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information on file, type "man shorewall-interfaces"
# #
# For additional information, see # For additional information, see
# http://shorewall.net/Documentation.htm#Interfaces # http://shorewall.net/Documentation.htm#Interfaces

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Maclist file # Shorewall version 3.3 - Maclist file
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-maclist"
# #
# For additional information, see http://shorewall.net/MAC_Validation.html # For additional information, see http://shorewall.net/MAC_Validation.html
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Masq file # Shorewall version 3.3 - Masq file
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-masq"
# #
# For additional information, see http://shorewall.net/Documentation.htm#Masq # For additional information, see http://shorewall.net/Documentation.htm#Masq
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Nat File # Shorewall version 3.3 - Nat File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-nat"
# #
# For additional information, see http://shorewall.net/NAT.htm # For additional information, see http://shorewall.net/NAT.htm
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Netmap File # Shorewall version 3.3 - Netmap File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-netmap"
# #
# See http://shorewall.net/netmap.html for an example and usage # See http://shorewall.net/netmap.html for an example and usage
# information. # information.

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Policy File # Shorewall version 3.3 - Policy File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-policy"
# #
# See http://shorewall.net/Documentation.htm#Policy for additional information. # See http://shorewall.net/Documentation.htm#Policy for additional information.
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Providers File # Shorewall version 3.3 - Providers File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-providers"
# #
# For additional information, see http://shorewall.net/MultiISP.html # For additional information, see http://shorewall.net/MultiISP.html
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Proxyarp File # Shorewall version 3.3 - Proxyarp File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-proxyarp"
# #
# See http://shorewall.net/ProxyARP.htm for additional information. # See http://shorewall.net/ProxyARP.htm for additional information.
# #

View File

@ -1,6 +1,8 @@
# #
# Shorewall version 3.3 - route_rules File # Shorewall version 3.3 - route_rules File
# #
# For information about this file, type "man shorewall-route_rules"
#
# For additional information, see http://www.shorewall.net/MultiISP.html # For additional information, see http://www.shorewall.net/MultiISP.html
############################################################################## ##############################################################################
#SOURCE DEST PROVIDER PRIORITY #SOURCE DEST PROVIDER PRIORITY

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Routestopped File # Shorewall version 3.3 - Routestopped File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-routestopped"
# #
# See http://shorewall.net/Documentation.htm#Routestopped and # See http://shorewall.net/Documentation.htm#Routestopped and
# http://shorewall.net/starting_and_stopping_shorewall.htm for additional # http://shorewall.net/starting_and_stopping_shorewall.htm for additional

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Rules File # Shorewall version 3.3 - Rules File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information on the settings in this file, type "man shorewall-rules"
# #
# See http://shorewall.net/Documentation.htm#Rules for additional information. # See http://shorewall.net/Documentation.htm#Rules for additional information.
# #

View File

@ -7,6 +7,8 @@
# This file should be placed in /etc/shorewall # This file should be placed in /etc/shorewall
# #
# (c) 1999,2000,2001,2002,2003,2004,2005 - Tom Eastep (teastep@shorewall.net) # (c) 1999,2000,2001,2002,2003,2004,2005 - Tom Eastep (teastep@shorewall.net)
#
# For information about the settings in this file, type "man shorewall.conf"
############################################################################### ###############################################################################
# S T A R T U P E N A B L E D # S T A R T U P E N A B L E D
############################################################################### ###############################################################################

View File

@ -226,6 +226,7 @@ fi
%attr(0444,root,root) %{_mandir}/man5/shorewall-actions.5.gz %attr(0444,root,root) %{_mandir}/man5/shorewall-actions.5.gz
%attr(0444,root,root) %{_mandir}/man5/shorewall-blacklist.5.gz %attr(0444,root,root) %{_mandir}/man5/shorewall-blacklist.5.gz
%attr(0444,root,root) %{_mandir}/man5/shorewall.conf.5.gz %attr(0444,root,root) %{_mandir}/man5/shorewall.conf.5.gz
%attr(0444,root,root) %{_mandir}/man5/shorewall-ecn.5.gz
%attr(0444,root,root) %{_mandir}/man5/shorewall-hosts.5.gz %attr(0444,root,root) %{_mandir}/man5/shorewall-hosts.5.gz
%attr(0444,root,root) %{_mandir}/man5/shorewall-interfaces.5.gz %attr(0444,root,root) %{_mandir}/man5/shorewall-interfaces.5.gz
%attr(0444,root,root) %{_mandir}/man5/shorewall-maclist.5.gz %attr(0444,root,root) %{_mandir}/man5/shorewall-maclist.5.gz

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Tcclasses File # Shorewall version 3.3 - Tcclasses File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-tcclasses"
# #
# See http://shorewall.net/traffic_shaping.htm for additional information. # See http://shorewall.net/traffic_shaping.htm for additional information.
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Tcdevices File # Shorewall version 3.3 - Tcdevices File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-tcdevices"
# #
# See http://shorewall.net/traffic_shaping.htm for additional information. # See http://shorewall.net/traffic_shaping.htm for additional information.
# #

View File

@ -1,7 +1,7 @@
# #
# Shorewall version 3.3 - Tcrules File # Shorewall version 3.3 - Tcrules File
# #
# The columns in this file are described in /etc/shorewall/Documentation. # For information about this file, type "man shorewall-tcrules"
# #
# See http://shorewall.net/traffic_shaping.htm for additional information. # See http://shorewall.net/traffic_shaping.htm for additional information.
# For usage in selecting among multiple ISPs, see # For usage in selecting among multiple ISPs, see

View File

@ -1,6 +1,8 @@
# #
# Shorewall version 3.3 - Tos File # Shorewall version 3.3 - Tos File
# #
# For information about this file, type "man shorewall-tos"
#
############################################################################### ###############################################################################
#SOURCE DEST PROTOCOL SOURCE DEST TOS #SOURCE DEST PROTOCOL SOURCE DEST TOS
# PORTS PORTS # PORTS PORTS

View File

@ -1,6 +1,8 @@
# #
# Shorewall version 3.3 - Tunnels File # Shorewall version 3.3 - Tunnels File
# #
# For information about this file, type "man shorewall-tunnels"
#
# See http://shorewall.net/Documentation.htm#Tunnels for additional # See http://shorewall.net/Documentation.htm#Tunnels for additional
# information. # information.
# #

View File

@ -1,6 +1,8 @@
# #
# Shorewall version 3.3 - Zones File # Shorewall version 3.3 - Zones File
# #
# For information about this file, type "man shorewall-zones"
#
# For more information, see http://www.shorewall.net/Documentation.htm#Zones # For more information, see http://www.shorewall.net/Documentation.htm#Zones
# #
############################################################################### ###############################################################################

View File

@ -0,0 +1,71 @@
<?xml version="1.0" encoding="UTF-8"?>
<refentry>
<refmeta>
<refentrytitle>shorewall-ecn</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv>
<refname>ecn</refname>
<refpurpose>Shorewall ECN file</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>/etc/shorewall/ecn</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>Use this file to list the destinations for which you want to disable
ECN.</para>
<para>The columns in the file are as follows.</para>
<variablelist>
<varlistentry>
<term><emphasis role="bold">INTERFACE</emphasis></term>
<listitem>
<para>Interface through which host(s) communicate with the
firewall</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">HOST(S)</emphasis> (Optional)</term>
<listitem>
<para> Comma-separated list of host and/or network addresses. If
left empty or supplied as "-", 0.0.0.0/0 is assumed. If your kernel
and iptables include iprange match support then IP address ranges
are also permitted.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>FILES</title>
<para>/etc/shorewall/ecn</para>
</refsect1>
<refsect1>
<title>See ALSO</title>
<para>shorewall(8), shorewall-accounting(5), shorewall-actions(5),
shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)</para>
</refsect1>
</refentry>

View File

@ -187,9 +187,12 @@
<listitem> <listitem>
<para>This parameter determines whether Shorewall automatically adds <para>This parameter determines whether Shorewall automatically adds
the SNAT ADDRESS in /etc/shorewall/masq. If the variable is set to the SNAT ADDRESS in /etc/shorewall/masq. If the variable is set to
“Yes” or “yes” then Shorewall automatically adds these addresses. If <emphasis role="bold">Yes</emphasis> or <emphasis
it is set to “No” or “no”, you must add these addresses yourself role="bold">yes</emphasis> then Shorewall automatically adds these
using your distribution's network configuration tools.</para> addresses. If it is set to <emphasis role="bold">No</emphasis> or
<emphasis role="bold">no</emphasis>, you must add these addresses
yourself using your distribution's network configuration
tools.</para>
<para>If this variable is not set or is given an empty value <para>If this variable is not set or is given an empty value
(ADD_SNAT_ALIASES="") then ADD_SNAT_ALIASES=No is assumed.</para> (ADD_SNAT_ALIASES="") then ADD_SNAT_ALIASES=No is assumed.</para>
@ -253,7 +256,8 @@
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term> role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
<listitem> <listitem>
<para>When set to Yes or yes, enables Shorewall Bridging <para>When set to <emphasis role="bold">Yes</emphasis> or <emphasis
role="bold">yes</emphasis>, enables Shorewall Bridging
support.</para> support.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -289,15 +293,16 @@
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term> role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
<listitem> <listitem>
<para>If this option is set to “No” then Shorewall won't clear the <para>If this option is set to <emphasis role="bold">No</emphasis>
current traffic control rules during [re]start. This setting is then Shorewall won't clear the current traffic control rules during
intended for use by people that prefer to configure traffic shaping [re]start. This setting is intended for use by people that prefer to
when the network interfaces come up rather than when the firewall is configure traffic shaping when the network interfaces come up rather
started. If that is what you want to do, set TC_ENABLED=Yes and than when the firewall is started. If that is what you want to do,
CLEAR_TC=No and do not supply an /etc/shorewall/tcstart file. That set TC_ENABLED=Yes and CLEAR_TC=No and do not supply an
way, your traffic shaping rules can still use the “fwmark” /etc/shorewall/tcstart file. That way, your traffic shaping rules
classifier based on packet marking defined in shorewall-tcrules(5). can still use the “fwmark” classifier based on packet marking
If not specified, CLEAR_TC=Yes is assumed.</para> defined in shorewall-tcrules(5). If not specified, CLEAR_TC=Yes is
assumed.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -341,13 +346,14 @@
<listitem> <listitem>
<para>Users with a large static black list (shorewall-blacklist(5)) <para>Users with a large static black list (shorewall-blacklist(5))
may want to set the DELAYBLACKLISTLOAD option to Yes. When may want to set the DELAYBLACKLISTLOAD option to <emphasis
DELAYBLACKLISTLOAD=Yes, Shorewall will enable new connections before role="bold">Yes</emphasis>. When DELAYBLACKLISTLOAD=Yes, Shorewall
loading the blacklist rules. While this may allow connections from will enable new connections before loading the blacklist rules.
blacklisted hosts to slip by during construction of the blacklist, While this may allow connections from blacklisted hosts to slip by
it can substantially reduce the time that all new connections are during construction of the blacklist, it can substantially reduce
disabled during <emphasis role="bold">shorewall</emphasis> the time that all new connections are disabled during <emphasis
[<emphasis role="bold">re</emphasis>]<emphasis role="bold">shorewall</emphasis> [<emphasis
role="bold">re</emphasis>]<emphasis
role="bold">start</emphasis>.</para> role="bold">start</emphasis>.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -446,8 +452,9 @@
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term> role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
<listitem> <listitem>
<para>When this option is set to "Yes", it causes subzones to be <para>When this option is set to <emphasis
treated differently with respect to policies.</para> role="bold">Yes</emphasis>, it causes subzones to be treated
differently with respect to policies.</para>
<para>Subzones are defined by following their name with ":" and a <para>Subzones are defined by following their name with ":" and a
list of parent zones (in /etc/shorewall/zones). Normally, you want list of parent zones (in /etc/shorewall/zones). Normally, you want