clean up policy file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1173 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall2/policy

@@ -6,10 +6,9 @@
 #	             THE ORDER OF ENTRIES IN THIS FILE IS IMPORTANT
 #
 #	This file determines what to do with a new connection request if we
-#	don't get a match from the /etc/shorewall/rules file or from the
+#	don't get a match from the /etc/shorewall/rules file . For each
-#	/etc/shorewall/common[.def] file. For each source/destination pair, the
+#	source/destination pair, the file is processed in order until a
-#	file is processed in order until a match is found ("all" will match
+#	match is found ("all" will match any client or server).
-#	any client or server).
 #
 # Columns are:
 #
@@ -43,6 +42,12 @@
 #					  SOURCE or DEST columns contain the
 #					  firewall zone ($FW) or "all".
 #
+#			If this column contains ACCEPT, DROP or REJECT and a 
+#			corresponding common action is defined in
+#			/etc/shorewall/actions (or /usr/share/shorewall/actions.std)
+#			then that action will be invoked before the policy named in
+#			this column is inforced.
+#
 #	LOG LEVEL	If supplied, each connection handled under the default
 #			POLICY is logged at that level. If not supplied, no
 #			log message is generated. See syslog.conf(5) for a
@@ -55,7 +60,7 @@
 #			(http://www.gnumonks.org/projects/ulogd).
 #
 #			If you don't want to log but need to specify the
-#			following column, place "_" here.
+#			following column, place "-" here.
 #
 #	LIMIT:BURST	If passed, specifies the maximum TCP connection rate
 #			and the size of an acceptable burst. If not specified,