extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-26 09:33:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve formatting of 'rules' manpages

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-30 08:08:57 -07:00
parent af893b6296
commit 18bb6c94ca
2 changed files with 81 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
manpages/shorewall-rules.xml
View File

@ -413,31 +413,34 @@
<para>The older syntax where the macro name and the target are
separated by a slash (e.g. FTP/ACCEPT) is still allowed but is
deprecated.</para>
</listitem>
</varlistentry>
</variablelist>
<para>The <emphasis role="bold">ACTION</emphasis> may
optionally be followed by ":" and a syslog log level (e.g,
REJECT:info or DNAT:debug). This causes the packet to be
logged at the specified level. Note that if the <emphasis
role="bold">ACTION</emphasis> involves destination network
address translation (DNAT, REDIRECT, etc.) then the packet is
logged <emphasis role="bold">before</emphasis> the destination
address is rewritten.</para>
<para>The <emphasis role="bold">ACTION</emphasis> may optionally be
followed by ":" and a syslog log level (e.g, REJECT:info or
DNAT:debug). This causes the packet to be logged at the specified
level. Note that if the <emphasis role="bold">ACTION</emphasis>
involves destination network address translation (DNAT, REDIRECT,
etc.) then the packet is logged <emphasis
role="bold">before</emphasis> the destination address is
rewritten.</para>
<para>If the <emphasis role="bold">ACTION</emphasis> names an
<emphasis>action</emphasis> declared in <ulink
url="shorewall-actions.html">shorewall-actions</ulink>(5) or
in /usr/share/shorewall/actions.std then:</para>
url="shorewall-actions.html">shorewall-actions</ulink>(5) or in
/usr/share/shorewall/actions.std then:</para>
<itemizedlist>
<listitem>
<para>If the log level is followed by "!' then all rules
in the action are logged at the log level.</para>
<para>If the log level is followed by "!' then all rules in the
action are logged at the log level.</para>
</listitem>
<listitem>
<para>If the log level is not followed by "!" then only
those rules in the action that do not specify logging are
logged at the specified level.</para>
<para>If the log level is not followed by "!" then only those
rules in the action that do not specify logging are logged at
the specified level.</para>
</listitem>
<listitem>
@ -447,23 +450,19 @@
</listitem>
</itemizedlist>
<para>You may also specify <emphasis
role="bold">ULOG</emphasis> or <emphasis
role="bold">NFLOG</emphasis> (must be in upper case) as a log
level.This will log to the ULOG or NFLOG target for routing to
a separate log through use of ulogd (<ulink
<para>You may also specify <emphasis role="bold">ULOG</emphasis> or
<emphasis role="bold">NFLOG</emphasis> (must be in upper case) as a
log level.This will log to the ULOG or NFLOG target for routing to a
separate log through use of ulogd (<ulink
url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
<para>Actions specifying logging may be followed by a log tag
(a string of alphanumeric characters) which is appended to the
string generated by the LOGPREFIX (in <ulink
<para>Actions specifying logging may be followed by a log tag (a
string of alphanumeric characters) which is appended to the string
generated by the LOGPREFIX (in <ulink
url="shorewall.conf.html">shorewall.conf</ulink>(5)).</para>
<para>Example: ACCEPT:info:ftp would include 'ftp ' at the end
of the log prefix generated by the LOGPREFIX setting.</para>
</listitem>
</varlistentry>
</variablelist>
<para>Example: ACCEPT:info:ftp would include 'ftp ' at the end of
the log prefix generated by the LOGPREFIX setting.</para>
</listitem>
</varlistentry>

16
manpages6/shorewall6-rules.xml
View File

@ -308,17 +308,14 @@
<para>The older syntax where the macro name and the target are
separated by a slash (e.g. FTP/ACCEPT) is still allowed but is
deprecated.</para>
<programlisting></programlisting>
</listitem>
</varlistentry>
</variablelist>
<blockquote>
<para>The <emphasis role="bold">ACTION</emphasis> may optionally
be followed by ":" and a syslog log level (e.g, REJECT:info or
ACCEPT:debug). This causes the packet to be logged at the
specified level.</para>
<para>The <emphasis role="bold">ACTION</emphasis> may optionally be
followed by ":" and a syslog log level (e.g, REJECT:info or
ACCEPT:debug). This causes the packet to be logged at the specified
level.</para>
<para>If the <emphasis role="bold">ACTION</emphasis> names an
<emphasis>action</emphasis> declared in <ulink
@ -327,8 +324,8 @@
<itemizedlist>
<listitem>
<para>If the log level is followed by "!' then all rules in
the action are logged at the log level.</para>
<para>If the log level is followed by "!' then all rules in the
action are logged at the log level.</para>
</listitem>
<listitem>
@ -356,7 +353,6 @@
<para>Example: ACCEPT:info:ftp would include 'ftp ' at the end of
the log prefix generated by the LOGPREFIX setting.</para>
</blockquote>
</listitem>
</varlistentry>