From 1add0487f6b71c86082906e8d6540cd98b2268d9 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Mon, 7 Mar 2016 14:56:20 -0800
Subject: [PATCH] Document Mangle Actions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/action.mangletemplate           | 22 ++++++++++++
 Shorewall/manpages/shorewall-mangle.xml   | 42 ++++++++---------------
 Shorewall6/action.mangletemplate          | 22 ++++++++++++
 Shorewall6/manpages/shorewall6-mangle.xml | 15 ++++++++
 4 files changed, 74 insertions(+), 27 deletions(-)
 create mode 100644 Shorewall/action.mangletemplate
 create mode 100644 Shorewall6/action.mangletemplate

diff --git a/Shorewall/action.mangletemplate b/Shorewall/action.mangletemplate
new file mode 100644
index 000000000..4f4ef2e09
--- /dev/null
+++ b/Shorewall/action.mangletemplate
@@ -0,0 +1,22 @@
+#
+# Shorewall version 5 - Mangle Action Template
+#
+# /etc/shorewall/action.mangletemplate
+#
+#	This file is a template for files with names of the form
+#	/etc/shorewall/action.<action-name> where <action> is an
+#	ACTION defined with the mangle option in /etc/shorewall/actions.
+#
+#	To define a new action:
+#
+#	1. Add the <action name> to /etc/shorewall/actions with the mangle option
+#	2. Copy this file to /etc/shorewall/action.<action name>
+#	3. Add the desired rules to that file.
+#
+#	Please see http://shorewall.net/Actions.html for additional
+#	information.
+#
+# Columns are the same as in /etc/shorewall/mangle.
+#
+####################################################################################################################################################
+#ACTION		SOURCE		DEST		PROTO	DPORT	SPORT	USER	TEST	LENGTH	TOS	CONNBYTES	HELPER	PROBABILITY	DSCP
diff --git a/Shorewall/manpages/shorewall-mangle.xml b/Shorewall/manpages/shorewall-mangle.xml
index e6aeb050f..9c3d7ff66 100644
--- a/Shorewall/manpages/shorewall-mangle.xml
+++ b/Shorewall/manpages/shorewall-mangle.xml
@@ -123,6 +123,21 @@
           following.</para>
 
           <variablelist>
+            <varlistentry>
+              <term><emphasis
+              role="bold"><replaceable>action</replaceable>[([<replaceable>param</replaceable>[,...])]</emphasis></term>
+
+              <listitem>
+                <para>Added in Shorewall 5.0.7.
+                <replaceable>action</replaceable> must be an action declared
+                with the <option>mangle</option> option in <ulink
+                url="manpages/shorewall-actions.html">shorewall-actions(5)</ulink>.
+                If the action accepts paramaters, they are specified as a
+                comma-separated list within parentheses following the
+                <replaceable>action</replaceable> name.</para>
+              </listitem>
+            </varlistentry>
+
             <varlistentry>
               <term><emphasis
               role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term>
@@ -720,33 +735,6 @@ Normal-Service       =&gt; 0x00</programlisting>
               </listitem>
             </varlistentry>
           </variablelist>
-
-          <orderedlist numeration="arabic">
-            <listitem>
-              <para><emphasis role="bold">TTL</emphasis>([<emphasis
-              role="bold">-</emphasis>|<emphasis
-              role="bold">+</emphasis>]<replaceable>number</replaceable>)</para>
-
-              <para>Added in Shorewall 4.4.24.</para>
-
-              <para>Prior to Shorewall 4.5.7.2, may be optionally followed by
-              <emphasis role="bold">:F</emphasis> but the resulting rule is
-              always added to the FORWARD chain. Beginning with Shorewall
-              4.5.7.s, it may be optionally followed by <emphasis
-              role="bold">:P</emphasis>, in which case the rule is added to
-              the PREROUTING chain.</para>
-
-              <para>If <emphasis role="bold">+</emphasis> is included, packets
-              matching the rule will have their TTL incremented by
-              <replaceable>number</replaceable>. Similarly, if <emphasis
-              role="bold">-</emphasis> is included, matching packets have
-              their TTL decremented by <replaceable>number</replaceable>. If
-              neither <emphasis role="bold">+</emphasis> nor <emphasis
-              role="bold">-</emphasis> is given, the TTL of matching packets
-              is set to <replaceable>number</replaceable>. The valid range of
-              values for <replaceable>number</replaceable> is 1-255.</para>
-            </listitem>
-          </orderedlist>
         </listitem>
       </varlistentry>
 
diff --git a/Shorewall6/action.mangletemplate b/Shorewall6/action.mangletemplate
new file mode 100644
index 000000000..cf312e41e
--- /dev/null
+++ b/Shorewall6/action.mangletemplate
@@ -0,0 +1,22 @@
+#
+# Shorewall version 5 - Mangle Action Template
+#
+# /etc/shorewall6/action.mangletemplate
+#
+#	This file is a template for files with names of the form
+#	/etc/shorewall/action.<action-name> where <action> is an
+#	ACTION defined with the mangle option in /etc/shorewall/actions.
+#
+#	To define a new action:
+#
+#	1. Add the <action name> to /etc/shorewall6/actions with the mangle option
+#	2. Copy this file to /etc/shorewall6/action.<action name>
+#	3. Add the desired rules to that file.
+#
+#	Please see http://shorewall.net/Actions.html for additional
+#	information.
+#
+# Columns are the same as in /etc/shorewall6/mangle.
+#
+############################################################################################################################################################
+#ACTION		SOURCE		DEST		PROTO	DPORT	SPORT	USER	TEST	LENGTH	TOS	CONNBYTES	HELPER	HEADERS	PROBABILITY	DSCP
diff --git a/Shorewall6/manpages/shorewall6-mangle.xml b/Shorewall6/manpages/shorewall6-mangle.xml
index b1e8c66e5..4ea9b1d2c 100644
--- a/Shorewall6/manpages/shorewall6-mangle.xml
+++ b/Shorewall6/manpages/shorewall6-mangle.xml
@@ -124,6 +124,21 @@
           following.</para>
 
           <variablelist>
+            <varlistentry>
+              <term><emphasis
+              role="bold"><replaceable>action</replaceable>[([<replaceable>param</replaceable>[,...])]</emphasis></term>
+
+              <listitem>
+                <para>Added in Shorewall 5.0.7.
+                <replaceable>action</replaceable> must be an action declared
+                with the <option>mangle</option> option in <ulink
+                url="manpages6/shorewall6-actions.html">shorewall6-actions(5)</ulink>.
+                If the action accepts paramaters, they are specified as a
+                comma-separated list within parentheses following the
+                <replaceable>action</replaceable> name.</para>
+              </listitem>
+            </varlistentry>
+
             <varlistentry>
               <term><emphasis
               role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term>