extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-03 03:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Document Mangle Actions

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-03-07 14:56:20 -08:00
parent a4aa020a84
commit 1add0487f6
4 changed files with 74 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Shorewall/action.mangletemplate Normal file
View File

@ -0,0 +1,22 @@
#
# Shorewall version 5 - Mangle Action Template
#
# /etc/shorewall/action.mangletemplate
#
# This file is a template for files with names of the form
# /etc/shorewall/action.<action-name> where <action> is an
# ACTION defined with the mangle option in /etc/shorewall/actions.
#
# To define a new action:
#
# 1. Add the <action name> to /etc/shorewall/actions with the mangle option
# 2. Copy this file to /etc/shorewall/action.<action name>
# 3. Add the desired rules to that file.
#
# Please see http://shorewall.net/Actions.html for additional
# information.
#
# Columns are the same as in /etc/shorewall/mangle.
#
####################################################################################################################################################
#ACTION SOURCE DEST PROTO DPORT SPORT USER TEST LENGTH TOS CONNBYTES HELPER PROBABILITY DSCP

42
Shorewall/manpages/shorewall-mangle.xml
View File

@ -123,6 +123,21 @@
following.</para> following.</para>
<variablelist> <variablelist>
<varlistentry>
<term><emphasis
role="bold"><replaceable>action</replaceable>[([<replaceable>param</replaceable>[,...])]</emphasis></term>
<listitem>
<para>Added in Shorewall 5.0.7.
<replaceable>action</replaceable> must be an action declared
with the <option>mangle</option> option in <ulink
url="manpages/shorewall-actions.html">shorewall-actions(5)</ulink>.
If the action accepts paramaters, they are specified as a
comma-separated list within parentheses following the
<replaceable>action</replaceable> name.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis <term><emphasis
role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term> role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term>
@ -720,33 +735,6 @@ Normal-Service =&gt; 0x00</programlisting>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
<orderedlist numeration="arabic">
<listitem>
<para><emphasis role="bold">TTL</emphasis>([<emphasis
role="bold">-</emphasis>|<emphasis
role="bold">+</emphasis>]<replaceable>number</replaceable>)</para>
<para>Added in Shorewall 4.4.24.</para>
<para>Prior to Shorewall 4.5.7.2, may be optionally followed by
<emphasis role="bold">:F</emphasis> but the resulting rule is
always added to the FORWARD chain. Beginning with Shorewall
4.5.7.s, it may be optionally followed by <emphasis
role="bold">:P</emphasis>, in which case the rule is added to
the PREROUTING chain.</para>
<para>If <emphasis role="bold">+</emphasis> is included, packets
matching the rule will have their TTL incremented by
<replaceable>number</replaceable>. Similarly, if <emphasis
role="bold">-</emphasis> is included, matching packets have
their TTL decremented by <replaceable>number</replaceable>. If
neither <emphasis role="bold">+</emphasis> nor <emphasis
role="bold">-</emphasis> is given, the TTL of matching packets
is set to <replaceable>number</replaceable>. The valid range of
values for <replaceable>number</replaceable> is 1-255.</para>
</listitem>
</orderedlist>
</listitem> </listitem>
</varlistentry> </varlistentry>

22
Shorewall6/action.mangletemplate Normal file
View File

@ -0,0 +1,22 @@
#
# Shorewall version 5 - Mangle Action Template
#
# /etc/shorewall6/action.mangletemplate
#
# This file is a template for files with names of the form
# /etc/shorewall/action.<action-name> where <action> is an
# ACTION defined with the mangle option in /etc/shorewall/actions.
#
# To define a new action:
#
# 1. Add the <action name> to /etc/shorewall6/actions with the mangle option
# 2. Copy this file to /etc/shorewall6/action.<action name>
# 3. Add the desired rules to that file.
#
# Please see http://shorewall.net/Actions.html for additional
# information.
#
# Columns are the same as in /etc/shorewall6/mangle.
#
############################################################################################################################################################
#ACTION SOURCE DEST PROTO DPORT SPORT USER TEST LENGTH TOS CONNBYTES HELPER HEADERS PROBABILITY DSCP

15
Shorewall6/manpages/shorewall6-mangle.xml
View File

@ -124,6 +124,21 @@
following.</para> following.</para>
<variablelist> <variablelist>
<varlistentry>
<term><emphasis
role="bold"><replaceable>action</replaceable>[([<replaceable>param</replaceable>[,...])]</emphasis></term>
<listitem>
<para>Added in Shorewall 5.0.7.
<replaceable>action</replaceable> must be an action declared
with the <option>mangle</option> option in <ulink
url="manpages6/shorewall6-actions.html">shorewall6-actions(5)</ulink>.
If the action accepts paramaters, they are specified as a
comma-separated list within parentheses following the
<replaceable>action</replaceable> name.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis <term><emphasis
role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term> role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term>