Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code

2025-06-19 17:28:35 +02:00 · 2015-11-09 19:00:24 -08:00 · 2015-11-09 19:00:24 -08:00 · 355d3e2dec
commit 355d3e2dec
parent 65a0c62b0d d0d34568d1
87 changed files with 185 additions and 239 deletions
--- a/Shorewall/configfiles/accounting
+++ b/Shorewall/configfiles/accounting
@ -1,5 +1,5 @@
 #
-# Shorewall - Accounting File
+# Shorewall -- /etc/shorewall/accounting
 #
 # For information about entries in this file, type "man shorewall-accounting"
 #
--- a/Shorewall/configfiles/actions
+++ b/Shorewall/configfiles/actions
@ -1,7 +1,5 @@
 #
-# Shorewall - Actions File
+# Shorewall -- /etc/shorewall/actions
 #
 # /etc/shorewall/actions
 #
 # For information about entries in this file, type "man shorewall-actions"
 #
--- a/Shorewall/configfiles/arprules
+++ b/Shorewall/configfiles/arprules
@ -1,5 +1,5 @@
 #
-# Shorewall - Arprules File
+# Shorewall -- /etc/shorewall/arprules
 #
 # For information about entries in this file, type "man shorewall-arprules"
 #
--- a/Shorewall/configfiles/blrules
+++ b/Shorewall/configfiles/blrules
@ -1,5 +1,5 @@
 #
-# Shorewall - Blrules File
+# Shorewall -- /etc/shorewall/blrules
 #
 # For information about entries in this file, type "man shorewall-blrules"
 #
--- a/Shorewall/configfiles/clear
+++ b/Shorewall/configfiles/clear
@ -1,7 +1,5 @@
 #
-# Shorewall - Clear File
+# Shorewall -- /etc/shorewall/clear
 #
 # /etc/shorewall/clear
 #
 # Add commands below that you want to be executed after Shorewall has
 # processed the 'clear' command.
--- a/Shorewall/configfiles/conntrack
+++ b/Shorewall/configfiles/conntrack
@ -1,10 +1,11 @@
 #
-# Shorewall - Conntrack File
+# Shorewall -- /etc/shorewall/conntrack
 #
 # For information about entries in this file, type "man shorewall-conntrack"
 #
 ##############################################################################################################
 ?FORMAT 3
 ##############################################################################################################
 #ACTION			SOURCE		DESTINATION	PROTO	DEST		SOURCE	USER/		SWITCH
 #								PORT(S)		PORT(S)	GROUP
 ?if $AUTOHELPERS && __CT_TARGET
--- a/Shorewall/configfiles/ecn
+++ b/Shorewall/configfiles/ecn
@ -1,5 +1,5 @@
 #
-# Shorewall - Ecn File
+# Shorewall -- /etc/shorewall/ecn
 #
 # For information about entries in this file, type "man shorewall-ecn"
 #
--- a/Shorewall/configfiles/findgw
+++ b/Shorewall/configfiles/findgw
@ -1,7 +1,5 @@
 #
-# Shorewall - Findgw File
+# Shorewall -- /etc/shorewall/findgw
 #
 # /etc/shorewall/findgw
 #
 # The code in this file is executed when Shorewall is trying to detect the
 # gateway through an interface in /etc/shorewall/providers that has GATEWAY
--- a/Shorewall/configfiles/hosts
+++ b/Shorewall/configfiles/hosts
@ -1,5 +1,5 @@
 #
-# Shorewall - Hosts file
+# Shorewall -- /etc/shorewall/hosts
 #
 # For information about entries in this file, type "man shorewall-hosts"
 #
--- a/Shorewall/configfiles/init
+++ b/Shorewall/configfiles/init
@ -1,10 +1,8 @@
 #
-# Shorewall - Init File
+# Shorewall -- /etc/shorewall/init
 #
-# /etc/shorewall/init
+# Add commands below that you want to be executed at the beginning of
-#
+# a "shorewall start", "shorewall-reload" or "shorewall restart" command.
 #	Add commands below that you want to be executed at the beginning of
 #	a "shorewall start", "shorewall-reload" or "shorewall restart" command.
 #
 # For additional information, see
 # http://shorewall.net/shorewall_extension_scripts.htm
--- a/Shorewall/configfiles/initdone
+++ b/Shorewall/configfiles/initdone
@ -1,12 +1,10 @@
 #
-# Shorewall - Initdone File
+# Shorewall -- /etc/shorewall/initdone
 #
-# /etc/shorewall/initdone
+# Add commands below that you want to be executed during
-#
+# "shorewall start", "shorewall reload" or "shorewall restart" commands
-#	Add commands below that you want to be executed during
+# at the point where Shorewall has not yet added any permanent rules to
-#	"shorewall start", "shorewall reload" or "shorewall restart" commands
+# the builtin chains.
 #	at the point where Shorewall has not yet added any permanent rules to
 #       the builtin chains.
 #
 # For additional information, see
 # http://shorewall.net/shorewall_extension_scripts.htm
--- a/Shorewall/configfiles/interfaces
+++ b/Shorewall/configfiles/interfaces
@ -1,5 +1,5 @@
 #
-# Shorewall - Interfaces File
+# Shorewall -- /etc/shorewall/interfaces
 #
 # For information about entries in this file, type "man shorewall-interfaces"
 #
--- a/Shorewall/configfiles/isusable
+++ b/Shorewall/configfiles/isusable
@ -1,15 +1,13 @@
 #
-# Shorewall - Isusable File
+# Shorewall -- /etc/shorewall/isusable
 #
-# /etc/shorewall/isusable
+# This script is called when Shorewall is attempting to determine
 # if an interface named in /etc/shorewall/providers is usable.
 #
-#	This script is called when Shorewall is attempting to determine
+# The script is invoked inside a function that accepts an interface
-#	if an interface named in /etc/shorewall/providers is usable.
+# name as a single argument. The file below is designed to work with
-#
+# both swping and lsm as described at
-#	The script is invoked inside a function that accepts an interface
+# http://www.shorewall.net/MultiISP.html
 #	name as a single argument. The file below is designed to work with
 #	both swping and lsm as described at
 #	http://www.shorewall.net/MultiISP.html
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall/configfiles/lib.private
+++ b/Shorewall/configfiles/lib.private
@ -1,7 +1,5 @@
 #
-# Shorewall - Lib.private File
+# Shorewall -- /etc/shorewall/lib.private
 #
 # /etc/shorewall/lib.private
 #
 # Use this file to declare shell functions to be called in the other
 # run-time extension scripts. The file will be copied into the generated
--- a/Shorewall/configfiles/maclist
+++ b/Shorewall/configfiles/maclist
@ -1,5 +1,5 @@
 #
-# Shorewall - Maclist file
+# Shorewall -- /etc/shorewall/maclist
 #
 # For information about entries in this file, type "man shorewall-maclist"
 #
--- a/Shorewall/configfiles/mangle
+++ b/Shorewall/configfiles/mangle
@ -1,5 +1,5 @@
 #
-# Shorewall - Mangle File
+# Shorewall -- /etc/shorewall/mangle
 #
 # For information about entries in this file, type "man shorewall-mangle"
 #
@ -9,6 +9,7 @@
 #
 # See http://shorewall.net/PacketMarking.html for a detailed description of
 # the Netfilter/Shorewall packet marking mechanism.
 #
 ####################################################################################################################################################
 #ACTION		SOURCE		DEST		PROTO	DEST	SOURCE	USER	TEST	LENGTH	TOS	CONNBYTES	HELPER	PROBABILITY	DSCP
 #							PORT(S)	PORT(S)
--- a/Shorewall/configfiles/masq
+++ b/Shorewall/configfiles/masq
@ -1,5 +1,5 @@
 #
-# Shorewall - Masq file
+# Shorewall -- /etc/shorewall/masq
 #
 # For information about entries in this file, type "man shorewall-masq"
 #
--- a/Shorewall/configfiles/nat
+++ b/Shorewall/configfiles/nat
@ -1,5 +1,5 @@
 #
-# Shorewall - Nat File
+# Shorewall -- /etc/shorewall/nat
 #
 # For information about entries in this file, type "man shorewall-nat"
 #
--- a/Shorewall/configfiles/netmap
+++ b/Shorewall/configfiles/netmap
@ -1,5 +1,5 @@
 #
-# Shorewall - Netmap File
+# Shorewall -- /etc/shorewall/netmap
 #
 # For information about entries in this file, type "man shorewall-netmap"
 #
--- a/Shorewall/configfiles/params
+++ b/Shorewall/configfiles/params
@ -1,27 +1,25 @@
 #
-# Shorewall - Params File
+# Shorewall -- /etc/shorewall/params
 #
-# /etc/shorewall/params
+# Assign any variables that you need here.
 #
-#	Assign any variables that you need here.
+# It is suggested that variable names begin with an upper case letter
 # to distinguish them from variables used internally within the
 # Shorewall programs
 #
-#	It is suggested that variable names begin with an upper case letter
+# Example:
 #	to distinguish them from variables used internally within the
 #	Shorewall programs
 #
-#	Example:
+#	NET_IF=eth0
 #	NET_BCAST=130.252.100.255
 #	NET_OPTIONS=routefilter,norfc1918
 #
-#		NET_IF=eth0
+# Example (/etc/shorewall/interfaces record):
 #		NET_BCAST=130.252.100.255
 #		NET_OPTIONS=routefilter,norfc1918
 #
-#	Example (/etc/shorewall/interfaces record):
+#	net	$NET_IF		$NET_BCAST	$NET_OPTIONS
 #
-#		net	$NET_IF		$NET_BCAST	$NET_OPTIONS
+# The result will be the same as if the record had been written
 #
-#	The result will be the same as if the record had been written
+#	net	eth0		130.252.100.255	routefilter,norfc1918
 #
 #		net	eth0		130.252.100.255	routefilter,norfc1918
 #
 ###############################################################################
--- a/Shorewall/configfiles/policy
+++ b/Shorewall/configfiles/policy
@ -1,5 +1,5 @@
 #
-# Shorewall - Policy File
+# Shorewall -- /etc/shorewall/policy
 #
 # For information about entries in this file, type "man shorewall-policy"
 #
--- a/Shorewall/configfiles/providers
+++ b/Shorewall/configfiles/providers
@ -1,5 +1,5 @@
 #
-# Shorewall - Providers File
+# Shorewall -- /etc/shorewall/providers
 #
 # For information about entries in this file, type "man shorewall-providers"
 #
--- a/Shorewall/configfiles/proxyarp
+++ b/Shorewall/configfiles/proxyarp
@ -1,5 +1,5 @@
 #
-# Shorewall - Proxyarp File
+# Shorewall -- /etc/shorewall/proxyarp
 #
 # For information about entries in this file, type "man shorewall-proxyarp"
 #
--- a/Shorewall/configfiles/refresh
+++ b/Shorewall/configfiles/refresh
@ -1,7 +1,5 @@
 #
-# Shorewall - Refresh File
+# Shorewall -- /etc/shorewall/refresh
 #
 # /etc/shorewall/refresh
 #
 # Add commands below that you want to be executed before Shorewall
 # has processed the 'refresh' command.
--- a/Shorewall/configfiles/refreshed
+++ b/Shorewall/configfiles/refreshed
@ -1,7 +1,5 @@
 #
-# Shorewall - Refreshed File
+# Shorewall -- /etc/shorewall/refreshed
 #
 # /etc/shorewall/refreshed
 #
 # Add commands below that you want to be executed after Shorewall has
 # processed the 'refresh' command.
--- a/Shorewall/configfiles/restored
+++ b/Shorewall/configfiles/restored
@ -1,10 +1,8 @@
 #
-# Shorewall - Restored File
+# Shorewall -- /etc/shorewall/restored
 #
-# /etc/shorewall/restored
+# Add commands below that you want to be executed after shorewall has
-#
+# completed a 'restore' command.
 #	Add commands below that you want to be executed after shorewall has
 #	completed a 'restore' command.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall/configfiles/routes
+++ b/Shorewall/configfiles/routes
@ -1,8 +1,9 @@
 #
-# Shorewall - Routes File
+# Shorewall -- /etc/shorewall/routes
 #
 # For information about entries in this file, type "man shorewall-routes"
 #
 # For additional information, see http://www.shorewall.net/MultiISP.html
 #
 ###############################################################################
 #PROVIDER		DEST			GATEWAY		DEVICE	OPTIONS
--- a/Shorewall/configfiles/routestopped
+++ b/Shorewall/configfiles/routestopped
@ -1,6 +1,8 @@
 #
 # Shorewall - Routestopped File
 #
 # /etc/shorewall/routestopped
 #
 # This file is deprecated in favor of the stoppedrules file
 #
 # For information about entries in this file, type "man shorewall-routestopped"
--- a/Shorewall/configfiles/rtrules
+++ b/Shorewall/configfiles/rtrules
@ -1,8 +1,9 @@
 #
-# Shorewall - Rtrules File
+# Shorewall -- /etc/shorewall/rtrules
 #
 # For information about entries in this file, type "man shorewall-rtrules"
 #
 # For additional information, see http://www.shorewall.net/MultiISP.html
 #
 ####################################################################################
 #SOURCE			DEST			PROVIDER	PRIORITY	MASK
--- a/Shorewall/configfiles/rules
+++ b/Shorewall/configfiles/rules
@ -1,5 +1,5 @@
 #
-# Shorewall - Rules File
+# Shorewall -- /etc/shorewall/rules
 #
 # For information on the settings in this file, type "man shorewall-rules"
 #
--- a/Shorewall/configfiles/scfilter
+++ b/Shorewall/configfiles/scfilter
@ -1,7 +1,5 @@
 #
-# Shorewall - Scfilter Filter
+# Shorewall -- /etc/shorewall/scfilter
 #
 # /etc/shorewall/scfilter
 #
 # Replace the 'cat' command below to filter the output of
 # 'show connections'.
--- a/Shorewall/configfiles/secmarks
+++ b/Shorewall/configfiles/secmarks
@ -1,5 +1,5 @@
 #
-# Shorewall - Secmarks File
+# Shorewall -- /etc/shorewall/secmarks
 #
 # For information about entries in this file, type "man shorewall-secmarks"
 #
--- a/Shorewall/configfiles/start
+++ b/Shorewall/configfiles/start
@ -1,10 +1,8 @@
 #
-# Shorewall - Start File
+# Shorewall -- /etc/shorewall/start
 #
-# /etc/shorewall/start
+# Add commands below that you want to be executed after shorewall has
-#
+# been started, reloaded or restarted.
 #	Add commands below that you want to be executed after shorewall has
 #	been started, reloaded or restarted.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall/configfiles/started
+++ b/Shorewall/configfiles/started
@ -1,17 +1,15 @@
 #
-# Shorewall - Started File
+# Shorewall -- /etc/shorewall/started
 #
-# /etc/shorewall/started
+# Add commands below that you want to be executed after shorewall has
 # been completely started, reloaded or restarted. The difference between
 # this extension script and /etc/shorewall/start is that this one is
 # invoked after the 'shorewall' chain has been created (thus
 # signaling that the firewall is completely up).
 #
-#	Add commands below that you want to be executed after shorewall has
+# This script should not change the firewall configuration directly but
-#	been completely started, reloaded or restarted. The difference between
+# may do so indirectly by running /sbin/shorewall with the 'nolock'
-#       this extension script and /etc/shorewall/start is that this one is
+# option.
 #	invoked	after the 'shorewall' chain has been created (thus
 #	signaling that the firewall is completely up).
 #
 #	This script should not change the firewall configuration directly but
 #	may do so indirectly by running /sbin/shorewall with the 'nolock'
 #	option.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall/configfiles/stop
+++ b/Shorewall/configfiles/stop
@ -1,10 +1,8 @@
 #
-# Shorewall - Stop File
+# Shorewall -- /etc/shorewall/stop
 #
-# /etc/shorewall/stop
+# Add commands below that you want to be executed at the beginning of a
-#
+# "shorewall stop" command.
 #	Add commands below that you want to be executed at the beginning of a
 #	"shorewall stop" command.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall/configfiles/stopped
+++ b/Shorewall/configfiles/stopped
@ -1,10 +1,8 @@
 #
-# Shorewall - Stopped File
+# Shorewall -- /etc/shorewall/stopped
 #
-# /etc/shorewall/stopped
+# Add commands below that you want to be executed at the completion of a
-#
+# "shorewall stop" command.
 #	Add commands below that you want to be executed at the completion of a
 #	"shorewall stop" command.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall/configfiles/stoppedrules
+++ b/Shorewall/configfiles/stoppedrules
@ -1,5 +1,5 @@
 #
-# Shorewall - Stoppedrules File
+# Shorewall -- /etc/shorewall/stoppedrules
 #
 # For information about entries in this file, type "man shorewall-stoppedrules"
 #
--- a/Shorewall/configfiles/tcclasses
+++ b/Shorewall/configfiles/tcclasses
@ -1,5 +1,5 @@
 #
-# Shorewall - Tcclasses File
+# Shorewall -- /etc/shorewall/tcclasses
 #
 # For information about entries in this file, type "man shorewall-tcclasses"
 #
--- a/Shorewall/configfiles/tcclear
+++ b/Shorewall/configfiles/tcclear
@ -1,7 +1,5 @@
 #
-# Shorewall - Tcclear File
+# Shorewall -- /etc/shorewall/tcclear
 #
 # /etc/shorewall/tcclear
 #
 # Add commands below that you want to be executed before Shorewall clears
 # the traffic shaping configuration.
--- a/Shorewall/configfiles/tcdevices
+++ b/Shorewall/configfiles/tcdevices
@ -1,5 +1,5 @@
 #
-# Shorewall - Tcdevices File
+# Shorewall -- /etc/shorewall/tcdevices
 #
 # For information about entries in this file, type "man shorewall-tcdevices"
 #
--- a/Shorewall/configfiles/tcfilters
+++ b/Shorewall/configfiles/tcfilters
@ -1,5 +1,5 @@
 #
-# Shorewall - Tcfilters File
+# Shorewall -- /etc/shorewall/tcfilters
 #
 # For information about entries in this file, type "man shorewall-tcfilters"
 #
--- a/Shorewall/configfiles/tcinterfaces
+++ b/Shorewall/configfiles/tcinterfaces
@ -1,5 +1,5 @@
 #
-# Shorewall - Tcinterfaces File
+# Shorewall -- /etc/shorewall/tcinterfaces
 #
 # For information about entries in this file, type "man shorewall-tcinterfaces"
 #
--- a/Shorewall/configfiles/tcpri
+++ b/Shorewall/configfiles/tcpri
@ -1,5 +1,5 @@
 #
-# Shorewall - Tcpri File
+# Shorewall -- /etc/shorewall/tcpri
 #
 # For information about entries in this file, type "man shorewall-tcpri"
 #
--- a/Shorewall/configfiles/tunnels
+++ b/Shorewall/configfiles/tunnels
@ -1,5 +1,5 @@
 #
-# Shorewall - Tunnels File
+# Shorewall -- /etc/shorewall/tunnels
 #
 # For information about entries in this file, type "man shorewall-tunnels"
 #
--- a/Shorewall/configfiles/zones
+++ b/Shorewall/configfiles/zones
@ -1,5 +1,5 @@
 #
-# Shorewall - Zones File
+# Shorewall -- /etc/shorewall/zones
 #
 # For information about this file, type "man shorewall-zones"
 #
--- a/Shorewall6/configfiles/accounting
+++ b/Shorewall6/configfiles/accounting
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Accounting File
+# Shorewall6 -- /etc/shorewall6/accounting
 #
 # For information about entries in this file, type "man shorewall6-accounting"
 #
--- a/Shorewall6/configfiles/actions
+++ b/Shorewall6/configfiles/actions
@ -1,7 +1,5 @@
 #
-# Shorewall6 - Actions File
+# Shorewall6 -- /etc/shorewall6/actions
 #
 # /etc/shorewall6/actions
 #
 # For information about entries in this file, type "man shorewall6-actions"
 #
--- a/Shorewall6/configfiles/blrules
+++ b/Shorewall6/configfiles/blrules
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Blrules File
+# Shorewall6 -- /etc/shorewall6/blrules
 #
 # For information about entries in this file, type "man shorewall6-blrules"
 #
--- a/Shorewall6/configfiles/clear
+++ b/Shorewall6/configfiles/clear
@ -1,7 +1,5 @@
 #
-# Shorewall6 - Clear File
+# Shorewall6 -- /etc/shorewall6/clear
 #
 # /etc/shorewall6/clear
 #
 # Add commands below that you want to be executed after Shorewall6 has
 # processed the 'clear' command.
--- a/Shorewall6/configfiles/conntrack
+++ b/Shorewall6/configfiles/conntrack
@ -1,53 +1,54 @@
 #
-# Shorewall6 - Conntrack File
+# Shorewall6 -- /etc/shorewall6/conntrack
 #
 # For information about entries in this file, type "man shorewall6-conntrack"
 #
 ##############################################################################################################
-?FORMAT 2
+?FORMAT 3
 ##############################################################################################################
 #ACTION			SOURCE		DESTINATION	PROTO	DEST		SOURCE	USER/		SWITCH
 #								PORT(S)		PORT(S)	GROUP
-?if __CT_TARGET
+?if $AUTOHELPERS && __CT_TARGET
 ?if __AMANDA_HELPER
-CT:helper:amanda	all		-		udp	10080
+CT:helper:amanda:PO	-		-		udp	10080
 ?endif
 ?if __FTP_HELPER
-CT:helper:ftp		all		-		tcp	21
+CT:helper:ftp:PO	-		-		tcp	21
 ?endif
 ?if __H323_HELPER
-CT:helper:RAS		all		-		udp	1719
+CT:helper:RAS:PO	-		-		udp	1719
-CT:helper:Q.931		all		-		tcp	1720
+CT:helper:Q.931:PO	-		-		tcp	1720
 ?endif
 ?if __IRC_HELPER
-CT:helper:irc		all		-		tcp	6667
+CT:helper:irc:PO	-		-		tcp	6667
 ?endif
 ?if __NETBIOS_NS_HELPER
-CT:helper:netbios-ns	all		-		udp	137
+CT:helper:netbios-ns:PO	-		-		udp	137
 ?endif
 ?if __PPTP_HELPER
-CT:helper:pptp		all		-		tcp	1723
+CT:helper:pptp:PO	-		-		tcp	1723
 ?endif
 ?if __SANE_HELPER
-CT:helper:sane		all		-		tcp	6566
+CT:helper:sane:PO	-		-		tcp	6566
 ?endif
 ?if __SIP_HELPER
-CT:helper:sip		all		-		udp	5060
+CT:helper:sip:PO	-		-		udp	5060
 ?endif
 ?if __SNMP_HELPER
-CT:helper:snmp		all		-		udp	161
+CT:helper:snmp:PO	-		-		udp	161
 ?endif
 ?if __TFTP_HELPER
-CT:helper:tftp		all		-		udp	69
+CT:helper:tftp:PO	-		-		udp	69
 ?endif
 ?endif
--- a/Shorewall6/configfiles/findgw
+++ b/Shorewall6/configfiles/findgw
@ -1,7 +1,5 @@
 #
-# Shorewall - Findgw File
+# Shorewall6 -- /etc/shorewall6/findgw
 #
 # /etc/shorewall6/findgw
 #
 # The code in this file is executed when Shorewall is trying to detect the
 # gateway through an interface in /etc/shorewall6/providers that has GATEWAY
--- a/Shorewall6/configfiles/hosts
+++ b/Shorewall6/configfiles/hosts
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Hosts file
+# Shorewall6 -- /etc/shorewall6/hosts
 #
 # For information about entries in this file, type "man shorewall6-hosts"
 #
--- a/Shorewall6/configfiles/init
+++ b/Shorewall6/configfiles/init
@ -1,10 +1,8 @@
 #
-# Shorewall6 - Init File
+# Shorewall6 -- /etc/shorewall6/init
 #
-# /etc/shorewall6/init
+# Add commands below that you want to be executed at the beginning of
-#
+# a "shorewall6 start" or "shorewall6 restart" command.
 #	Add commands below that you want to be executed at the beginning of
 #	a "shorewall6 start" or "shorewall6 restart" command.
 #
 # For additional information, see
 # http://shorewall.net/shorewall_extension_scripts.htm
--- a/Shorewall6/configfiles/interfaces
+++ b/Shorewall6/configfiles/interfaces
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Interfaces File
+# Shorewall6 -- /etc/shorewall6/interfaces
 #
 # For information about entries in this file, type "man shorewall6-interfaces"
 #
--- a/Shorewall6/configfiles/isusable
+++ b/Shorewall6/configfiles/isusable
@ -1,15 +1,13 @@
 #
-# Shorewall6 - Isusable File
+# Shorewall6 -- /etc/shorewall6/isusable
 #
-# /etc/shorewall6/isusable
+# This script is called when Shorewall6 is attempting to determine
 # if an interface named in /etc/shorewall6/providers is usable.
 #
-#	This script is called when Shorewall6 is attempting to determine
+# The script is invoked inside a function that accepts an interface
-#	if an interface named in /etc/shorewall6/providers is usable.
+# name as a single argument. The file below is designed to work with
-#
+# both swping and lsm as described at
-#	The script is invoked inside a function that accepts an interface
+# http://www.shorewall.net/MultiISP.html
 #	name as a single argument. The file below is designed to work with
 #	both swping and lsm as described at
 #	http://www.shorewall.net/MultiISP.html
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall6/configfiles/lib.private
+++ b/Shorewall6/configfiles/lib.private
@ -1,7 +1,5 @@
 #
-# Shorewall6 - Lib.private File
+# Shorewall6 -- /etc/shorewall6/lib.private
 #
 # /etc/shorewall6/lib.private
 #
 # Use this file to declare shell functions to be called in the other
 # run-time extension scripts. The file will be copied into the generated
--- a/Shorewall6/configfiles/maclist
+++ b/Shorewall6/configfiles/maclist
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Maclist file
+# Shorewall6 -- /etc/shorewall6/maclist
 #
 # For information about entries in this file, type "man shorewall6-maclist"
 #
--- a/Shorewall6/configfiles/mangle
+++ b/Shorewall6/configfiles/mangle
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Mangle File
+# Shorewall6 -- /etc/shorewall6/mangle
 #
 # For information about entries in this file, type "man shorewall6-mangle"
 #
@ -9,6 +9,7 @@
 #
 # See http://shorewall.net/PacketMarking.html for a detailed description of
 # the Netfilter/Shorewall packet marking mechanism.
 #
 ############################################################################################################################################################
 #ACTION		SOURCE		DEST		PROTO	DEST	SOURCE	USER	TEST	LENGTH	TOS	CONNBYTES	HELPER	HEADERS	PROBABILITY	DSCP
 #							PORT(S)	PORT(S)
--- a/Shorewall6/configfiles/masq
+++ b/Shorewall6/configfiles/masq
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Masq file
+# Shorewall6 -- /etc/shorewall6/masq
 #
 # For information about entries in this file, type "man shorewall6-masq"
 #
--- a/Shorewall6/configfiles/nat
+++ b/Shorewall6/configfiles/nat
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Nat File
+# Shorewall6 -- /etc/shorewall6/nat
 #
 # For information about entries in this file, type "man shorewall6-nat"
 #
--- a/Shorewall6/configfiles/netmap
+++ b/Shorewall6/configfiles/netmap
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Netmap File
+# Shorewall6 -- /etc/shorewall6/netmap
 #
 # For information about entries in this file, type "man shorewall-netmap"
 #
--- a/Shorewall6/configfiles/params
+++ b/Shorewall6/configfiles/params
@ -1,26 +1,24 @@
 #
-# Shorewall6 - Params File
+# Shorewall6 -- /etc/shorewall6/params
 #
-# /etc/shorewall6/params
+# Assign any variables that you need here.
 #
-#	Assign any variables that you need here.
+# It is suggested that variable names begin with an upper case letter
 # to distinguish them from variables used internally within the
 # Shorewall6 programs
 #
-#	It is suggested that variable names begin with an upper case letter
+# Example:
 #	to distinguish them from variables used internally within the
 #	Shorewall6 programs
 #
-#	Example:
+#	NET_IF=eth0
 #	NET_OPTIONS=dhcp,nosmurfs
 #
-#		NET_IF=eth0
+# Example (/etc/shorewall6/interfaces record):
 #		NET_OPTIONS=dhcp,nosmurfs
 #
-#	Example (/etc/shorewall6/interfaces record):
+#	net	$NET_IF		-	$NET_OPTIONS
 #
-#		net	$NET_IF		-	$NET_OPTIONS
+# The result will be the same as if the record had been written
 #
-#	The result will be the same as if the record had been written
+#	net	eth0		-	dhcp,nosmurfs
 #
 #		net	eth0		-	dhcp,nosmurfs
 #
 ###############################################################################
--- a/Shorewall6/configfiles/policy
+++ b/Shorewall6/configfiles/policy
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Policy File
+# Shorewall6 -- /etc/shorewall6/policy
 #
 # For information about entries in this file, type "man shorewall6-policy"
 #
--- a/Shorewall6/configfiles/providers
+++ b/Shorewall6/configfiles/providers
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Providers File
+# Shorewall6 -- /etc/shorewall6/providers
 #
 # For information about entries in this file, type "man shorewall6-providers"
 #
--- a/Shorewall6/configfiles/proxyndp
+++ b/Shorewall6/configfiles/proxyndp
@ -1,5 +1,5 @@
 #
-# Shorewall - Proxyndp File
+# Shorewall6 -- /etc/shorewall6/proxyndp
 #
 # For information about entries in this file, type "man shorewall6-proxyndp"
 #
--- a/Shorewall6/configfiles/refresh
+++ b/Shorewall6/configfiles/refresh
@ -1,7 +1,5 @@
 #
-# Shorewall6 - Refresh File
+# Shorewall6 -- /etc/shorewall6/refresh
 #
 # /etc/shorewall6/refresh
 #
 # Add commands below that you want to be executed before Shorewall6 has
 # processed the 'refresh' command.
--- a/Shorewall6/configfiles/refreshed
+++ b/Shorewall6/configfiles/refreshed
@ -1,7 +1,5 @@
 #
-# Shorewall6 - Refreshed File
+# Shorewall6 -- /etc/shorewall6/refreshed
 #
 # /etc/shorewall6/refreshed
 #
 # Add commands below that you want to be executed after Shorewall6 has
 # processed the 'refresh' command.
--- a/Shorewall6/configfiles/restored
+++ b/Shorewall6/configfiles/restored
@ -1,10 +1,8 @@
 #
-# Shorewall6 - Restored File
+# Shorewall6 -- /etc/shorewall6/restored
 #
-# /etc/shorewall6/restored
+# Add commands below that you want to be executed after shorewall6 has
-#
+# completed a 'restore' command.
 #	Add commands below that you want to be executed after shorewall6 has
 #	completed a 'restore' command.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall6/configfiles/routes
+++ b/Shorewall6/configfiles/routes
@ -1,8 +1,9 @@
 #
-# Shorewall6 - Routes File
+# Shorewall6 -- /etc/shorewall6/routes
 #
 # For information about entries in this file, type "man shorewall6-routes"
 #
 # For additional information, see http://www.shorewall.net/MultiISP.html
 #
 ###############################################################################
 #PROVIDER		DEST			GATEWAY		DEVICE	OPTIONS
--- a/Shorewall6/configfiles/routestopped
+++ b/Shorewall6/configfiles/routestopped
@ -1,6 +1,8 @@
 #
 # Shorewall6 - Routestopped File
 #
 # /etc/shorewall6/routestopped
 #
 # This file is deprecated in favor of the stoppedrules file.
 #
 # For information about entries in this file, type "man shorewall6-routestopped"
--- a/Shorewall6/configfiles/rtrules
+++ b/Shorewall6/configfiles/rtrules
@ -1,8 +1,9 @@
 #
-# Shorewall6 - Rtrules File
+# Shorewall6 -- /etc/shorewall6/rtrules
 #
 # For information about entries in this file, type "man shorewall6-rtrules"
 #
 # For additional information, see http://www.shorewall.net/MultiISP.html
 #
 ####################################################################################
 #SOURCE			DEST			PROVIDER	PRIORITY	MASK
--- a/Shorewall6/configfiles/rules
+++ b/Shorewall6/configfiles/rules
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Rules File
+# Shorewall6 -- /etc/shorewall6/rules
 #
 # For information on the settings in this file, type "man shorewall6-rules"
 #
--- a/Shorewall6/configfiles/scfilter
+++ b/Shorewall6/configfiles/scfilter
@ -1,7 +1,5 @@
 #
-# Shorewall - Scfilter File
+# Shorewall6 -- /etc/shorewall6/scfilter
 #
 # /etc/shorewall/scfilter
 #
 # Replace the 'cat' command below to filter the output of
 # 'show connections'.
--- a/Shorewall6/configfiles/secmarks
+++ b/Shorewall6/configfiles/secmarks
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Secmarks File
+# Shorewall6 -- /etc/shorewall6/secmarks
 #
 # For information about entries in this file, type "man shorewall-secmarks"
 #
--- a/Shorewall6/configfiles/start
+++ b/Shorewall6/configfiles/start
@ -1,10 +1,8 @@
 #
-# Shorewall6 - Start File
+# Shorewall6 -- /etc/shorewall6/start
 #
-# /etc/shorewall6/start
+# Add commands below that you want to be executed after shorewall6 has
-#
+# been started or restarted.
 #	Add commands below that you want to be executed after shorewall6 has
 #	been started or restarted.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall6/configfiles/started
+++ b/Shorewall6/configfiles/started
@ -1,17 +1,15 @@
 #
-# Shorewall6 - Started File
+# Shorewall6 -- /etc/shorewall6/started
 #
-# /etc/shorewall6/started
+# Add commands below that you want to be executed after shorewall6 has
 # been completely started or restarted. The difference between this
 # extension script and /etc/shorewall6/start is that this one is invoked
 # after the 'shorewall' chain has been created (thus signaling that the
 # firewall is completely up).
 #
-#	Add commands below that you want to be executed after shorewall6 has
+# This script should not change the firewall configuration directly but
-#	been completely started or restarted. The difference between this
+# may do so indirectly by running /sbin/shorewall6 with the 'nolock'
-#	extension script and /etc/shorewall6/start is that this one is invoked
+# option.
 #	after the 'shorewall' chain has been created (thus signaling that the
 #	firewall is completely up).
 #
 #	This script should not change the firewall configuration directly but
 #	may do so indirectly by running /sbin/shorewall6 with the 'nolock'
 #	option.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall6/configfiles/stop
+++ b/Shorewall6/configfiles/stop
@ -1,10 +1,8 @@
 #
-# Shorewall6 - Stop File
+# Shorewall6 -- /etc/shorewall6/stop
 #
-# /etc/shorewall6/stop
+# Add commands below that you want to be executed at the beginning of a
-#
+# "shorewall6 stop" command.
 #	Add commands below that you want to be executed at the beginning of a
 #	"shorewall6 stop" command.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall6/configfiles/stopped
+++ b/Shorewall6/configfiles/stopped
@ -1,10 +1,8 @@
 #
-# Shorewall6 - Stopped File
+# Shorewall6 -- /etc/shorewall6/stopped
 #
-# /etc/shorewall6/stopped
+# Add commands below that you want to be executed at the completion of a
-#
+# "shorewall6 stop" command.
 #	Add commands below that you want to be executed at the completion of a
 #	"shorewal6l stop" command.
 #
 # See http://shorewall.net/shorewall_extension_scripts.htm for additional
 # information.
--- a/Shorewall6/configfiles/stoppedrules
+++ b/Shorewall6/configfiles/stoppedrules
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Stoppedrules File
+# Shorewall6 -- /etc/shorewall6/stoppedrules
 #
 # For information about entries in this file,
 # type "man shorewall6-stoppedrules"
--- a/Shorewall6/configfiles/tcclasses
+++ b/Shorewall6/configfiles/tcclasses
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Tcclasses File
+# Shorewall6 -- /etc/shorewall6/tcclasses
 #
 # For information about entries in this file, type "man shorewall6-tcclasses"
 #
--- a/Shorewall6/configfiles/tcclear
+++ b/Shorewall6/configfiles/tcclear
@ -1,7 +1,5 @@
 #
-# Shorewall6 - tcclear File
+# Shorewall6 -- /etc/shorewall6/tcclear
 #
 # /etc/shorewall6/tcclear
 #
 # Add commands below that you want to be executed before Shorewall6 clears
 # the traffic shaping configuration.
--- a/Shorewall6/configfiles/tcdevices
+++ b/Shorewall6/configfiles/tcdevices
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Tcdevices File
+# Shorewall6 -- /etc/shorewall6/tcdevices
 #
 # For information about entries in this file, type "man shorewall6-tcdevices"
 #
--- a/Shorewall6/configfiles/tcfilters
+++ b/Shorewall6/configfiles/tcfilters
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Tcfilters File
+# Shorewall6 -- /etc/shorewall6/tcfilters
 #
 # For information about entries in this file, type "man shorewall6-tcfilters"
 #
--- a/Shorewall6/configfiles/tcinterfaces
+++ b/Shorewall6/configfiles/tcinterfaces
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Tcinterfaces File
+# Shorewall6 -- /etc/shorewall6/tcinterfaces
 #
 # For information about entries in this file,
 # type "man shorewall6-tcinterfaces"
--- a/Shorewall6/configfiles/tcpri
+++ b/Shorewall6/configfiles/tcpri
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Tcpri File
+# Shorewall6 -- /etc/shorewall6/tcpri
 #
 # For information about entries in this file, type "man shorewall6-tcpri"
 #
--- a/Shorewall6/configfiles/tunnels
+++ b/Shorewall6/configfiles/tunnels
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Tunnels File
+# Shorewall6 -- /etc/shorewall6/tunnels
 #
 # For information about entries in this file, type "man shorewall6-tunnels"
 #
--- a/Shorewall6/configfiles/zones
+++ b/Shorewall6/configfiles/zones
@ -1,5 +1,5 @@
 #
-# Shorewall6 - Zones File
+# Shorewall6 -- /etc/shorewall6/zones
 #
 # For information about this file, type "man shorewall6-zones"
 #