Clarify REJECT handling in IP[6]TABLE rules

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-26 09:33:14 +01:00 · 2014-08-24 09:10:10 -07:00 · 2014-08-24 09:10:10 -07:00 · 4347190f82
commit 4347190f82
parent fa8c3b3b6c
2 changed files with 39 additions and 16 deletions
--- a/Shorewall/manpages/shorewall-rules.xml
+++ b/Shorewall/manpages/shorewall-rules.xml
@ -476,24 +476,35 @@
            </varlistentry>
            <varlistentry>
-              <term>IPTABLES({<replaceable>target</replaceable>
+              <term>IPTABLES({<replaceable>iptables-target</replaceable>
              [<replaceable>option</replaceable> ...])</term>
              <listitem>
                <para>This action allows you to specify an iptables target
                with options (e.g., 'IPTABLES(MARK --set-xmark 0x01/0xff)'. If
-                the target is not one recognized by Shorewall, the following
+                the <replaceable>iptables-target</replaceable> is not one
-                error message will be issued:</para>
+                recognized by Shorewall, the following error message will be
                issued:</para>
                <simplelist>
                  <member>ERROR: Unknown target
-                  (<replaceable>target</replaceable>)</member>
+                  (<replaceable>iptables-target</replaceable>)</member>
                </simplelist>
                <para>This error message may be eliminated by adding the
-                <replaceable>target</replaceable> as a builtin action in
+                <replaceable>iptables-</replaceable><replaceable>target</replaceable>
-                <ulink
+                as a builtin action in <ulink
                url="/manpages/shorewall-actions.html">shorewall-actions</ulink>(5).</para>
                <important>
                  <para>If you specify REJECT as the
                  <replaceable>iptables-target</replaceable>, the target of
                  the rule will be the iptables REJECT target and not
                  Shorewall's builtin 'reject' chain which is used when REJECT
                  (see below) is specified as the
                  <replaceable>target</replaceable> in the ACTION
                  column.</para>
                </important>
              </listitem>
            </varlistentry>
--- a/Shorewall6/manpages/shorewall6-rules.xml
+++ b/Shorewall6/manpages/shorewall6-rules.xml
@ -450,24 +450,36 @@
            </varlistentry>
            <varlistentry>
-              <term>IP6TABLES({<replaceable>target</replaceable>
+              <term>IP6TABLES({<replaceable>ip6tables-target</replaceable>
              [<replaceable>option</replaceable> ...])</term>
              <listitem>
-                <para>This action allows you to specify an iptables target
+                <para>This action allows you to specify an ip6tables target
-                with options (e.g., 'IP6TABLES(MARK --set-xmark 0x01/0xff)'.
+                with options (e.g., 'IPTABLES(MARK --set-xmark 0x01/0xff)'. If
-                If the target is not one recognized by Shorewall, the
+                the <replaceable>ip6tables-target</replaceable> is not one
-                following error message will be issued:</para>
+                recognized by Shorewall, the following error message will be
                issued:</para>
                <simplelist>
                  <member>ERROR: Unknown target
-                  (<replaceable>target</replaceable>)</member>
+                  (<replaceable>ip6tables-target</replaceable>)</member>
                </simplelist>
-                <para>This error message may be eliminated by adding the
+                <para>This error message may be eliminated by adding
-                <replaceable>target</replaceable> as a builtin action in
+                the<replaceable>
-                <ulink
+                ip6tables-</replaceable><replaceable>target</replaceable> as a
-                url="/manpages6/shorewall6-actions.html">shorewall6-actions(5)</ulink>.</para>
+                builtin action in <ulink
                url="shorewall6-actions.html">shorewall6-actions</ulink>(5).</para>
                <important>
                  <para>If you specify REJECT as the
                  <replaceable>ip6tables-target</replaceable>, the target of
                  the rule will be the i6ptables REJECT target and not
                  Shorewall's builtin 'reject' chain which is used when REJECT
                  (see below) is specified as the
                  <replaceable>target</replaceable> in the ACTION
                  column.</para>
                </important>
              </listitem>
            </varlistentry>