From 442874f7239fd2a25703c627b5f123678ce99d76 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Tue, 8 May 2007 22:42:35 +0000
Subject: [PATCH] Correct error message

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6294 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Chains.pm | 2 +-
 Shorewall-perl/Shorewall/Rules.pm  | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index 596ded4ad..9a780f341 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -1556,7 +1556,7 @@ sub expand_rule( $$$$$$$$$$ )
 	#
 	# We have non-trivial exclusion -- need to create an exclusion chain
 	#
-	fatal_error "Exclusion is not possible in CONTINUE/NONAT rules" if $disposition eq 'RETURN';
+	fatal_error "Exclusion is not possible in ACCEPT+/CONTINUE/NONAT rules" if $disposition eq 'RETURN';
 
 	my $echain = newexclusionchain;
 
diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm
index 26ff5b498..b9c7ee30c 100644
--- a/Shorewall-perl/Shorewall/Rules.pm
+++ b/Shorewall-perl/Shorewall/Rules.pm
@@ -1054,6 +1054,7 @@ sub process_rule1 ( $$$$$$$$$$ ) {
 	#   - the destination port will be the server port
 	#   - the destination IP   will be the server IP
 	#   - there will be no log level (we log NAT rules in the nat table rather than in the filter table).
+	#   - the target will be ACCEPT.
 	#
 	unless ( $actiontype & NATONLY ) {
 	    $rule = join( '', do_proto( $proto, $ports, $sports ), do_ratelimit( $ratelimit, 'ACCEPT' ), do_user $user );