diff --git a/docs/Actions.xml b/docs/Actions.xml
index 7aa4503cc..a571b59bb 100644
--- a/docs/Actions.xml
+++ b/docs/Actions.xml
@@ -101,31 +101,31 @@ ACCEPT - - tcp 135,139,445
User-defined Actions. These actions are created by end-users.
They are listed in the file /etc/shorewall/actions and are defined in
- action.* files in /etc/shorewall or in another directory
- listed in your CONFIG_PATH (defined in /etc/shorewall/shorewall.conf).
- Common Actions
+ Default Actions (Formerly Common Actions)
- Shorewall allows the association of a common
- action with policies. A separate common action may be
- associated with ACCEPT, DROP and REJECT policies. Common actions provide a
- way to invoke a set of common rules just before the policy is enforced.
- Common actions accomplish two goals:
+ Shorewall allows the association of a default
+ action with policies. A separate default action may be
+ associated with ACCEPT, DROP and REJECT policies. Default actions provide
+ a way to invoke a set of common rules just before the policy is enforced.
+ Default actions accomplish two goals:
- Relieve log congestion. Common actions typically include rules
+ Relieve log congestion. Default actions typically include rules
to silently drop or reject traffic that would otherwise be logged when
the policy is enforced.
- Ensure correct operation. Common actions can also avoid common
+ Ensure correct operation. Default actions can also avoid common
pitfalls like dropping connection requests on port TCP port 113. If
these connections are dropped (rather than rejected) then you may
encounter problems connecting to internet services that utilize the
@@ -136,23 +136,23 @@ ACCEPT - - tcp 135,139,445
- Shorewall provides common actions for the REJECT and DROP policies.
- The common action for REJECT is named Reject and
- the common action for DROP is named Drop. These
+ Shorewall provides default actions for the REJECT and DROP policies.
+ The default action for REJECT is named Reject and
+ the default action for DROP is named Drop. These
associations are made through two entries in
/usr/share/shorewall/actions.std:
- Drop:DROP #Common Action for DROP policy
-Reject:REJECT #Common Action for REJECT policy
+ Drop:DROP #Default Action for DROP policy
+Reject:REJECT #Default Action for REJECT policy
These may be overridden by entries in your /etc/shorewall/actions
file.
- Entries in the DROP and REJECT common actions Entries in the DROP and REJECT default actions ARE NOT THE CAUSE OF CONNECTION PROBLEMS.
- Remember — common actions are only invoked immediately before the packet
- is going to be dropped or rejected anyway!!!
+ Remember — default actions are only invoked immediately before the
+ packet is going to be dropped or rejected anyway!!!
@@ -180,8 +180,8 @@ Reject:REJECT #Common Action for REJECT policy
The name of the action may be optionally followed by a colon
(:
) and ACCEPT, DROP or REJECT. When this is done, the
- named action will become the common action for
- policies of type ACCEPT, DROP or REJECT respectively. The common
+ named action will become the default action for
+ policies of type ACCEPT, DROP or REJECT respectively. The default
action is applied immediately before the policy is enforced (before
any logging is done under that policy) and is used mainly to suppress
logging of uninteresting traffic which would otherwise clog your logs.
diff --git a/docs/User_defined_Actions.xml b/docs/User_defined_Actions.xml
index b41989216..be2321f3d 100644
--- a/docs/User_defined_Actions.xml
+++ b/docs/User_defined_Actions.xml
@@ -64,8 +64,8 @@
Beginning with Shorewall-2.0.0-Beta1, the name of the action may
be optionally followed by a colon (:
) and ACCEPT, DROP
or REJECT. When this is done, the named action will become the
- common action for policies of type ACCEPT, DROP
- or REJECT respectively. The common action is applied immediately
+ default action for policies of type ACCEPT, DROP
+ or REJECT respectively. The default action is applied immediately
before the policy is enforced (before any logging is done under that
policy) and is used mainly to suppress logging of uninteresting
traffic which would otherwise clog your logs. The same policy name can
@@ -397,7 +397,7 @@ AllowFTP loc $FW
class="directory">/etc/shorewall and modify it to suit your
needs. The next shorewall restart will cause your
action to be installed in place of the standard one. In particular, if you
- want to modify the common actions Drop
or
+ want to modify the default actions Drop
or
Reject
, simply copy action.Drop or
Action.Reject to /etc/shorewall and modify that copy as
@@ -415,22 +415,22 @@ AllowFTP loc $FW
- Common Actions
+ Default Actions (Formerly Common Actions)
Also beginning with Shorewall version 2.2.0-Beta1, when an ACCEPT,
- DROP or REJECT policy is about to be enforced, a common
+ DROP or REJECT policy is about to be enforced, a default
action can first be invoked. In /etc/shorewall/actions.std are
found these two entries:
- Drop:DROP #Common Action for DROP policy
-Reject:REJECT #Common Action for REJECT policy
+ Drop:DROP #Default Action for DROP policy
+Reject:REJECT #Default Action for REJECT policy
These entries designate the action named Drop
- as the common action for DROP policies and the common action
- Reject as the common action for REJECT
+ as the default action for DROP policies and the default action
+ Reject as the default action for REJECT
policies.
- The purpose of common actions is:
+ The purpose of default actions is:
@@ -448,7 +448,7 @@ Reject:REJECT #Common Action for REJECT policy
- It should be stressed that the common actions
+ It should be stressed that the default actions
do not cause any traffic to be dropped or rejected that isn't about to be
dropped or rejected anyway (remember that these actions are
invoked just before the connection request is going to be dropped or
diff --git a/docs/shorewall_extension_scripts.xml b/docs/shorewall_extension_scripts.xml
index e7069ce6e..daa353c4c 100644
--- a/docs/shorewall_extension_scripts.xml
+++ b/docs/shorewall_extension_scripts.xml
@@ -5,7 +5,7 @@
- Extension Scripts and Common Actions
+ Extension Scripts and Default Actions
@@ -101,7 +101,7 @@
refresh -- invoked while the firewall is being refreshed but
- before the common and/or blacklst chains have been rebuilt.
+ before the blacklst chains have been rebuilt.
@@ -274,11 +274,11 @@
- You can also define a common action to be
+ You can also define a default action to be
performed immediately before a policy of ACCEPT, DROP or REJECT is applied.
Separate actions can be assigned to each
- policy type so for example you can have a different common action for DROP
- and REJECT policies. The most common usage of common actions is to silently
+ policy type so for example you can have a different default action for DROP
+ and REJECT policies. The most common usage of default actions is to silently
drop traffic that you don't wish to have logged by the policy.
As released, Shorewall defines a number of actions which are cataloged
@@ -297,7 +297,7 @@ Reject:REJECT
You can override these defaults with entries in your
/etc/shorewall/actions file. For example, if that file were to contain
- MyDrop:DROP
then the common action for DROP policies would
+ MyDrop:DROP
then the default action for DROP policies would
become MyDrop
.
One final note. The chain created to perform an action has the same
diff --git a/docs/shorewall_setup_guide.xml b/docs/shorewall_setup_guide.xml
index 53f31e015..9314b0564 100644
--- a/docs/shorewall_setup_guide.xml
+++ b/docs/shorewall_setup_guide.xml
@@ -258,7 +258,7 @@ dmz ipv4
If no rule in that file matches the connection request then the first
policy in /etc/shorewall/policy that matches the
request is applied after the request is passed to the appropriate common action (if any).
+ url="Actions.html">default action (if any).
Prior to Shorewall 2.2.0, the default
/etc/shorewall/policy file had the following
@@ -947,7 +947,7 @@ loc eth2 detect
netmask 255.255.255.248.
- /sbin/shorewall supports an ipcalc command that automatically
+ /sbin/shorewall supports an ipcalc command that automatically
calculates information about a [sub]network.