Merge branch 'master' into 4.5.7

This commit is contained in:
Tom Eastep 2012-08-20 11:14:08 -07:00
commit 46e57d67d8
3 changed files with 33 additions and 23 deletions

View File

@ -70,6 +70,11 @@
url="manpages/shorewall-blacklist.html">blacklist</ulink> - Static
blacklisting.</member>
<member><ulink
url="manpages/shorewall-conntrack.html">conntrack</ulink> - Specify
helpers for connections or exempt certain traffic from netfilter
connection tracking.</member>
<member><ulink url="manpages/shorewall-ecn.html">ecn</ulink> -
Disabling Explicit Congestion Notification</member>
@ -108,7 +113,7 @@
How to map addresses from one net to another.</member>
<member><ulink url="manpages/shorewall-notrack.html">notrack</ulink> -
Exclude certain traffic from Netfilter connection tracking</member>
Exclude certain traffic from Netfilter connection tracking </member>
<member><ulink url="manpages/shorewall-params.html">params</ulink> -
Assign values to shell variables used in other files.</member>
@ -123,9 +128,8 @@
<member><ulink url="manpages/shorewall-proxyarp.html">proxyarp</ulink>
- Define Proxy ARP.</member>
<member><ulink
url="manpages/shorewall-rtrules.html">rtrules</ulink> - Define
routing rules.</member>
<member><ulink url="manpages/shorewall-rtrules.html">rtrules</ulink> -
Define routing rules.</member>
<member><ulink url="manpages/shorewall-routes.html">routes</ulink> -
(Added in Shorewall 4.4.15) Add additional routes to provider routing

View File

@ -68,7 +68,11 @@
<member><ulink
url="manpages6/shorewall6-blacklist.html">blacklist</ulink> - Static
blacklisting.</member>
blacklisting (deprecated)</member>
<member><ulink url="manpages-conntrack.html">conntrack</ulink> -
Specify helpers for connections or exempt certain traffic from
netfilter connection tracking.</member>
<member><ulink
url="manpages6/shorewall6-exclusion.html">exclusion</ulink> -
@ -92,7 +96,8 @@
- How to define nested zones.</member>
<member><ulink url="manpages6/shorewall6-notrack.html">notrack</ulink>
- Exclude certain traffic from Netfilter6 connection tracking</member>
- Exclude certain traffic from Netfilter6 connection tracking
(deprecated)</member>
<member><ulink url="manpages6/shorewall6-params.html">params</ulink> -
Assign values to shell variables used in other files.</member>
@ -108,9 +113,8 @@
url="manpages6/shorewall6-proxyndp.html">proxyndp</ulink> - Defines
Proxy NDP</member>
<member><ulink
url="manpages6/shorewall6-rtrules.html">rtrules</ulink> -
Define routing rules.</member>
<member><ulink url="manpages6/shorewall6-rtrules.html">rtrules</ulink>
- Define routing rules.</member>
<member><ulink url="manpages6/shorewall6-routes.html">routes</ulink> -
(Added in Shorewall 4.4.15) Add additional routes to provider routing

View File

@ -122,7 +122,7 @@
(shorewall-lite, and shorewall6-lite) will create a directory under
the specified path name to hold state information.</para>
<para>Example: </para>
<para>Example:</para>
<blockquote>
<para>VARDIR=/opt/var/</para>
@ -152,18 +152,18 @@
<para>?ENDIF</para>
</blockquote>
<para> If they are to be processed only if TC_ENABLED=Internal, then
<para>If they are to be processed only if TC_ENABLED=Internal, then
enclose them in</para>
<blockquote>
<para>?IF TC_ENABLED eq 'Internal'</para>
<para> ...</para>
<para>...</para>
<para>?ENDIF.</para>
</blockquote>
<para> </para>
<para></para>
</listitem>
<listitem>
@ -172,27 +172,29 @@
files are still processed by the compiler.</para>
<para>Note that blacklist files may be converted to equivalent blrules
files using <command>shorewall[6] update -b</command>. </para>
files using <command>shorewall[6] update -b</command>.</para>
</listitem>
<listitem>
<para> In Shorewall 4.5.7, the
<para>In Shorewall 4.5.7, the
<filename>/etc/shorewall[6]/notrack</filename> file was renamed
<filename>/etc/shorewall[6]/conntrack</filename>. When upgrading to a
release &gt;= 4.5.7, the <filename>conntrack</filename> file will be
installed along side of an existing <filename>notrack</filename> file.
When both files exist, a compiler warning is generated:</para>
</para>
<para>If the 'notrack' file is non-empty, a warning message is issued
during compilation: </para>
<blockquote>
<para>WARNING: Both /etc/shorewall/notrack and
/etc/shorewall/conntrack exist; /etc/shorewall/conntrack is
ignored</para>
<para>WARNING: Non-empty notrack file (...); please move its
contents to the conntrack file </para>
</blockquote>
<para>This warning may be eliminated by moving any entries in the
<filename>notrack</filename> file to the
<filename>conntrack</filename> file and removing the
<filename>notrack</filename> file. </para>
<para>This warning can be eliminated by removing the notrack file (if
it has no entries), or by moving its entries to the conntrack file and
removing the notrack file. Note that the conntrack file is always
populated with rules </para>
</listitem>
</orderedlist>
</section>