diff --git a/Shorewall-docs2/configuration_file_basics.xml b/Shorewall-docs2/configuration_file_basics.xml
index 86b07dd5e..c21236e13 100644
--- a/Shorewall-docs2/configuration_file_basics.xml
+++ b/Shorewall-docs2/configuration_file_basics.xml
@@ -34,6 +34,13 @@
+
+ This article applies to Shorewall 3.0 and
+ later. If you are running a version of Shorewall earlier than Shorewall
+ 3.0.0 then please see the documentation for that
+ release.
+
+
If you copy or edit your configuration files on a system running
Microsoft Windows, you must run them through
/etc/shorewall/actions and
- /usr/share/shorewall/action.template - define
- your own actions for rules in /etc/shorewall/rules (Shorewall 1.4.9
- and later).
+ /usr/share/shorewall/action.template.
/etc/shorewall/providers - defines an
- alternate routing table.(Shorewall 2.3.2 and later).
-
-
-
- /etc/shorewall/routes - see here (Shorewall
- 2.3.2 and later,experimental)
+ alternate routing table.
@@ -189,10 +188,15 @@
- /usr/share/shorewall/actions.* - Details
+ /usr/share/shorewall/action.* - Details
of actions defined by Shorewall.
+
+ /usr/share/shorewall/macro.* - Details of
+ macros defined by Shorewall.
+
+
/usr/share/rfc1918 — Defines the behavior
of the 'norfc1918' interface option in
@@ -450,6 +454,31 @@ smtp,www,pop3,imap #Services running on the firewall
+
+ Exclusion Lists
+
+ Shorewall 3.0 differs from earlier versions in that in most contexts
+ where a comma-separated list of addresses is accepted, an
+ exclusion list may also be included. An exclusion
+ list is a comma-separated list of addresses that begins with "!".
+
+ Example:
+
+ !192.168.1.3,192.168.1.12,192.168.1.32/27
+
+ The above list refers to "All addresses except 192.168.1.3,
+ 192.168.1.12 and 192.168.1.32-192.168.1.63.
+
+ Exclusion lists can also be added after a network address.
+
+ Example:
+
+ 192.168.1.0/24!192.168.1.3,192.168.1.12,192.168.1.32/27
+
+ The above list refers to "All addresses in 192.168.1.0-192.168.1.255
+ except 192.168.1.3, 192.168.1.12 and 192.168.1.32-192.168.1.63.
+
+