extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-25 04:01:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Attempt to clarify LOGALLNEW

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7597 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-10-30 20:37:47 +00:00
parent 29027aecdb
commit 4c8b80b0d4
2 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
manpages/shorewall-rules.xml
View File

@ -723,7 +723,10 @@
a service name. Additionally, Shorewall-perl 4.0.5 and later a service name. Additionally, Shorewall-perl 4.0.5 and later
permit specifying a port range in the form permit specifying a port range in the form
<emphasis>lowport-highport</emphasis> to cause connections to be <emphasis>lowport-highport</emphasis> to cause connections to be
assigned to ports in the range in round-robin fashion.</para> assigned to ports in the range in round-robin fashion. In that
case, <emphasis>lowport</emphasis> and
<emphasis>highport</emphasis> must be given as integers; service
names are not permitted.</para>
<para>If the <emphasis role="bold">ACTION</emphasis> is <emphasis <para>If the <emphasis role="bold">ACTION</emphasis> is <emphasis
role="bold">REDIRECT</emphasis> or <emphasis role="bold">REDIRECT</emphasis> or <emphasis

15
manpages/shorewall.conf.xml
View File

@ -729,9 +729,9 @@ net all DROP info</programlisting>then the chain name is 'net2all'
role="bold">LOGALLNEW=</emphasis>[<emphasis>log-level</emphasis>]</term> role="bold">LOGALLNEW=</emphasis>[<emphasis>log-level</emphasis>]</term>
<listitem> <listitem>
<para>When set to a log level, this option causes Shorewall to <para>This option is intended for use as a debugging aid. When set
generate a logging rule as the first rule in each builtin to a log level, this option causes Shorewall to generate a logging
chain.</para> rule as the first rule in each builtin chain.</para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
@ -755,10 +755,11 @@ net all DROP info</programlisting>then the chain name is 'net2all'
</programlisting> </programlisting>
<important> <important>
<para>There is no rate limiting on these logging rules so use <para>To help insure that all packets in the NEW state are
LOGALLNEW at your own risk; it may cause high CPU and disk logged, rate limiting (LOGBURST and LOGLIMIT) should be disabled
utilization and you may not be able to control your firewall when using LOGALLNEW. Use LOGALLNEW at your own risk; it may
after you enable this option.</para> cause high CPU and disk utilization and you may not be able to
control your firewall after you enable this option.</para>
</important> </important>
<para></para> <para></para>