extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-18 03:29:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

More 4.0 documentation updates

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6425 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-05-20 17:21:59 +00:00
parent 194b9dad1b
commit 51590da0b8
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/Actions.xml
View File

@ -35,8 +35,8 @@
</articleinfo> </articleinfo>
<caution> <caution>
<para>This article applies to Shorewall 3.0 and later. If you are running <para>This article applies to Shorewall 4.0 and later. If you are running
a version of Shorewall earlier than Shorewall 3.0.0 then please see the a version of Shorewall earlier than Shorewall 4.0.0 then please see the
documentation for that release.</para> documentation for that release.</para>
</caution> </caution>
@ -537,7 +537,8 @@ acton:info:test $FW net</programlisting>
<para>There may be cases where you wish to create a chain with rules that <para>There may be cases where you wish to create a chain with rules that
can't be constructed using the tools defined in the action.template. In can't be constructed using the tools defined in the action.template. In
that case, you can use an extension script.<note> that case, you can use an <ulink
url="shorewall_extension_scripts.htm">extension script</ulink>.<note>
<para>If you actually need an action to drop broadcast packets, use <para>If you actually need an action to drop broadcast packets, use
the <command>dropBcast</command> standard action rather than create the <command>dropBcast</command> standard action rather than create
one like this.</para> one like this.</para>
@ -548,9 +549,16 @@ acton:info:test $FW net</programlisting>
<para>/etc/shorewall/actions<programlisting>DropBcasts</programlisting></para> <para>/etc/shorewall/actions<programlisting>DropBcasts</programlisting></para>
<para>/etc/shorewall/action.DropBcasts<programlisting># This file is empty</programlisting></para> <para>/etc/shorewall/action.DropBcasts<programlisting># This file is empty</programlisting>When
using Shorewall-shell:</para>
<para>/etc/shorewall/DropBcasts<programlisting>run_iptables -A DropBcasts -m pkttype --pkttype broadcast -j DROP</programlisting></para> <para><blockquote>
<para>/etc/shorewall/DropBcasts<programlisting>run_iptables -A DropBcasts -m pkttype --pkttype broadcast -j DROP</programlisting></para>
</blockquote>When using Shorewall-Perl:<blockquote>
<para>/etc/shorewall/DropBcasts<programlisting>use Shorewall::Chains;
add_rule( $chainref, '-m pkttype --pkttype broadcast -j DROP' );</programlisting></para>
</blockquote></para>
</example> </example>
<para>For a richer example, see <ulink url="PortKnocking.html">this <para>For a richer example, see <ulink url="PortKnocking.html">this