From 5a08f8bf4e3c9114377bc77f5372d04236790d0e Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Thu, 6 Aug 2015 10:15:57 -0700 Subject: [PATCH] Correct shorewall-mangle(5) examples Signed-off-by: Tom Eastep --- Shorewall/manpages/shorewall-mangle.xml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Shorewall/manpages/shorewall-mangle.xml b/Shorewall/manpages/shorewall-mangle.xml index a61b8ac0f..b2e837aea 100644 --- a/Shorewall/manpages/shorewall-mangle.xml +++ b/Shorewall/manpages/shorewall-mangle.xml @@ -1283,12 +1283,12 @@ Normal-Service => 0x00 #ACTION SOURCE DEST PROTO PORT(S) SOURCE USER TEST # PORT(S) - 1:T 0.0.0.0/0 0.0.0.0/0 icmp echo-request - 1:T 0.0.0.0/0 0.0.0.0/0 icmp echo-reply + MARK(1):T 0.0.0.0/0 0.0.0.0/0 icmp echo-request + MARK(1):T 0.0.0.0/0 0.0.0.0/0 icmp echo-reply RESTORE:T 0.0.0.0/0 0.0.0.0/0 all - - - 0 CONTINUE:T 0.0.0.0/0 0.0.0.0/0 all - - - !0 - 4:T 0.0.0.0/0 0.0.0.0/0 ipp2p:all - SAVE:T 0.0.0.0/0 0.0.0.0/0 all - - - !0 + MARK(4):T 0.0.0.0/0 0.0.0.0/0 ipp2p:all + SAVE:T 0.0.0.0/0 0.0.0.0/0 all - - - !0 If a packet hasn't been classified (packet mark is 0), copy the connection mark to the packet mark. If the packet mark is set, @@ -1307,9 +1307,9 @@ Normal-Service => 0x00 /etc/shorewall/tcrules: - #ACTION SOURCE DEST PROTO PORT(S) SOURCE USER TEST - # PORT(S) - 1-3:CF 192.168.1.0/24 eth0 ; state=NEW + #ACTION SOURCE DEST PROTO PORT(S) SOURCE USER TEST + # PORT(S) + CONNMARK(1-3):F 192.168.1.0/24 eth0 ; state=NEW /etc/shorewall/masq: