Document scfilter in the Extensions Scripts Doc

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2025-01-15 01:58:48 +01:00 · 2010-10-01 12:29:41 -07:00 · 2010-10-01 12:29:41 -07:00 · 5b86cbdabf
commit 5b86cbdabf
parent ac71868cc1
1 changed files with 33 additions and 0 deletions
--- a/docs/shorewall_extension_scripts.xml
+++ b/docs/shorewall_extension_scripts.xml
@ -200,6 +200,27 @@ esac</programlisting><caution>
        with dhclient on several distributions are available at <ulink
        url="http://www.shorewall.net/pub/shorewall/contrib/findgw/">http://www.shorewall.net/pub/shorewall/contrib/findgw/</ulink></para>
      </listitem>
+
+      <listitem>
+        <para><filename>scfilter</filename> -- Added in Shorewall 4.4.14.
+        Unlike the other scripts, this script is executed by the command line
+        tools (<filename>/sbin/shorewall</filename>,
+        <filename>/sbin/shorewall6</filename>, etc) and can be used to
+        reformat the output of the <command>show connections</command>
+        command. The connection information is piped through this script so
+        that the script can drop information, add information or alter the
+        format of the information. When using Shorewall Lite or Shorewall6
+        Lite, the script is copied into the generated firewall script and is
+        extracted into /var/lib/shorewall-lite (/var/lib/shorewall6-lite)
+        where /sbin/shorewall-lite (/sbin/shorewall6-lite) can find it. After
+        you have generated a new firewall script and copied the script to a
+        firewall system, you must start (or restart) the firewall in order to
+        install a new scfilter script. The default script is as follows and
+        simply pipes the output through unaltered.</para>
+
+        <programlisting>#! /bin/sh
+cat -</programlisting>
+      </listitem>
    </itemizedlist>

    <para><emphasis role="bold">If your version of Shorewall doesn't have the
@ -288,6 +309,12 @@ esac</programlisting><caution>
            <entry>save</entry>
          </row>

+          <row>
+            <entry>scfilter</entry>
+
+            <entry>show connections</entry>
+          </row>
+
          <row>
            <entry>start</entry>

@ -512,6 +539,12 @@ esac</programlisting><caution>

                <entry>restored</entry>
              </row>
+
+              <row>
+                <entry></entry>
+
+                <entry>scfilter</entry>
+              </row>
            </tbody>
          </tgroup>
        </informaltable></para>