diff --git a/docs/Actions.xml b/docs/Actions.xml
index ba6f369ce..292d51d6a 100644
--- a/docs/Actions.xml
+++ b/docs/Actions.xml
@@ -24,6 +24,8 @@
2008
+ 2009
+
Thomas M. Eastep
@@ -125,6 +127,11 @@ ACCEPT - - tcp 135,139,445
In Shorewall version 3.4 and later, to make use of any of the three
types of actions you must set the USE_ACTIONS option to Yes in
/etc/shorewall/shorewall.conf.
+
+
+ Shorewall-perl will complain if USE_ACTIONS=No since that compiler
+ always includes the capability to use actions.
+
@@ -221,7 +228,8 @@ Limit:info:SSHA,3,60 net $FW tcp 22
- The log level. If you don't want to log, specify none
.
+ The log level. If you don't want to log, specify
+ none
.
@@ -248,9 +256,8 @@ Limit:info:SSHA,3,60 net $FW tcp 22
- The file
- /usr/share/shorewall/action. Limit is
- empty.
+ The file /usr/share/shorewall/action.
+ Limit is empty.
@@ -326,8 +333,7 @@ add_rule $chainref, '-j ACCEPT';
- Add a line to
- /etc/shorewall/actions that
+ Add a line to /etc/shorewall/actions that
names your new action. Action names must be valid shell variable names
(must begin with a letter and be composed of letters, digits and
underscore characters) as well as valid Netfilter chain names. If you
@@ -430,9 +436,9 @@ add_rule $chainref, '-j ACCEPT';
A port range is expressed as <low
port>:<high port>.
- This column is ignored if PROTO = all
, but must be
- entered if any of the following fields are supplied. In that case, it
- is suggested that this field contain -
.
+ This column is ignored if PROTO = all
, but must
+ be entered if any of the following fields are supplied. In that case,
+ it is suggested that this field contain -
.
If your kernel contains multi-port match support, then only a
single Netfilter rule will be generated if in this list and in the
@@ -541,7 +547,8 @@ add_rule $chainref, '-j ACCEPT';
rule will match only if the test returns true.
If you don’t want to define a test but need to specify anything
- in the subsequent columns, place a -
in this field.
+ in the subsequent columns, place a -
in this
+ field.
! — Inverts the test (not equal)
<value> — Value of the packet
@@ -614,8 +621,8 @@ bar:info
#ACTION SOURCE DEST PROTO DEST PORT(S)
foo:debug $FW net
- Logging in the invoke foo
action will be as if foo
- had been defined as:
+ Logging in the invoke foo
action will be as if
+ foo had been defined as:
#TARGET SOURCE DEST PROTO DEST PORT(S)
ACCEPT:debug - - tcp 22
@@ -640,8 +647,8 @@ bar:info
#ACTION SOURCE DEST PROTO DEST PORT(S)
foo:debug! $FW net
- Logging in the invoke foo
action will be as if foo
- had been defined as:
+ Logging in the invoke foo
action will be as if
+ foo had been defined as:
#TARGET SOURCE DEST PROTO DEST PORT(S)
ACCEPT:debug - - tcp 22