extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow the -p start/stop option with Shorewall6; remove Shorewall-shell/Shorewall-perl references from the 'shorewall' manpage

Browse Source
This commit is contained in:
Tom Eastep 2009-07-15 13:47:16 -07:00
parent 6c1a500408
commit 73b9f04fc6
3 changed files with 12 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall6/shorewall6
View File

@ -445,11 +445,6 @@ start_command() {
FAST=Yes FAST=Yes
option=${option#f} option=${option#f}
;; ;;
p*)
[ -n "$(which conntrack)" ] || fatal_error "The '-p' option requires the conntrack utility which does not appear to be installed on this system"
PURGE=Yes
option=${option%p}
;;
*) *)
usage 1 usage 1
;; ;;
@ -1381,11 +1376,11 @@ usage() # $1 = exit status
echo " reject <address> ..." echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>" echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
echo " reset [ <chain> ... ]" echo " reset [ <chain> ... ]"
echo " restart [ -n ] [ -p ] [ -f ] [ <directory> ]" echo " restart [ -n ] [ -f ] [ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|raw|routing|tc|vardir|zones} ]" echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|raw|routing|tc|vardir|zones} ]"
echo " start [ -f ] [ -n ] [ -p ] [ <directory> ]" echo " start [ -f ] [ -n ] [ <directory> ]"
echo " stop [ -f ]" echo " stop [ -f ]"
echo " status" echo " status"
echo " try <directory> [ <timeout> ]" echo " try <directory> [ <timeout> ]"

31
manpages/shorewall.xml
View File

@ -683,13 +683,12 @@
-f capabilities &gt; capabilities</emphasis> on a system with -f capabilities &gt; capabilities</emphasis> on a system with
Shorewall Lite installed.</para> Shorewall Lite installed.</para>
<para>The <option>-d</option> option only works when the compiler is <para>The <option>-d</option> option causes the compiler to be run
Shorewall-perl. It causes the compiler to be run under control of under control of the Perl debugger.</para>
the Perl debugger.</para>
<para>The <option>-p</option> option only works when the compiler is <para>The <option>-p</option> option causes the compiler to be
Shorewall-perl. It causes the compiler to be profiled via the Perl profiled via the Perl <option>-wd:DProf</option> command-line
<option>-wd:DProf</option> command-line option.</para> option.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -741,9 +740,9 @@
Shorewall-perl. It causes the compiler to be run under control of Shorewall-perl. It causes the compiler to be run under control of
the Perl debugger.</para> the Perl debugger.</para>
<para>The <option>-p</option> option only works when the compiler is <para>The <option>-p</option> option causes the compiler to be
Shorewall-perl. It causes the compiler to be profiled via the Perl profiled via the Perl <option>-wd:DProf</option> command-line
<option>-wd:DProf</option> command-line option.</para> option.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -979,24 +978,14 @@
<term><emphasis role="bold">refresh</emphasis></term> <term><emphasis role="bold">refresh</emphasis></term>
<listitem> <listitem>
<para>Shorewall-shell: The rules involving the the black list, ECN <para>All steps performed by <command>restart</command> are
control rules, and traffic shaping are recreated to reflect any performed by <command>refresh</command> with the exception that
changes made to your configuration files. Existing connections are
untouched.</para>
<para>Shorewall-perl: All steps performed by
<command>restart</command> are performed by
<command>refresh</command> with the exception that
<command>refresh</command> only recreates the chains specified in <command>refresh</command> only recreates the chains specified in
the command while <command>restart</command> recreates the entire the command while <command>restart</command> recreates the entire
Netfilter ruleset. If no <replaceable>chain</replaceable> is given, Netfilter ruleset. If no <replaceable>chain</replaceable> is given,
the static blacklisting chain <emphasis the static blacklisting chain <emphasis
role="bold">blacklst</emphasis> is assumed.</para> role="bold">blacklst</emphasis> is assumed.</para>
<para><emphasis role="bold">Note</emphasis>: Specifying chains in
the command requires Shorewall-perl 4.0.3 or later. Earlier versions
only refresh the blacklst chain</para>
<para>The listed chains are assumed to be in the filter table. You <para>The listed chains are assumed to be in the filter table. You
can refresh chains in other tables by prefixing the chain name with can refresh chains in other tables by prefixing the chain name with
the table name followed by ":" (e.g., nat:net_dnat). Chain names the table name followed by ":" (e.g., nat:net_dnat). Chain names

16
manpages6/shorewall6.xml
View File

@ -71,8 +71,6 @@
<arg><option>-d</option></arg> <arg><option>-d</option></arg>
<arg><option>-p</option></arg>
<arg><replaceable>directory</replaceable></arg> <arg><replaceable>directory</replaceable></arg>
<arg choice="opt"><replaceable>pathname</replaceable></arg> <arg choice="opt"><replaceable>pathname</replaceable></arg>
@ -298,8 +296,6 @@
<arg><option>-n</option></arg> <arg><option>-n</option></arg>
<arg><option>-p</option></arg>
<arg><option>-f</option></arg> <arg><option>-f</option></arg>
<arg><replaceable>directory</replaceable></arg> <arg><replaceable>directory</replaceable></arg>
@ -330,8 +326,6 @@
<arg><option>-d</option></arg> <arg><option>-d</option></arg>
<arg><option>-p</option></arg>
<arg><replaceable>directory</replaceable></arg> <arg><replaceable>directory</replaceable></arg>
</cmdsynopsis> </cmdsynopsis>
@ -346,8 +340,6 @@
<arg><option>-d</option></arg> <arg><option>-d</option></arg>
<arg><option>-p</option></arg>
<arg><replaceable>directory</replaceable></arg> <arg><replaceable>directory</replaceable></arg>
</cmdsynopsis> </cmdsynopsis>
@ -905,10 +897,6 @@
<para>The <option>-n</option> option causes Shorewall6 to avoid <para>The <option>-n</option> option causes Shorewall6 to avoid
updating the routing table(s).</para> updating the routing table(s).</para>
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
<para>The <option>-f</option> option suppresses the compilation step <para>The <option>-f</option> option suppresses the compilation step
and simply reused the compiled script which last started/restarted and simply reused the compiled script which last started/restarted
Shorewall6.</para> Shorewall6.</para>
@ -1146,10 +1134,6 @@
<para>The <option>-n</option> option causes Shorewall6 to avoid <para>The <option>-n</option> option causes Shorewall6 to avoid
updating the routing table(s).</para> updating the routing table(s).</para>
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>