mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 14:20:40 +01:00
Document EXPORTPARAMS effect on INCLUDE
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5381 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
ad9e3b145f
commit
7524783188
@ -346,18 +346,32 @@ smtp,www,pop3,imap #Services running on the firewall</programlisting>
|
|||||||
<section id="INCLUDE">
|
<section id="INCLUDE">
|
||||||
<title>INCLUDE Directive</title>
|
<title>INCLUDE Directive</title>
|
||||||
|
|
||||||
<para>Any configuration file may contain INCLUDE directives (INCLUDE is
|
<para>Any configuration file may contain INCLUDE directives. An INCLUDE
|
||||||
not supported in <ulink url="shorewall_extension_scripts.htm">extension
|
directive consists of the word INCLUDE followed by a path name and causes
|
||||||
scripts</ulink>). An INCLUDE directive consists of the word INCLUDE
|
the contents of the named file to be logically included into the file
|
||||||
followed by a path name and causes the contents of the named file to be
|
containing the INCLUDE. Relative path names given in an INCLUDE directive
|
||||||
logically included into the file containing the INCLUDE. Relative path
|
are assumed to reside in /etc/shorewall or in an alternate configuration
|
||||||
names given in an INCLUDE directive are assumed to reside in
|
directory if one has been specified for the command.</para>
|
||||||
/etc/shorewall or in an alternate configuration directory if one has been
|
|
||||||
specified for the command.</para>
|
|
||||||
|
|
||||||
<para>INCLUDE's may be nested to a level of 3 -- further nested INCLUDE
|
<para>INCLUDE's may be nested to a level of 3 -- further nested INCLUDE
|
||||||
directives are ignored with a warning message.</para>
|
directives are ignored with a warning message.</para>
|
||||||
|
|
||||||
|
<caution>
|
||||||
|
<para>If you are using <ulink
|
||||||
|
url="CompiledPrograms.html%23Lite">Shorewall Lite</ulink> and are
|
||||||
|
running a version of Shorewall earlier than 3.2.9, it is not advisable
|
||||||
|
to use INCLUDE in the <filename>params</filename> file in an export
|
||||||
|
directory. If you do that, you must ensure that the included file is
|
||||||
|
also present on the firewall system's <filename
|
||||||
|
class="directory">/etc/shorewall-lite/</filename> directory.</para>
|
||||||
|
|
||||||
|
<para>Beginning with Shorewall version 3.2.9 (3.4.0 RC2), you can set
|
||||||
|
EXPORTPARAMS=No in <filename>shorewall.conf</filename>. That prevents
|
||||||
|
the <filename>params</filename> file from being copied into the compiled
|
||||||
|
script. With EXPORTPARAMS=No, it is perfectly okay to use INCLUDE in the
|
||||||
|
<filename>params</filename> file.</para>
|
||||||
|
</caution>
|
||||||
|
|
||||||
<example>
|
<example>
|
||||||
<title>Use of INCLUDE</title>
|
<title>Use of INCLUDE</title>
|
||||||
|
|
||||||
@ -724,7 +738,8 @@ DNAT net loc:192.168.1.3 tcp 4000:4100</programlisting>
|
|||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>If you are using Shorewall Lite and if the
|
<para>If you are using <ulink
|
||||||
|
url="CompiledPrograms.html%23Lite">Shorewall Lite</ulink> and if the
|
||||||
<filename>params</filename> script needs to set shell variables based
|
<filename>params</filename> script needs to set shell variables based
|
||||||
on the configuration of the firewall system, you can use this
|
on the configuration of the firewall system, you can use this
|
||||||
trick:</para>
|
trick:</para>
|
||||||
|
Loading…
Reference in New Issue
Block a user