diff --git a/docs/configuration_file_basics.xml b/docs/configuration_file_basics.xml
index 300a5fd81..c50ba6a4a 100644
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@@ -290,6 +290,30 @@ ACCEPT net $FW tcp www #This is an end-of-line comment
+
+ Names
+
+ When you define an object in Shorewall (Zone, Logical Interface, ipsets, Actions, etc., you give it a name. Shorewall
+ names start with a letter and consist of letters, digits or underscores
+ ("_"). Except for Zone names, Shorewall does not impose a limit on name
+ length.
+
+ When an ipset is referenced, the name must be preceded by a plus
+ sign ("+").
+
+ The last character of an interface may also be a plus sign to
+ indicate a wildcard name.
+
+ Physical interface names match names shown by 'ip link ls'; if the
+ name includes an at sign ("@"), do not include that character or any
+ character that follows. For example, "sit1@NONE" is referred to as simply
+ 'sit1".
+
+
Attach Comment to Netfilter Rules
diff --git a/docs/support.xml b/docs/support.xml
index 56f0e8ddb..d19603304 100644
--- a/docs/support.xml
+++ b/docs/support.xml
@@ -428,9 +428,7 @@ State:Stopped (Thu Mar 30 14:08:11 PDT 2006)
below).
For quick questions, there is also
- a #shorewall channel at irc.freenode.net. You must
- have a registered Nic on freenode in order to post on the
- channel.
+ a #shorewall channel at irc.freenode.net.
diff --git a/manpages/shorewall-rules.xml b/manpages/shorewall-rules.xml
index ab4478509..19cae2552 100644
--- a/manpages/shorewall-rules.xml
+++ b/manpages/shorewall-rules.xml
@@ -1317,7 +1317,7 @@
Add the tupple (source IP, dest port, dest IP) of an incoming
SSH connection to the ipset S:
- ADD(S:dst,src,dst) net fw tcp 22
+ ADD(+S:dst,src,dst) net fw tcp 22
diff --git a/manpages/shorewall-zones.xml b/manpages/shorewall-zones.xml
index 56fc78690..6d6b84260 100644
--- a/manpages/shorewall-zones.xml
+++ b/manpages/shorewall-zones.xml
@@ -38,10 +38,11 @@
role="bold">,parent-zone]...]
- Name of the zone. The names "all",
- "none", "SOURCE" and "DEST" are reserved and may not be used as zone
- names. The maximum length of a zone name is determined by the
- setting of the LOGFORMAT option in Name of the zone. Must start with a
+ letter and consist of letters, digits or '_'. The names "all",
+ "none", "any", "SOURCE" and "DEST" are reserved and may not be used
+ as zone names. The maximum length of a zone name is determined by
+ the setting of the LOGFORMAT option in shorewall.conf(5). With the
default LOGFORMAT, zone names can be at most 5 characters
long.
@@ -68,7 +69,8 @@
The canonical name for the chain containing the rules
for traffic going from zone 1 to zone 2 is "<zone
- 1>2<zone 2>".
+ 1>2<zone 2>" or "<zone 1>-<zone
+ 2>".