Add SAME to tcrules manpage

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9529 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

manpages/shorewall-interfaces.xml

@@ -220,30 +220,6 @@ loc     eth2            -</programlisting>
               </listitem>
             </varlistentry>
 
-            <varlistentry>
-              <term><emphasis role="bold">detectnets</emphasis>
-              (Deprecated)</term>
-
-              <listitem>
-                <para>Automatically tailors the zone named in the ZONE column
-                to include only those hosts routed through the
-                interface.</para>
-
-                <para></para>
-
-                <warning>
-                  <para>Do not set the <emphasis
-                  role="bold">detectnets</emphasis> option on your internet
-                  interface.</para>
-
-                  <para>Support for this option will be removed in a future
-                  release of Shorewall-perl. Better to use the <emphasis
-                  role="bold">routefilter</emphasis> option together with the
-                  <emphasis role="bold">logmartians</emphasis> option.</para>
-                </warning>
-              </listitem>
-            </varlistentry>
-
             <varlistentry>
               <term><emphasis role="bold">dhcp</emphasis></term>
 

manpages/shorewall-tcrules.xml

@@ -49,7 +49,7 @@
         role="bold">/</emphasis><emphasis>mask</emphasis>]|<emphasis
         role="bold">SAVE</emphasis>[<emphasis
         role="bold">/</emphasis><emphasis>mask</emphasis>]|<emphasis
-        role="bold">CONTINUE</emphasis>|<emphasis
+        role="bold">CONTINUE</emphasis>|SAME|<emphasis
         role="bold">COMMENT</emphasis>}[<emphasis
         role="bold">:</emphasis>{<emphasis role="bold">C</emphasis>|<emphasis
         role="bold">F</emphasis>|<emphasis role="bold">P</emphasis>|<emphasis
@@ -234,6 +234,25 @@
               iptables/Netfilter provides the necessary support.</para>
             </listitem>
 
+            <listitem>
+              <para><emphasis role="bold">SAME</emphasis> (Added in Shorewall
+              4.3.5) -- Some websites run applications that require multiple
+              connections from a client browser. Where multiple 'balanced'
+              providers are configured, this can lead to problems when some of
+              the connections are routed through one provider and some through
+              another. The SAME target allows you to work around that problem.
+              SAME may currently be used only in the PREROUTING chain and
+              causes matching connections from an individual local system to
+              all use the same provider. For example: <programlisting>#MARK/            SOURCE         DEST         PROTO      DEST
+#CLASSIFY                                                PORT(S)
+SAME:P            192.168.1.0/24 0.0.0.0/0    tcp        80,443</programlisting>
+              If a host in 192.168.1.0/24 attempts a connection on TCP port 80
+              or 443 and it has sent a packet on either of those ports in the
+              last two minutes then the new connection will use the same
+              provider as the connection over which that last packet was sent.
+              </para>
+            </listitem>
+
             <listitem>
               <para><emphasis role="bold">COMMENT</emphasis> -- the rest of
               the line will be attached as a comment to the Netfilter rule(s)