extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 01:37:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add SAME to tcrules manpage

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9529 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2009-02-25 19:27:51 +00:00
parent 491f7d6b6d
commit 81e3001f02
2 changed files with 20 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
manpages/shorewall-interfaces.xml
View File

@ -220,30 +220,6 @@ loc eth2 -</programlisting>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><emphasis role="bold">detectnets</emphasis>
(Deprecated)</term>
<listitem>
<para>Automatically tailors the zone named in the ZONE column
to include only those hosts routed through the
interface.</para>
<para></para>
<warning>
<para>Do not set the <emphasis
role="bold">detectnets</emphasis> option on your internet
interface.</para>
<para>Support for this option will be removed in a future
release of Shorewall-perl. Better to use the <emphasis
role="bold">routefilter</emphasis> option together with the
<emphasis role="bold">logmartians</emphasis> option.</para>
</warning>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">dhcp</emphasis></term> <term><emphasis role="bold">dhcp</emphasis></term>

21
manpages/shorewall-tcrules.xml
View File

@ -49,7 +49,7 @@
role="bold">/</emphasis><emphasis>mask</emphasis>]|<emphasis role="bold">/</emphasis><emphasis>mask</emphasis>]|<emphasis
role="bold">SAVE</emphasis>[<emphasis role="bold">SAVE</emphasis>[<emphasis
role="bold">/</emphasis><emphasis>mask</emphasis>]|<emphasis role="bold">/</emphasis><emphasis>mask</emphasis>]|<emphasis
role="bold">CONTINUE</emphasis>|<emphasis role="bold">CONTINUE</emphasis>|SAME|<emphasis
role="bold">COMMENT</emphasis>}[<emphasis role="bold">COMMENT</emphasis>}[<emphasis
role="bold">:</emphasis>{<emphasis role="bold">C</emphasis>|<emphasis role="bold">:</emphasis>{<emphasis role="bold">C</emphasis>|<emphasis
role="bold">F</emphasis>|<emphasis role="bold">P</emphasis>|<emphasis role="bold">F</emphasis>|<emphasis role="bold">P</emphasis>|<emphasis
@ -234,6 +234,25 @@
iptables/Netfilter provides the necessary support.</para> iptables/Netfilter provides the necessary support.</para>
</listitem> </listitem>
<listitem>
<para><emphasis role="bold">SAME</emphasis> (Added in Shorewall
4.3.5) -- Some websites run applications that require multiple
connections from a client browser. Where multiple 'balanced'
providers are configured, this can lead to problems when some of
the connections are routed through one provider and some through
another. The SAME target allows you to work around that problem.
SAME may currently be used only in the PREROUTING chain and
causes matching connections from an individual local system to
all use the same provider. For example: <programlisting>#MARK/ SOURCE DEST PROTO DEST
#CLASSIFY PORT(S)
SAME:P 192.168.1.0/24 0.0.0.0/0 tcp 80,443</programlisting>
If a host in 192.168.1.0/24 attempts a connection on TCP port 80
or 443 and it has sent a packet on either of those ports in the
last two minutes then the new connection will use the same
provider as the connection over which that last packet was sent.
</para>
</listitem>
<listitem> <listitem>
<para><emphasis role="bold">COMMENT</emphasis> -- the rest of <para><emphasis role="bold">COMMENT</emphasis> -- the rest of
the line will be attached as a comment to the Netfilter rule(s) the line will be attached as a comment to the Netfilter rule(s)