Clarify variable expansion

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8032 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

docs/FAQ.xml

@@ -499,7 +499,7 @@ loc      eth1         detect       <emphasis role="bold">routeback</emphasis>
         <listitem>
           <para>In <filename>/etc/shorewall/masq</filename>:</para>
 
-          <programlisting>#INTERFACE              SUBNET          ADDRESS         PROTO   PORT(S)
+          <programlisting>#INTERFACE              SOURCE          ADDRESS         PROTO   PORT(S)
 <emphasis role="bold">eth1:192.168.1.5        eth1            192.168.1.254   tcp     www</emphasis></programlisting>
         </listitem>
 
@@ -589,7 +589,7 @@ dmz      eth2         192.168.2.255   <emphasis role="bold">routeback</emphasis>
 
           <para>In /etc/shorewall/masq:</para>
 
-          <programlisting>#INTERFACE    SUBNETS     ADDRESS
+          <programlisting>#INTERFACE    SOURCE      ADDRESS
 <emphasis role="bold">eth2          eth2        192.168.2.254</emphasis></programlisting>
 
           <para>Like the silly hack in FAQ 2 above, this will make all
@@ -2190,7 +2190,7 @@ ACCEPT     loc         modem     tcp       80</programlisting>
 
         <para><filename>/etc/shorewall/masq</filename>:</para>
 
-        <programlisting>#INTERFACE         SUBNET          ADDRESS
+        <programlisting>#INTERFACE         SOURCE          ADDRESS
 eth0               eth1                        # eth1 = interface to local network</programlisting>
 
         <para>For an example of this when the ADSL/Cable modem is bridged, see

docs/configuration_file_basics.xml

@@ -383,45 +383,45 @@ smtp,www,pop3,imap  #Services running on the firewall</programlisting>
 
       <programlisting>     shorewall/params.mgmt:
  
-&nbsp;&nbsp;      MGMT_SERVERS=1.1.1.1,2.2.2.2,3.3.3.3
- &nbsp;&nbsp;      TIME_SERVERS=4.4.4.4
- &nbsp;&nbsp;      BACKUP_SERVERS=5.5.5.5
+        MGMT_SERVERS=1.1.1.1,2.2.2.2,3.3.3.3
+         TIME_SERVERS=4.4.4.4
+         BACKUP_SERVERS=5.5.5.5
  
-&nbsp;&nbsp;      ----- end params.mgmt -----
+        ----- end params.mgmt -----
  
-&nbsp;&nbsp;   shorewall/params:
+     shorewall/params:
  
-&nbsp;&nbsp;      # Shorewall 1.3 /etc/shorewall/params
- &nbsp;&nbsp;      [..]
- &nbsp;&nbsp;      #######################################
- &nbsp;
- &nbsp;&nbsp;      INCLUDE params.mgmt&nbsp;&nbsp;&nbsp; 
- &nbsp; 
- &nbsp;&nbsp;    # params unique to this host here
- &nbsp;&nbsp;    #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
+        # Shorewall 1.3 /etc/shorewall/params
+         [..]
+         #######################################
+  
+         INCLUDE params.mgmt    
+   
+       # params unique to this host here
+       #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
  
-&nbsp;&nbsp;     ----- end params -----
+       ----- end params -----
  
-&nbsp;&nbsp;   shorewall/rules.mgmt:
+     shorewall/rules.mgmt:
  
-&nbsp;&nbsp;     ACCEPT net:$MGMT_SERVERS&nbsp;&nbsp;&nbsp;$FW&nbsp;&nbsp;&nbsp;               tcp&nbsp;&nbsp;&nbsp; 22
- &nbsp;&nbsp;    ACCEPT $FW&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;        net:$TIME_SERVERS&nbsp;&nbsp;&nbsp; udp&nbsp;&nbsp;&nbsp; 123
- &nbsp;&nbsp;    ACCEPT $FW&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;        net:$BACKUP_SERVERS&nbsp; tcp&nbsp;&nbsp;&nbsp; 22
+       ACCEPT net:$MGMT_SERVERS   $FW                  tcp    22
+       ACCEPT $FW                 net:$TIME_SERVERS    udp    123
+       ACCEPT $FW                 net:$BACKUP_SERVERS  tcp    22
  
-&nbsp;&nbsp;    ----- end rules.mgmt -----
+      ----- end rules.mgmt -----
  
-&nbsp;&nbsp;   shorewall/rules:
+     shorewall/rules:
  
-&nbsp;&nbsp;    # Shorewall version 1.3 - Rules File
- &nbsp;&nbsp;    [..]
- &nbsp;&nbsp;    #######################################
- &nbsp;
- &nbsp;&nbsp;    INCLUDE rules.mgmt&nbsp;&nbsp;&nbsp;&nbsp; 
- &nbsp; 
- &nbsp;&nbsp;    # rules unique to this host here
- &nbsp;&nbsp;    #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
+      # Shorewall version 1.3 - Rules File
+       [..]
+       #######################################
+  
+       INCLUDE rules.mgmt     
+   
+       # rules unique to this host here
+       #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
  
-&nbsp;&nbsp;   ----- end rules -----</programlisting>
+     ----- end rules -----</programlisting>
     </example>
   </section>
 
@@ -630,7 +630,7 @@ use Shorewall::Config qw/shorewall/;</programlisting>
     <itemizedlist>
       <listitem>
         <para>Must not have any embedded white space.<programlisting>     Valid:   routefilter,dhcp,norfc1918
-     Invalid: routefilter,&nbsp;&nbsp;&nbsp;&nbsp; dhcp,&nbsp;&nbsp;&nbsp;&nbsp; norfc1818</programlisting></para>
+     Invalid: routefilter,     dhcp,     norfc1818</programlisting></para>
       </listitem>
 
       <listitem>
@@ -803,17 +803,17 @@ DNAT       net        loc:192.168.1.3 tcp       4000:4100</programlisting>
     <para>Example:</para>
 
     <blockquote>
-      <programlisting>&nbsp;&nbsp;&nbsp; /etc/shorewall/params
+      <programlisting>    /etc/shorewall/params
  
         NET_IF=eth0
         NET_BCAST=130.252.100.255
         NET_OPTIONS=routefilter,norfc1918
  
-&nbsp;&nbsp;&nbsp; /etc/shorewall/interfaces record:
+    /etc/shorewall/interfaces record:
 
         net $NET_IF $NET_BCAST $NET_OPTIONS
  
-&nbsp;&nbsp;&nbsp; The result will be the same as if the record had been written
+    The result will be the same as if the record had been written
  
         net eth0 130.252.100.255 routefilter,norfc1918
  </programlisting>
@@ -877,6 +877,21 @@ DNAT       net        loc:192.168.1.3 tcp       4000:4100</programlisting>
         extension script.</para>
       </listitem>
     </orderedlist>
+
+    <para>When expanding a variable, the acceptable forms of expansion depend
+    on whether you are using Shorewall-shell or Shorewall-perl.</para>
+
+    <itemizedlist>
+      <listitem>
+        <para>Shorewall-shell and all Shoreawll versions prior to 4.0 can use
+        any form of expansion supported by the shell ($VAR, ${VAR},
+        ${VAR:=val}, ...).</para>
+      </listitem>
+
+      <listitem>
+        <para>Shorewall-perl only supports the $VAR and ${VAR} forms.</para>
+      </listitem>
+    </itemizedlist>
   </section>
 
   <section id="MAC">
@@ -899,16 +914,15 @@ DNAT       net        loc:192.168.1.3 tcp       4000:4100</programlisting>
     <example id="mac">
       <title>MAC Address of an Ethernet Controller</title>
 
-      <programlisting> &nbsp;&nbsp;&nbsp;&nbsp; [root@gateway root]# <command>ifconfig eth0</command>
- &nbsp;&nbsp;&nbsp;&nbsp; eth0 Link encap:Ethernet HWaddr <emphasis
-          role="bold">02:00:08:E3:FA:55</emphasis>
- &nbsp;&nbsp;&nbsp;&nbsp; inet addr:206.124.146.176 Bcast:206.124.146.255 Mask:255.255.255.0
- &nbsp;&nbsp;&nbsp;&nbsp; UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- &nbsp;&nbsp;&nbsp;&nbsp; RX packets:2398102 errors:0 dropped:0 overruns:0 frame:0
- &nbsp;&nbsp;&nbsp;&nbsp; TX packets:3044698 errors:0 dropped:0 overruns:0 carrier:0
- &nbsp;&nbsp;&nbsp;&nbsp; collisions:30394 txqueuelen:100
- &nbsp;&nbsp;&nbsp;&nbsp; RX bytes:419871805 (400.4 Mb) TX bytes:1659782221 (1582.8 Mb)
- &nbsp;&nbsp;&nbsp;&nbsp; Interrupt:11 Base address:0x1800
+      <programlisting>      [root@gateway root]# <command>ifconfig eth0</command>
+      eth0 Link encap:Ethernet HWaddr <emphasis role="bold">02:00:08:E3:FA:55</emphasis>
+      inet addr:206.124.146.176 Bcast:206.124.146.255 Mask:255.255.255.0
+      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
+      RX packets:2398102 errors:0 dropped:0 overruns:0 frame:0
+      TX packets:3044698 errors:0 dropped:0 overruns:0 carrier:0
+      collisions:30394 txqueuelen:100
+      RX bytes:419871805 (400.4 Mb) TX bytes:1659782221 (1582.8 Mb)
+      Interrupt:11 Base address:0x1800
 </programlisting>
     </example>