diff --git a/docs/configuration_file_basics.xml b/docs/configuration_file_basics.xml
index dfef73b20..fc70b3f45 100644
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@@ -142,10 +142,16 @@
- /etc/shorewall/blacklist - lists
+ /etc/shorewall/blacklist - Deprecated in
+ favor of /etc/shorewall/blrules. Lists
blacklisted IP/subnet/MAC addresses.
+
+ /etc/shorewall/blrules — Added in
+ Shorewall 4.5.0. Define blacklisting and whitelisting.
+
+
/etc/shorewall/init - commands that you
wish to execute at the beginning of a shorewall start
@@ -258,6 +264,11 @@
start/restart when LOAD_HELPERS_ONLY=Yes in
shorewall.conf.
+
+
+ /usr/share/arprules — Added in Shorewall
+ 4.5.12. Allows specification of arptables rules.
+ If you need to change a file in
@@ -297,6 +308,12 @@
# This is a comment
ACCEPT net $FW tcp www #This is an end-of-line comment
+
+
+ If a comment ends with a backslash ("\"), the next line will also
+ be treated as a comment. See Line
+ Continuation below.
+
@@ -516,6 +533,19 @@ ACCEPT net:\
continuation line does not end with a comma or colon, the leading white
space in the last line is not ignored.
+
+
+ A trailing backslash is not ignored in a comment. So the continued
+ rule above can be commented out with a single '#' as follows:
+
+ #ACTION SOURCE DEST PROTO DEST
+# PORT(S)
+#ACCEPT net:\
+ 206.124.146.177,\
+ 206.124.146.178,\
+ 206.124.146.180\
+ dmz tcp 873
+