Update manpages-lite

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4935 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-27 01:53:27 +01:00 · 2006-11-19 03:53:26 +00:00 · 2006-11-19 03:53:26 +00:00 · 9780329f9a
commit 9780329f9a
parent 912ea7eca6
1 changed files with 45 additions and 381 deletions
--- a/manpages-lite/shorewall-lite.xml
+++ b/manpages-lite/shorewall-lite.xml
@ -1,35 +1,21 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <refentry>
  <refmeta>
-    <refentrytitle>shorewall</refentrytitle>
+    <refentrytitle>shorewall-lite</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>
  <refnamediv>
-    <refname>shorewall</refname>
+    <refname>shorewall-lite</refname>
-    <refpurpose>Administration tool for Shoreline Firewall
+    <refpurpose>Administration tool for Shoreline Firewall Lite
-    (Shorewall)</refpurpose>
+    (Shorewall-lite)</refpurpose>
  </refnamediv>
  <refsynopsisdiv>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg rep="norepeat">-options</arg>
      <command>add</command>
      <arg choice="plain" rep="repeat">interface[:host-list]</arg>
      <arg choice="plain">zone</arg>
      <sbr />
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -39,19 +25,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>check</command>
      <arg><option>-e</option></arg>
      <arg>directory</arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -59,35 +33,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>compile</command>
      <arg><option>-e</option></arg>
      <arg>directory</arg>
      <arg choice="plain">pathname</arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg rep="norepeat">-options</arg>
      <command>delete</command>
      <arg choice="plain" rep="repeat">interface[:host-list]</arg>
      <arg choice="plain">zone</arg>
      <sbr />
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -97,7 +43,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -109,19 +55,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>export</command>
      <arg choice="opt">directory1</arg>
      <arg choice="plain">[user@]system:[directory2]</arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -131,7 +65,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -143,7 +77,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -151,7 +85,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -165,7 +99,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -175,25 +109,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>load</command>
      <arg><option>-s</option></arg>
      <arg><option>-c</option></arg>
      <arg>directory</arg>
      <arg choice="plain">system</arg>
      <arg></arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -203,7 +119,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -215,7 +131,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -225,15 +141,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>refresh</command>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -243,23 +151,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>reload</command>
      <arg><option>-s</option></arg>
      <arg><option>-c</option></arg>
      <arg>directory</arg>
      <arg choice="plain">system</arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -269,7 +161,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -279,23 +171,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>safe-restart</command>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
      <command>safe-start</command>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -305,7 +181,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -317,7 +193,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -329,7 +205,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -340,7 +216,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -352,7 +228,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -362,7 +238,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -374,7 +250,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -386,7 +262,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -394,7 +270,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
@ -402,19 +278,7 @@
    </cmdsynopsis>
    <cmdsynopsis>
-      <command>shorewall</command>
+      <command>shorewall-lite</command>
      <arg>-options</arg>
      <command>try</command>
      <arg choice="plain">directory</arg>
      <arg>timeout</arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>shorewall</command>
      <arg>-options</arg>
@ -478,23 +342,6 @@
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">check</emphasis></term>
        <listitem>
          <para>Compiles the configuraton in the specified
          <emphasis>directory</emphasis> and discards the compiled output
          script. If no <emphasis>directory</emphasis> is given, then
          /etc/shorewall is assumed.</para>
          <para>The <emphasis role="bold">-e</emphasis> option causes the
          compiler to look for a file named capabilities. This file is
          produced using the command <emphasis role="bold">shorewall-lite show
          -f capabilities &gt; capabities</emphasis> on a system with
          Shorewall Lite installed.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">clear</emphasis></term>
@ -506,25 +353,6 @@
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">compile</emphasis></term>
        <listitem>
          <para>Compiles the current configuration into the executable file
          <emphasis>pathname</emphasis>. If a directory is supplied, Shorewall
          will look in that directory first for configuration files.</para>
          <para>When -e is specified, the compilation is being performed on a
          system other than where the compiled script will run. This option
          disables certain configuration options that require the script to be
          compiled where it is to be run. The use of -e requires the presense
          of a configuration file named capabilities which may be produced
          using the command <emphasis role="bold">shorewall-lite show -f
          capabilities &gt; capabities</emphasis> on a system with Shorewall
          Lite installed</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">delete</emphasis></term>
@ -567,30 +395,6 @@
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">export</emphasis></term>
        <listitem>
          <para>If <emphasis>directory1</emphasis> is omitted, the current
          working directory is assumed.</para>
          <para>Allows a non-root user to compile a shorewall script and stage
          it on a system (provided that the user has access to the system via
          ssh). The command is equivalent to:</para>
          <programlisting>    <emphasis role="bold">/sbin/shorewall compile -e</emphasis> <emphasis>directory1</emphasis> <emphasis>directory1</emphasis><emphasis
              role="bold">/firewall &amp;&amp;\</emphasis>
    <emphasis role="bold">scp</emphasis> directory1<emphasis role="bold">/firewall</emphasis> <emphasis>directory1</emphasis><emphasis
              role="bold">/firewall.conf</emphasis> [<emphasis>user</emphasis>@]<emphasis
              role="bold">system</emphasis>:[<emphasis>directory2</emphasis>]</programlisting>
          <para>In other words, the configuration in the specified (or
          defaulted) directory is compiled to a file called firewall in that
          directory. If compilation succeeds, then firewall and firewall.conf
          are copied to <emphasis>system</emphasis> using scp.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">forget</emphasis></term>
@ -640,46 +444,6 @@
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">load</emphasis></term>
        <listitem>
          <para>If <emphasis>directory</emphasis> is omitted, the current
          working directory is assumed. Allows a non-root user to compile a
          shorewall script and install it on a system (provided that the user
          has root access to the system via ssh). The command is equivalent
          to:</para>
          <programlisting>    <emphasis role="bold">/sbin/shorewall compile -e</emphasis> <emphasis>directory</emphasis> <emphasis>directory</emphasis><emphasis
              role="bold">/firewall &amp;&amp;\</emphasis>
    <emphasis role="bold">scp</emphasis> <emphasis>directory</emphasis><emphasis
              role="bold">/firewall</emphasis> <emphasis>directory</emphasis><emphasis
              role="bold">/firewall.conf</emphasis> <emphasis role="bold">root@</emphasis><emphasis>system</emphasis><emphasis
              role="bold">:/var/lib/shorewall-lite/ &amp;&amp;\</emphasis>
    <emphasis role="bold">ssh root@</emphasis><emphasis>system</emphasis> <emphasis
              role="bold">'/sbin/shorewall-lite start'</emphasis></programlisting>
          <para>In other words, the configuration in the specified (or
          defaulted) directory is compiled to a file called firewall in that
          directory. If compilation succeeds, then firewall is copied to
          <emphasis>system</emphasis> using scp. If the copy succeeds,
          Shorewall Lite on <emphasis>system</emphasis> is started via
          ssh.</para>
          <para>If <emphasis role="bold">-s</emphasis> is specified and the
          <emphasis role="bold">start</emphasis> command succeeds, then the
          remote Shorewall-lite configuration is saved by executing <emphasis
          role="bold">shorewall-lite save</emphasis> via ssh.</para>
          <para>if <emphasis role="bold">-c</emphasis> is included, the
          command <emphasis role="bold">shorewall-lite show capabilities -f
          &gt; /var/lib/shorewall-lite/capabilities</emphasis> is executed via
          ssh then the generated file is copied to
          <emphasis>directory</emphasis> using scp. This step is performed
          before the configuration is compiled.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">logdrop</emphasis></term>
@ -710,56 +474,6 @@
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">refresh</emphasis></term>
        <listitem>
          <para>The rules involving the the black list, ECN control rules, and
          traffic shaping are recreated to reflect any changes made to your
          configuration files. Existing connections are untouched.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">reload</emphasis></term>
        <listitem>
          <para>If <emphasis>directory</emphasis> is omitted, the current
          working directory is assumed. Allows a non-root user to compile a
          shorewall script and install it on a system (provided that the user
          has root access to the system via ssh). The command is equivalent
          to:</para>
          <programlisting>    <emphasis role="bold">/sbin/shorewall compile -e</emphasis> <emphasis>directory</emphasis> <emphasis>directory</emphasis><emphasis
              role="bold">/firewall &amp;&amp;\</emphasis>
    <emphasis role="bold">scp</emphasis> <emphasis>directory</emphasis><emphasis
              role="bold">/firewall</emphasis> <emphasis>directory</emphasis><emphasis
              role="bold">/firewall.conf</emphasis> <emphasis role="bold">root@</emphasis><emphasis>system</emphasis><emphasis
              role="bold">:/var/lib/shorewall-lite/ &amp;&amp;\</emphasis>
    <emphasis role="bold">ssh root@</emphasis><emphasis>system</emphasis> <emphasis
              role="bold">'/sbin/shorewall-lite restart'</emphasis></programlisting>
          <para>In other words, the configuration in the specified (or
          defaulted) directory is compiled to a file called firewall in that
          directory. If compilation succeeds, then firewall is copied to
          <emphasis>system</emphasis> using scp. If the copy succeeds,
          Shorewall Lite on <emphasis>system</emphasis> is restarted via
          ssh.</para>
          <para>If <emphasis role="bold">-s</emphasis> is specified and the
          <emphasis role="bold">restart</emphasis> command succeeds, then the
          remote Shorewall-lite configuration is saved by executing <emphasis
          role="bold">shorewall-lite save</emphasis> via ssh.</para>
          <para>if <emphasis role="bold">-c</emphasis> is included, the
          command <emphasis role="bold">shorewall-lite show capabilities -f
          &gt; /var/lib/shorewall-lite/capabilities</emphasis> is executed via
          ssh then the generated file is copied to
          <emphasis>directory</emphasis> using scp. This step is performed
          before the configuration is compiled.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">reset</emphasis></term>
@ -773,8 +487,8 @@
        <term><emphasis role="bold">restart</emphasis></term>
        <listitem>
-          <para>Restart is similar to <emphasis role="bold">shorewall
+          <para>Restart is similar to <emphasis role="bold">shorewall-lite
-          stop</emphasis> followed by <emphasis role="bold">shorewall
+          stop</emphasis> followed by <emphasis role="bold">shorewall-lite
          start</emphasis>. Existing connections are maintained. If a
          <emphasis>directory</emphasis> is included in the command, Shorewall
          will look in that <emphasis>directory</emphasis> first for
@ -787,54 +501,27 @@
        <listitem>
          <para>Restore Shorewall to a state saved using the <emphasis
-          role="bold">shorewall save</emphasis> command. Existing connections
+          role="bold">shorewall-lite save</emphasis> command. Existing
-          are maintained. The <emphasis>filename</emphasis> names a restore
+          connections are maintained. The <emphasis>filename</emphasis> names
-          file in /var/lib/shorewall created using <emphasis
+          a restore file in /var/lib/shorewall-lite created using <emphasis
-          role="bold">shorewall save</emphasis>; if no
+          role="bold">shorewall-lite save</emphasis>; if no
          <emphasis>filename</emphasis> is given then Shorewall will be
          restored from the file specified by the RESTOREFILE option in
          shorewall.conf(5).</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">safe-restart</emphasis></term>
        <listitem>
          <para>Only allowed if Shorewall is running. The current
          configuration is saved in /var/lib/shorewall/safe-restart (see the
          save command below) then a <emphasis role="bold">shorewall
          restart</emphasis> is done. You will then be prompted asking if you
          want to accept the new configuration or not. If you answer "n" or if
          you fail to answer within 60 seconds (such as when your new
          configuration has disabled communication with your terminal), the
          configuration is restored from the saved configuration.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">safe-start</emphasis></term>
        <listitem>
          <para>Shorewall is started normally. You will then be prompted
          asking if everything went all right. If you answer "n" or if you
          fail to answer within 60 seconds (such as when your new
          configuration has disabled communication with your terminal), a
          shorewall clear is performed for you.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">save</emphasis></term>
        <listitem>
-          <para>The dynamic blacklist is stored in /var/lib/shorewall/save.
+          <para>The dynamic blacklist is stored in
-          The state of the firewall is stored in
+          /var/lib/shorewall-lite/save. The state of the firewall is stored in
-          /var/lib/shorewall/<emphasis>filename</emphasis> for use by the
+          /var/lib/shorewall-lite/<emphasis>filename</emphasis> for use by the
-          <emphasis role="bold">shorewall restore</emphasis> and <emphasis
+          <emphasis role="bold">shorewall-lite restore</emphasis> and
-          role="bold">shorewall -f start</emphasis> commands. If
+          <emphasis role="bold">shorewall-lite -f start</emphasis> commands.
-          <emphasis>filename</emphasis> is not given then the state is saved
+          If <emphasis>filename</emphasis> is not given then the state is
-          in the file specified by the RESTOREFILE option in
+          saved in the file specified by the RESTOREFILE option in
          shorewall.conf(5).</para>
        </listitem>
      </varlistentry>
@ -1006,21 +693,6 @@
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">try</emphasis> (Deprecated)</term>
        <listitem>
          <para>Restart shorewall using the specified configuration. If an
          error occurs during the restart, then another <emphasis
          role="bold">shorewall restart</emphasis> is performed using the
          default configuration. If a timeout is specified then the restart is
          always performed after the timeout occurs and uses the default
          configuration. When restarting using the default configuration, if
          the default restore script (as specified by the RESTOREFILE setting
          in shorewall.conf(5) exists. then that script is used.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">version</emphasis></term>
@ -1034,20 +706,12 @@
  <refsect1>
    <title>FILES</title>
-    <para>/etc/shorewall/</para>
+    <para>/etc/shorewall-lite/</para>
  </refsect1>
  <refsect1>
    <title>See ALSO</title>
-    <para>shorewall-accounting(5), shorewall-actions(5),
+    <para>shorewall.conf(5)</para>
    shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
    shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
    shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
    shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
    shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
    shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
    shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
    shorewall-zones(5)</para>
  </refsect1>
 </refentry>