From 99ddb17c9ef8f7fbe89d8df89dac337eb93e37b8 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Mon, 5 Feb 2018 16:56:28 -0800
Subject: [PATCH] Update the Macros article

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 docs/Macros.xml | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/docs/Macros.xml b/docs/Macros.xml
index 712d166c3..161953ec4 100644
--- a/docs/Macros.xml
+++ b/docs/Macros.xml
@@ -102,6 +102,14 @@ PARAM    -       -       tcp     135,139,445</programlisting>
         somewhere else on your CONFIG_PATH) and modify the copy.</para>
       </listitem>
 
+      <listitem>
+        <para>You can see a list of the Standard Macros in your version of
+        Shorewall using the <command>shorewall show macros</command> command.
+        You can see the contents of the file
+        macro.<replaceable>name</replaceable> by typing <command>shorewall
+        show macro <replaceable>name</replaceable></command>.</para>
+      </listitem>
+
       <listitem>
         <para>User-defined Macros. These macros are created by end-users. They
         are defined in macro.* files in /etc/shorewall or in another directory
@@ -796,19 +804,20 @@ bar:debug</programlisting>
 
     <orderedlist>
       <listitem>
-        <para>You can not associate an Extension Script with a macro <ulink
-        url="Actions.html#Extension">the way that you can with an
-        Action</ulink>. So if you need access to iptables features not
-        directly supported by Shorewall then you must use an action.</para>
+        <para>Embedded Perl is <ulink url="???">much more useful in an
+        action</ulink> than it is in a macro. So if you need access to
+        iptables features not directly supported by Shorewall then you should
+        use an action.</para>
       </listitem>
 
       <listitem>
-        <para>Macros are expanded in-line while each action is its own chain.
-        So if there are a lot of rules involved in your new action/macro then
-        it is generally better to use an action than a macro. Only the packets
-        selected when you invoke the action are directed to the corresponding
-        chain. On the other hand, if there are only one or two rules involved
-        in what you want to do then a macro is more efficient.</para>
+        <para>Macros are expanded in-line while each action (that doesn't
+        specify the inline option) is its own chain. So if there are a lot of
+        rules involved in your new action/macro then it is generally better to
+        use an action than a macro. Only the packets selected when you invoke
+        the action are directed to the corresponding chain. On the other hand,
+        if there are only one or two rules involved in what you want to do
+        then a macro is more efficient.</para>
       </listitem>
     </orderedlist>