diff --git a/docs/Actions.xml b/docs/Actions.xml
index ccbd63eb2..70eb09cf0 100644
--- a/docs/Actions.xml
+++ b/docs/Actions.xml
@@ -46,9 +46,9 @@
Shorewall actions allow a symbolic name to be associated with a
series of one or more iptables rules. The symbolic name may appear in the
ACTION column of an /etc/shorewall/rules file
- entry, in which case the traffic matching that rules file entry will be
- passed to the series of iptables rules named by the action.
+ url="manpages/shorewall-rules.html">/etc/shorewall/rules
+ file entry, in which case the traffic matching that rules file entry will
+ be passed to the series of iptables rules named by the action.
Actions can be thought of as templates. When an action is invoked in
an /etc/shorewall/rules entry, it may be qualified by
@@ -194,8 +194,8 @@ Reject:REJECT #Default Action for REJECT policy
Debian users. This feature is broken in the Debian version 3.0.7
of Shorewall (and possibly in other versions). The file
- /usr/share/shorewall/Limit was inadvertently dropped
- from the .deb. That file may be obtained from /usr/share/shorewall/Limit was inadvertently
+ dropped from the .deb. That file may be obtained from Shorewall
SVN and installed manually.
@@ -744,10 +744,12 @@ acton:info:test $FW net
using Shorewall-shell:
- /etc/shorewall/DropBcastsrun_iptables -A DropBcasts -m pkttype --pkttype broadcast -j DROP
+ /etc/shorewall/DropBcasts[ -n "$LEVEL" ] && log_rule_limit $LEVEL $CHAIN DropBcasts DROP "" "$TAG" -A
+run_iptables -A DropBcasts -m pkttype --pkttype broadcast -j DROP
When using Shorewall-Perl:
/etc/shorewall/DropBcastsuse Shorewall::Chains;
+log_rule_limit( $level, $chainref, 'DropBcasts', 'DROP', '', $tag, 'add', '' ) if $level ne '';
add_rule( $chainref, '-m pkttype --pkttype broadcast -j DROP' );
1;
@@ -757,4 +759,4 @@ add_rule( $chainref, '-m pkttype --pkttype broadcast -j DROP' );
For a richer example, see this
article.
-
+
\ No newline at end of file