Merge branch 'master' into 4.6.1

docs/Anatomy.xml

@@ -504,7 +504,7 @@
     <section id="sbin-lite">
       <title>/sbin</title>
 
-      <para>The <filename>/sbin/shorewall-lite</filename> shell program is use
+      <para>The <filename>/sbin/shorewall-lite</filename> shell program is used
       to interact with Shorewall lite. See <ulink
       url="manpages/shorewall-lite.html">shorewall-lite</ulink>(8).</para>
     </section>

docs/Build.xml

@@ -134,7 +134,7 @@
       <para>Added in Shorewall 4.4.22, this directory contains the files that
       contain release-dependent information (change.txt, releasenotes.txt,
       .spec files, etc). This is actually a symbolic link to ../release which
-      has it's own Git repository.</para>
+      has its own Git repository.</para>
     </section>
   </section>
 

docs/ConnectionRate.xml

@@ -67,7 +67,7 @@
     by 1 but is not allowed to exceed its initial setting (5).</para>
 
     <para>By default, the aggregate connection rate is limited. If the
-    specification is preceeded by "<option>s:</option>" or
+    specification is preceded by "<option>s:</option>" or
     "<option>d:</option>", then the rate is limited per SOURCE or per
     DESTINATION IP address respectively.</para>
 

docs/Events.xml

@@ -35,7 +35,7 @@
   </articleinfo>
 
   <caution>
-    <para>This article applies to Shorewall 4.5.19 and later and supercedes
+    <para>This article applies to Shorewall 4.5.19 and later and supersedes
     <ulink url="PortKnocking.html">this article.</ulink></para>
   </caution>
 
@@ -477,7 +477,7 @@ root@gateway:~# </programlisting>
 
       <para>This example is taken from <ulink
       url="http://www.briandowney.net/blog/2009/08/20/firewalling-brute-force-attempts-with-iptables/">this
-      article</ulink> which explains the nice benifits of this approach. This
+      article</ulink> which explains the nice benefits of this approach. This
       example is for ssh, but it can be adapted for any application.</para>
 
       <para>The name SSH has been changed to SSHLIMIT so as not to override

docs/IPSEC-2.6.xml

@@ -59,7 +59,7 @@
 
   <important>
     <para><emphasis role="bold">Shorewall does not configure IPSEC for
-    you</emphasis> -- it rather configures netfilter to accomodate your IPSEC
+    you</emphasis> -- it rather configures netfilter to accommodate your IPSEC
     configuration.</para>
   </important>
 
@@ -139,7 +139,7 @@
     and zones was made easy by the presence of IPSEC pseudo-interfaces with
     names of the form <filename class="devicefile">ipsecN</filename> (e.g.
     <filename class="devicefile">ipsec0</filename>). Outgoing unencrypted
-    traffic (case 1.) was send through an <filename
+    traffic (case 1.) was sent through an <filename
     class="devicefile">ipsecN</filename> device while incoming unencrypted
     traffic (case 2) arrived from an <filename
     class="devicefile">ipsecN</filename> device. The 2.6 kernel-based

docs/Install.xml

@@ -147,7 +147,7 @@
       <emphasis role="bold">Shorewall-core</emphasis> 4.5.2 or later, a
       shorewallrc file named ${HOME}/.shorewallrc will be installed. That file
       will provide the default parameters for installing other Shorewall
-      components of the same or later verion.</para>
+      components of the same or later version.</para>
 
       <para>Note that <emphasis role="bold">you must install Shorewall-core
       before installing any other Shorewall package</emphasis>.</para>
@@ -730,7 +730,7 @@
 
           <programlisting><command>./install.sh -s</command></programlisting>
 
-          <para>The <emphasis role="bold">-s</emphasis> option supresses
+          <para>The <emphasis role="bold">-s</emphasis> option suppresses
           installation of all files in <filename
           class="directory">/etc/shorewall</filename> except
           <filename>shorewall.conf</filename>. You can copy any other files

docs/KVM.xml

@@ -66,7 +66,7 @@
   <section>
     <title>Networking Configuration</title>
 
-    <para>I use a network configuration where each VM has it's own VNET and
+    <para>I use a network configuration where each VM has its own VNET and
     tap device and the tap devices are all configured as ports on a Linux
     Bridge. For clarity, I've only shown four of the virtual machines
     available on the system.</para>

docs/Manpages.xml

@@ -89,7 +89,7 @@
         Define MAC verification.</member>
 
         <member><ulink url="manpages/shorewall-mangle.html">mangle</ulink> -
-        Supercedes tcrules and describes packet/connection marking.</member>
+        Supersedes tcrules and describes packet/connection marking.</member>
 
         <member><ulink url="manpages/shorewall-masq.html">masq</ulink> -
         Define Masquerade/SNAT</member>
@@ -168,7 +168,7 @@
         state (added in Shorewall 4.5.8).</member>
 
         <member><ulink url="manpages/shorewall-tcrules.html">tcrules</ulink> -
-        Define packet marking rules, usually for traffic shaping. Superceded
+        Define packet marking rules, usually for traffic shaping. Superseded
         by mangle (above) in Shorewall 4.6.0.</member>
 
         <member><ulink url="manpages/shorewall-tos.html">tos</ulink> - Define

docs/Manpages6.xml

@@ -79,7 +79,7 @@
         - Define MAC verification.</member>
 
         <member><ulink url="manpages6/shorewall6-mangle.html">mangle</ulink> -
-        Supercedes tcrules and describes packet/connection marking.</member>
+        Supersedes tcrules and describes packet/connection marking.</member>
 
         <member><ulink url="manpages6/shorewall6-masq.html">masq</ulink> -
         Define Masquerade/SNAT</member>
@@ -149,7 +149,7 @@
         Classify traffic for simplified traffic shaping.</member>
 
         <member><ulink url="manpages6/shorewall6-tcrules.html">tcrules</ulink>
-        - Define packet marking rules, usually for traffic shaping. Superceded
+        - Define packet marking rules, usually for traffic shaping. Superseded
         by mangle (above) in Shorewall 4.6.0.</member>
 
         <member><ulink url="manpages6/shorewall6-tos.html">tos</ulink> -

docs/MultiISP.xml

@@ -155,7 +155,7 @@
       Shorewall can set up the correct marking rules for you.</para>
 
       <important>
-        <para><filename>/etc/shorewall/mangle</filename> superceded
+        <para><filename>/etc/shorewall/mangle</filename> superseded
         <filename>/etc/shorewall/tcrules</filename> in Shorewall 4.6.0.</para>
       </important>
 

docs/MyNetwork.xml

@@ -171,7 +171,7 @@
   <section>
     <title>Shorewall Configuration</title>
 
-    <para>This section contains exerpts from the Shorewall
+    <para>This section contains excerpts from the Shorewall
     configuration.</para>
 
     <para>It is important to keep in mind that parts of my configuration are

docs/OPENVPN.xml

@@ -603,7 +603,7 @@ net    COM_IF     detect    dhcp,blacklist,optional,routefilter=0,logmartians,pr
 6to4                    net
 <emphasis role="bold">6to4                    vpn</emphasis></programlisting>
 
-      <para>Similarly, here are exerpts from the Shorewall6
+      <para>Similarly, here are excerpts from the Shorewall6
       configuration.</para>
 
       <para><filename>/etc/shorewall6/zones</filename>:</para>

docs/OpenVZ.xml

@@ -452,7 +452,7 @@ NAME="server"</emphasis></programlisting>
     <section>
       <title>Shorewall Configuration on the Host</title>
 
-      <para>Below are exerpts from the configuration files as they pertain to
+      <para>Below are excerpts from the configuration files as they pertain to
       the OpenVZ environment.</para>
 
       <para><filename>/etc/shorewall/zones</filename>:</para>
@@ -762,7 +762,7 @@ NAME="server"
     <section>
       <title>Shorewall Configuration on the Host</title>
 
-      <para>Below are exerpts from the configuration files as they pertain to
+      <para>Below are excerpts from the configuration files as they pertain to
       the OpenVZ environment. Again, bold font indicates change from the prior
       configuration.</para>
 

docs/PacketMarking.xml

@@ -44,7 +44,7 @@
   </caution>
 
   <important>
-    <para>/etc/shorewall/mangle superceded /etc/shorewall/tcruels in Shorewall
+    <para>/etc/shorewall/mangle superseded /etc/shorewall/tcruels in Shorewall
     4.6.0. /etc/shorwall/tcrules is still supported but its use is
     deprecated.</para>
   </important>

docs/PortKnocking.xml

@@ -41,7 +41,7 @@
   </articleinfo>
 
   <note>
-    <para>The techniques described in this article were superceded in
+    <para>The techniques described in this article were superseded in
     Shorewall 4.5.19 with the introduction of Shorewall Events.</para>
   </note>
 

docs/SplitDNS.xml

@@ -167,7 +167,7 @@ linksys.shorewall.net has address 172.20.1.1
 teastep@tipper:~$ </programlisting></para>
 
     <para>As a bonus, dnsmasq can also act as a DHCP server. Here are some
-    exerpts from the corresponding /etc/dnsmasq.conf:</para>
+    excerpts from the corresponding /etc/dnsmasq.conf:</para>
 
     <programlisting>interface=eth1
 

docs/XenMyWay-Routed.xml

@@ -376,7 +376,7 @@ bootentry = 'hda2:/boot/vmlinuz-xen,/boot/initrd-xen'
       has an RFC 1918 address (192.168.1.7). That configuration is established
       by Xen which clones the primary IP address of eth0 on all of the routed
       virtual interfaces that it creates. <emphasis
-      role="bold">test</emphasis> is configured with it's default route via
+      role="bold">test</emphasis> is configured with its default route via
       192.168.1.254 which is the IP address of the firewall's br0. That works
       because of the way that the Linux network stack treats local IPv4
       addresses; by default, it will respond to ARP "who-has" broadcasts for

docs/configuration_file_basics.xml

@@ -110,7 +110,7 @@
         </listitem>
 
         <listitem>
-          <para><filename>/etc/shorewall/mangle</filename> - supercedes
+          <para><filename>/etc/shorewall/mangle</filename> - supersedes
           <filename>/etc/shorewall/tcrules</filename> in Shorewall 4.6.0.
           Contains rules for packet marking, TTL, TPROXY, etc.</para>
         </listitem>
@@ -140,7 +140,7 @@
           <para><filename>/etc/shorewall/tcrules </filename>- The file has a
           rather unfortunate name because it is used to define marking of
           packets for later use by both traffic control/shaping and policy
-          routing. This file is superceded by
+          routing. This file is superseded by
           <filename>/etc/shorewall/mangle</filename> in Shorewall
           4.6.0.</para>
         </listitem>
@@ -288,7 +288,7 @@
 
         <listitem>
           <para><filename>/etc/shorewall/mangle</filename> -- Added in
-          Shorewall 4.6.0. Supercedes<filename>
+          Shorewall 4.6.0. Supersedes<filename>
           /etc/shorewall/tcrules</filename>.</para>
         </listitem>
       </itemizedlist></para>
@@ -1168,7 +1168,7 @@ SHELL cat /etc/shorewall/rules.d/*.rules 2&gt; /dev/null || true</programlisting
       <para>Beginning with Shorewall 4.5.2, in files other than
       <filename>/etc/shorewall/params</filename> and
       <filename>/etc/shorewall/conf</filename>, INCLUDE may be immediately
-      preceeded with '?' to signal that the line is a compiler directive and
+      preceded with '?' to signal that the line is a compiler directive and
       not configuration data.</para>
 
       <para>Example:</para>
@@ -1483,7 +1483,7 @@ SHELL cat /etc/shorewall/rules.d/*.rules 2&gt; /dev/null || true</programlisting
         <programlisting>EXT_IP=$(ssh root@firewall "/sbin/shorewall-lite call find_first_interface_address eth0")</programlisting>
 
         <para>The <command>shorewall-lite call</command> command allows you to
-        to call interactively any Shorewall function that you can call in an
+        call interactively any Shorewall function that you can call in an
         extension script.</para>
 
         <note>
@@ -2150,7 +2150,7 @@ SHELL cat /etc/shorewall/rules.d/*.rules 2&gt; /dev/null || true</programlisting
 ACCEPT loc fw tcp 22
 ACCEPT dmz fw tcp 22</programlisting></para>
 
-    <para>Perl scripts run in the context of of the compiler process using
+    <para>Perl scripts run in the context of the compiler process using
     Perl's eval() function. Perl scripts are implicitly prefixed by the
     following:</para>
 
@@ -2370,7 +2370,7 @@ POP(ACCEPT)     loc                  net:pop.gmail.com</programlisting>
     192.168.1.4</quote>. There must be no white space following the
     <quote>!</quote>.</para>
 
-    <para>Similarly, in columns that specify an IP protocol, you can preceed
+    <para>Similarly, in columns that specify an IP protocol, you can precede
     the protocol name or number by "!". For example, !tcp means "any protocol
     except tcp".</para>
 

docs/ipsets.xml

@@ -130,7 +130,7 @@ ACCEPT       net:+sshok  $FW      tcp      22</programlisting></para>
 
     <para>Beginning with Shorewall 4.4.14, multiple source or destination
     matches may be specified by placing multiple set names in '+[...]' (e.g.,
-    +[myset,myotherset]). When so inclosed, the set names need not be prefixed
+    +[myset,myotherset]). When so enclosed, the set names need not be prefixed
     with a plus sign.</para>
 
     <para>Shorewall can save/restore your ipset contents with certain

docs/traffic_shaping.xml

@@ -908,7 +908,7 @@ ppp0           6000kbit         500kbit</programlisting>
       qualifier (see below).</emphasis></para>
 
       <para>See shorewall-mangle(5) and shorewall-tcrules(5) for a description
-      of the entries in these files. Note that the mangle file superceded the
+      of the entries in these files. Note that the mangle file superseded the
       tcrules file in Shorewall 4.6.0.</para>
 
       <para>The following examples are for the mangle file.</para>

docs/upgrade_issues.xml

@@ -95,7 +95,7 @@
 
       <listitem>
         <para>Beginning with Shorewall 4.6.0, the 'tcrules' file has been
-        superceded by the 'mangle' file. Existing 'tcrules' files will still
+        superseded by the 'mangle' file. Existing 'tcrules' files will still
         be processed, with the restriction that TPROXY is no longer supported
         in FORMAT 1. If your 'tcrules' file has non-commentary entries, the
         following warning message is issued:</para>