Update Shorewall-4 documentation

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6110 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

docs/Shorewall-4.xml

@@ -54,10 +54,10 @@
       </listitem>
     </itemizedlist>
 
-    <para> Shorewall version 4 offers you a choice. You can continue to use
-    the existing shell-based implementation or you can use a new
-    implementation of the Shorewall compiler written in the Perl programming
-    language. The new compiler:</para>
+    <para>Shorewall version 4 offers you a choice. You can continue to use the
+    existing shell-based implementation or you can use a new implementation of
+    the Shorewall compiler written in the Perl programming language. The new
+    compiler:</para>
 
     <itemizedlist>
       <listitem>
@@ -98,7 +98,7 @@
 
       <listitem>
         <para>Shorewall-perl - the new Perl-based compiler. May be installed
-        under Shorewall 3.4.2 or 3.9.x.</para>
+        under Shorewall 3.4.2 or later or 3.9.x.</para>
       </listitem>
 
       <listitem>
@@ -193,35 +193,28 @@
         match requirement is relaxed.</para>
       </listitem>
 
-      <listitem>
-        <para>Because the compiler is now written in Perl, your compile-time
-        extension scripts from earlier versions will no longer work. For now,
-        if you want to use extension scripts, you will need to read the Perl
-        code to see how the compiler operates internally. I will produce
-        documentation before the first official release. Compile-time
-        extension scripts are executed using the Perl 'do FILE'
-        mechanism.</para>
-      </listitem>
-
       <listitem>
         <para>The 'refresh' command is now synonymous with 'restart'.</para>
       </listitem>
 
       <listitem>
-        <para> Because the compiler is now written in Perl, your compile-time
+        <para>Because the compiler is now written in Perl, your compile-time
         extension scripts from earlier versions will no longer work.
         Compile-time extension scripts are executed using the Perl 'eval `cat
         &lt;file&gt;`' mechanism. Be sure that each script returns a 'true'
         value; otherwise, the compiler will assume that the script failed and
         will abort the compilation.</para>
 
-        <para>When a script is invoked, the $chainref scalar variable will
-        hold a reference to a chain table entry.</para>
+        <para>When a script is invoked, the <emphasis
+        role="bold">$chainref</emphasis> scalar variable will hold a reference
+        to a chain table entry.</para>
 
         <simplelist>
-          <member>$chainref-&gt;{name} contains the name of the chain</member>
+          <member><emphasis role="bold">$chainref-&gt;{name}</emphasis>
+          contains the name of the chain</member>
 
-          <member>$chainref-&gt;{table} holds the table name</member>
+          <member><emphasis role="bold">$chainref-&gt;{table}</emphasis> holds
+          the table name</member>
         </simplelist>
 
         <para>To add a rule to the chain:</para>
@@ -269,7 +262,7 @@
 
           <listitem>
             <para>There is only a single "pass as-is to iptables" argument (so
-            you must quote that par</para>
+            you must quote that part</para>
           </listitem>
         </itemizedlist>
 
@@ -282,7 +275,8 @@
               'DROP' , 
               '',    #Limit
               '' ,   #Log tag
-              'add';         </programlisting>
+              'add'
+              '-p tcp ';         </programlisting>
       </listitem>
 
       <listitem>
@@ -397,6 +391,12 @@ fi</programlisting>
         <para>The pre Shorewall-3.0 format of the zones file is not supported;
         neither is the <filename>/etc/shorewall/ipsec</filename> file.</para>
       </listitem>
+
+      <listitem>
+        <para>BLACKLISTNEWONLY=No is not permitted with FASTACCEPT=Yes. This
+        combination doesn't work in previous versions of Shorewall so the
+        Perl-based compiler simply rejects it.</para>
+      </listitem>
     </orderedlist>
   </section>
 

web/shorewall_index.htm

@@ -21,7 +21,7 @@ Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the
 license is included in the section entitled “<a href="GnuCopyright.htm"
 target="_self">GNU Free Documentation License</a>”.</p>
 
-<p>2007-04-22</p>
+<p>2007-04-24</p>
 <hr style="width: 100%; height: 2px;">
 
 <h2>Table of Contents</h2>
@@ -133,17 +133,16 @@ is 3.2.10<br>
     href="http://www1.shorewall.net/pub/shorewall/3.2/shorewall-3.2.10/errata/">updates</a>.</li>
 </ul>
 The <span style="font-weight: bold;">current Development Release</span> is
-3.9.3<br>
+3.9.4<br>
 
 <ul>
   <li>Here are the <a
-    href="http://www1.shorewall.net/pub/shorewall/development/3.9/shorewall-3.9.3/releasenotes.txt">release
+    href="http://www1.shorewall.net/pub/shorewall/development/3.9/shorewall-3.9.4/releasenotes.txt">release
     notes</a> <br>
   </li>
   <li>Here are the <a
-    href="http://www1.shorewall.net/pub/shorewall/development/3.9/shorewall-3.9.3/known_problems.txt">known
-    problems</a> and <a
-    href="http://www1.shorewall.net/pub/shorewall/development/3.9/shorewall-3.9.3/errata/">updates</a>.</li>
+    href="http://www1.shorewall.net/pub/shorewall/development/3.9/shorewall-3.9.4/known_problems.txt">known
+    problems</a>.</li>
 </ul>
 
 <div style="margin-left: 40px;">