extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-13 13:16:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Documentation updates

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-11-10 14:38:55 -08:00
parent ff61d4dba4
commit a1e3683651
3 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/configuration_file_basics.xml
View File

@ -1448,6 +1448,28 @@ Comcast 2 0x20000 main COM_IF detect balance
class="devicefile">tun*</filename> in the COPY column.</para> class="devicefile">tun*</filename> in the COPY column.</para>
</section> </section>
<section>
<title>Zone and Chain Names</title>
<para>For a pair of zones, Shorewall creates two Netfilter chains; one for
connections in each direction. The names of these chains are formed by
separating the names of the two zones by either "2" or "-".</para>
<para>Example: Traffic from zone A to zone B would go through chain A2B
(think "A to B") or "A-B".</para>
<para>The default separator is "2" but you can override that by setting
ZONE_SEPARATOR="-" in <ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink> (5).</para>
<para>Zones themselves have names that begin with a letter and are
composed of letters, numerals, and "_". The maximum length of a name is
dependent on the setting of LOGFORMAT in <ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink> (5). See <ulink
url="manpages/shorewall-zones.html">shorewall-zones</ulink> (5) for
details.</para>
</section>
<section id="Levels"> <section id="Levels">
<title>Shorewall Configurations</title> <title>Shorewall Configurations</title>

6
manpages/shorewall.conf.xml
View File

@ -954,6 +954,12 @@ net all DROP info</programlisting>then the chain name is 'net2all'
that substring is not included then the rule number is not included. that substring is not included then the rule number is not included.
If not supplied or supplied as empty (LOGFORMAT="") then If not supplied or supplied as empty (LOGFORMAT="") then
“Shorewall:%s:%s:” is assumed.</para> “Shorewall:%s:%s:” is assumed.</para>
<note>
<para>The setting of LOGFORMAT has an effect of the permitted
length of zone names. See <ulink
url="shorewall-zones.html">shorewall-zones</ulink> (5).</para>
</note>
</listitem> </listitem>
</varlistentry> </varlistentry>

6
manpages6/shorewall6.conf.xml
View File

@ -836,6 +836,12 @@ net all DROP info</programlisting>then the chain name is 'net2all'
that substring is not included then the rule number is not included. that substring is not included then the rule number is not included.
If not supplied or supplied as empty (LOGFORMAT="") then If not supplied or supplied as empty (LOGFORMAT="") then
“Shorewall6:%s:%s:” is assumed.</para> “Shorewall6:%s:%s:” is assumed.</para>
<note>
<para>The setting of LOGFORMAT has an effect of the permitted
length of zone names. See <ulink
url="shorewall6-zones.html">shorewall6-zones</ulink> (5).</para>
</note>
</listitem> </listitem>
</varlistentry> </varlistentry>