extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-04-01 11:26:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update man pages for .1

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8175 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-02-10 06:00:33 +00:00
parent 8946d7320c
commit a348da6636
3 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
manpages/shorewall-tcclasses.xml
View File

@ -196,8 +196,8 @@
role="bold">,</emphasis><emphasis>option</emphasis>]...]</term> role="bold">,</emphasis><emphasis>option</emphasis>]...]</term>
<listitem> <listitem>
<para>A comma-separated list of options including the <para>Added in Shorewall-perl 4.1. A comma-separated list of options
following:</para> including the following:</para>
<variablelist> <variablelist>
<varlistentry> <varlistentry>

9
manpages/shorewall-tcrules.xml
View File

@ -87,7 +87,14 @@
<para>- If the SOURCE is <emphasis <para>- If the SOURCE is <emphasis
role="bold">$FW</emphasis>[<emphasis role="bold">$FW</emphasis>[<emphasis
role="bold">:</emphasis><emphasis>address-or-range</emphasis>[,<emphasis>address-or-range</emphasis>]...], role="bold">:</emphasis><emphasis>address-or-range</emphasis>[,<emphasis>address-or-range</emphasis>]...],
then the rule is inserted into the OUTPUT chain.</para> then the rule is inserted into the OUTPUT chain. The behavior
changed in Shorewall-perl 4.1. Previously, when
HIGH_ROUTE_MARKS=Yes, Shorewall allowed non-zero mark values
&lt; 256 to be assigned in the OUTPUT chain. This has been
changed so that only high mark values may be assigned there.
Packet marking rules for traffic shaping of packets originating
on the firewall must be coded in the POSTROUTING chain (see
below).</para>
<para>- Otherwise, the chain is determined by the setting of <para>- Otherwise, the chain is determined by the setting of
MARK_IN_FORWARD_CHAIN in <ulink MARK_IN_FORWARD_CHAIN in <ulink

8
manpages/shorewall.xml
View File

@ -944,6 +944,14 @@
chains such as FORWARD may not be refreshed.</para> chains such as FORWARD may not be refreshed.</para>
<para>Example:<programlisting><command>shorewall refresh net2fw nat:net_dnat</command> #Refresh the 'net2loc' chain in the filter table and the 'net_dnat' chain in the nat table</programlisting></para> <para>Example:<programlisting><command>shorewall refresh net2fw nat:net_dnat</command> #Refresh the 'net2loc' chain in the filter table and the 'net_dnat' chain in the nat table</programlisting></para>
<para>Beginning with Shorewall 4.1, the <emphasis
role="bold">refresh</emphasis> command has slightly different
behavior. When no chain name is given to the <emphasis
role="bold">refresh</emphasis> command, the mangle table is
refreshed along with the blacklist chain (if any). This allows you
to modify <filename>/etc/shorewall/tcrules </filename>and install
the changes using <emphasis role="bold">refresh</emphasis>. </para>
</listitem> </listitem>
</varlistentry> </varlistentry>