diff --git a/Shorewall/manpages/shorewall-tcfilters.xml b/Shorewall/manpages/shorewall-tcfilters.xml index c3b6fb804..d43d23ffa 100644 --- a/Shorewall/manpages/shorewall-tcfilters.xml +++ b/Shorewall/manpages/shorewall-tcfilters.xml @@ -198,7 +198,32 @@ Added in Shorewall 4.5.8. Specifies the rule priority. If not given, priority 10 is assumed. The - priority value must be > 0. + priority value must be > 0 and <= + 65535. + + When a priority is not + given: + + + + For Shorewall versions prior to 4.5.8, all filters have + priority 10. + + + + For Shorewall 4.5.8 and later, the compiler maintains a + high-water priority that has an initial + value of 1. When a filter has no + priority, the high-water priority is + assigned to the filter and the high-wanter priority is + incremented by 1. When a priority + greater than or equal than the high-water priority is entered in + this column, the high-water priority is set to the specified + priority plus 1. An attempt to assign + a priority value greater than 65535 (explicitly or implicitly), + an error is raised. + + The default priority values used by other Shorewall-generated filters are as follows: diff --git a/Shorewall6/manpages/shorewall6-tcfilters.xml b/Shorewall6/manpages/shorewall6-tcfilters.xml index 7ac2294f5..10dd4dc3e 100644 --- a/Shorewall6/manpages/shorewall6-tcfilters.xml +++ b/Shorewall6/manpages/shorewall6-tcfilters.xml @@ -192,8 +192,32 @@ Added in Shorewall 4.5.8. Specifies the rule priority. If not - given, priority 11 is assumed. The priority value must be > - 0. + given, priority 11 is assumed. The priority value must be > 0 and + <= 65535. + + When a priority is not + given: + + + + For Shorewall versions prior to 4.5.8, all filters have + priority 11. + + + + For Shorewall 4.5.8 and later, the compiler maintains a + high-water priority that has an initial + value of 1. When a filter has no + priority, the high-water priority is + assigned to the filter and the high-wanter priority is + incremented by 1. When a priority + greater than or equal than the high-water priority is entered in + this column, the high-water priority is set to the specified + priority plus 1. An attempt to assign + a priority value greater than 65535 (explicitly or implicitly), + an error is raised. + + The default priority values used by other Shorewall-generated filters are as follows: