extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-23 11:11:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Mention "all+' in the "Important" notes at the top

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-05-13 13:41:12 -07:00
parent 105d1db85d
commit b38f1416aa
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Shorewall/manpages/shorewall-policy.xml
View File

@ -42,8 +42,9 @@
<para>For $FW and for all of the zones defined in /etc/shorewall/zones, <para>For $FW and for all of the zones defined in /etc/shorewall/zones,
the POLICY for connections from the zone to itself is ACCEPT (with no the POLICY for connections from the zone to itself is ACCEPT (with no
logging or TCP connection rate limiting) but may be overridden by an logging or TCP connection rate limiting) but may be overridden by an
entry in this file. The overriding entry must be explicit (cannot use entry in this file. The overriding entry must be explicit (specifying
"all" in the SOURCE or DEST).</para> the zone name in both SOURCE and DEST) or it must use "all+" (Shorewall
4.5.17 or later).</para>
<para>Similarly, if you have IMPLICIT_CONTINUE=Yes in shorewall.conf, <para>Similarly, if you have IMPLICIT_CONTINUE=Yes in shorewall.conf,
then the implicit policy to/from any sub-zone is CONTINUE. These then the implicit policy to/from any sub-zone is CONTINUE. These

5
Shorewall6/manpages/shorewall6-policy.xml
View File

@ -42,8 +42,9 @@
<para>For $FW and for all of the zones defined in /etc/shorewall6/zones, <para>For $FW and for all of the zones defined in /etc/shorewall6/zones,
the POLICY for connections from the zone to itself is ACCEPT (with no the POLICY for connections from the zone to itself is ACCEPT (with no
logging or TCP connection rate limiting but may be overridden by an logging or TCP connection rate limiting but may be overridden by an
entry in this file. The overriding entry must be explicit (cannot use entry in this file. The overriding entry must be explicit (specifying
"all" in the SOURCE or DEST).</para> the zone name on both SOURCE and DEST) or it must use "all+ or it must
use "all+" (Shorewall 4.5.17 or later).</para>
<para>Similarly, if you have IMPLICIT_CONTINUE=Yes in shorewall6.conf, <para>Similarly, if you have IMPLICIT_CONTINUE=Yes in shorewall6.conf,
then the implicit policy to/from any sub-zone is CONTINUE. These then the implicit policy to/from any sub-zone is CONTINUE. These