Fix typo in shorewall-rules(5)

This commit is contained in:
Tom Eastep 2009-11-18 19:55:20 -08:00
parent 4579a71574
commit c39a9fb5eb
3 changed files with 10 additions and 18 deletions

View File

@ -147,6 +147,7 @@ our %EXPORT_TAGS = (
addnatjump addnatjump
set_chain_variables set_chain_variables
mark_firewall_not_started mark_firewall_not_started
mark_firewall6_not_started
get_interface_address get_interface_address
get_interface_addresses get_interface_addresses
get_interface_bcasts get_interface_bcasts
@ -2125,7 +2126,11 @@ sub set_chain_variables() {
# Emit code that marks the firewall as not started. # Emit code that marks the firewall as not started.
# #
sub mark_firewall_not_started() { sub mark_firewall_not_started() {
if ( $family == F_IPV4 ) {
emit ( 'qt1 $IPTABLES -L shorewall -n && qt1 $IPTABLES -F shorewall && qt1 $IPTABLES -X shorewall' ); emit ( 'qt1 $IPTABLES -L shorewall -n && qt1 $IPTABLES -F shorewall && qt1 $IPTABLES -X shorewall' );
} else {
emit ( 'qt1 $IPTABLES6 -L shorewall -n && qt1 $IPTABLES6 -F shorewall && qt1 $IPTABLES6 -X shorewall' );
}
} }
#################################################################################################################### ####################################################################################################################

View File

@ -421,23 +421,10 @@ sub generate_script_3($) {
emit "disable_ipv6\n" if $config{DISABLE_IPV6}; emit "disable_ipv6\n" if $config{DISABLE_IPV6};
} else { } else {
emit ( '#',
'# Recent kernels are difficult to configure -- we see state match omitted a lot so we check for it here',
'#',
'qt1 $IP6TABLES -N foox1234',
'qt1 $IP6TABLES -A foox1234 -m state --state ESTABLISHED,RELATED -j ACCEPT',
'result=$?',
'qt1 $IP6TABLES -F foox1234',
'qt1 $IP6TABLES -X foox1234',
'[ $result = 0 ] || startup_error "Your kernel/ip6tables do not include state match support. No version of Shorewall6 will run on this system"',
'' );
emit ( '[ "$COMMAND" = refresh ] && run_refresh_exit || run_init_exit', emit ( '[ "$COMMAND" = refresh ] && run_refresh_exit || run_init_exit',
'', '' );
'qt1 $IP6TABLES -L shorewall -n && qt1 $IP6TABLES -F shorewall && qt1 $IP6TABLES -X shorewall', mark_firewall_not_started;
'' emit '';
);
} }
emit qq(delete_tc1\n) if $config{CLEAR_TC}; emit qq(delete_tc1\n) if $config{CLEAR_TC};

View File

@ -828,7 +828,7 @@
role="bold">-</emphasis>] or <emphasis role="bold">-</emphasis>] or <emphasis
role="bold">REDIRECT</emphasis>[<emphasis role="bold">-</emphasis>] role="bold">REDIRECT</emphasis>[<emphasis role="bold">-</emphasis>]
then if this column is included and is different from the IP address then if this column is included and is different from the IP address
given in the <emphasis role="bold">SERVER</emphasis> column, then given in the <emphasis role="bold">DEST</emphasis> column, then
connections destined for that address will be forwarded to the IP connections destined for that address will be forwarded to the IP
and port specified in the <emphasis role="bold">DEST</emphasis> and port specified in the <emphasis role="bold">DEST</emphasis>
column.</para> column.</para>