From caa72fb7d28f03cb10bb9fbe5bdadbf412268fb4 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sun, 2 Mar 2014 10:39:12 -0800 Subject: [PATCH] Correct routestopped files. Signed-off-by: Tom Eastep --- Shorewall/manpages/shorewall-routestopped.xml | 9 ++++++- .../manpages/shorewall6-routestopped.xml | 25 +++---------------- 2 files changed, 11 insertions(+), 23 deletions(-) diff --git a/Shorewall/manpages/shorewall-routestopped.xml b/Shorewall/manpages/shorewall-routestopped.xml index 745f5eae8..3d46d5f4a 100644 --- a/Shorewall/manpages/shorewall-routestopped.xml +++ b/Shorewall/manpages/shorewall-routestopped.xml @@ -118,7 +118,7 @@ - notrack + notrack The traffic will be exempted from connection @@ -126,6 +126,13 @@ + + + The source and dest options work best when used in + conjunction with ADMINISABSENTMINDED=Yes in shorewall6.conf(5). + diff --git a/Shorewall6/manpages/shorewall6-routestopped.xml b/Shorewall6/manpages/shorewall6-routestopped.xml index a9f89dd9e..a5ea911d5 100644 --- a/Shorewall6/manpages/shorewall6-routestopped.xml +++ b/Shorewall6/manpages/shorewall6-routestopped.xml @@ -114,30 +114,11 @@ - critical + notrack - Allow traffic between the firewall and these hosts - throughout '[re]start', 'stop' and 'clear'. Specifying - critical on one or more - entries will cause your firewall to be "totally open" for a - brief window during each of those operations. Examples of - where you might want to use this are: - - - - 'Ping' nodes with heartbeat. - - - - LDAP server(s) if you use LDAP Authentication - - - - NFS Server if you have an NFS-mounted root - filesystem. - - + The traffic will be exempted from connection + tracking.