From dcff4fad37857a4adb00fe46e58d44afabfd1b9e Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sun, 1 Sep 2013 12:20:44 -0700
Subject: [PATCH] Add sample action to shorewall.conf manpage.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/manpages/shorewall.conf.xml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/Shorewall/manpages/shorewall.conf.xml b/Shorewall/manpages/shorewall.conf.xml
index b7fd8ff11..f683be26d 100644
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@@ -2135,6 +2135,26 @@ LOG:info:,bar                        net                    fw</programlisting>
           it's name in this option. The <emphasis role="bold">nolog</emphasis>
           option will automatically be assumed for the specified
           <replaceable>action</replaceable>.</para>
+
+          <para>The following action implements the standard behavior:</para>
+
+          <programlisting>?format 2
+#TARGET         SOURCE  DEST    PROTO
+Broadcast(DROP) -       -       -
+DROP            -       -       2
+INLINE          -       -       6       ; -j REJECT --reject-with tcp-reset
+?if __ENHANCED_REJECT
+INLINE          -       -       17      ; -j REJECT
+?if __IPV4
+INLINE          -       -       1       ; -j REJECT --reject-with icmp-host-unreachable
+INLINE          -       -       -       ; -j REJECT --reject-with icmp-host-prohibited
+?else
+INLINE          -       -       58      ; -j REJECT --reject-with icmp6-addr-unreachable
+INLINE          -       -       -       ; -j REJECT --reject-with icmp6-adm-prohibited
+?endif
+?else
+INLINE          -       -       -       ; -j REJECT
+?endif</programlisting>
         </listitem>
       </varlistentry>