From e7dade41454be54f660f7c502341f40bfa3ecef4 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sun, 3 Dec 2006 18:42:14 +0000
Subject: [PATCH] Document new 'try' and 'safe-' behavior

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5042 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 manpages/shorewall.xml | 51 ++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 49 insertions(+), 2 deletions(-)

diff --git a/manpages/shorewall.xml b/manpages/shorewall.xml
index 2221cf051..d92050629 100644
--- a/manpages/shorewall.xml
+++ b/manpages/shorewall.xml
@@ -274,6 +274,8 @@
       <arg>-options</arg>
 
       <command>safe-restart</command>
+
+      <arg>directory</arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
@@ -282,6 +284,8 @@
       <arg>-options</arg>
 
       <command>safe-start</command>
+
+      <arg>directory</arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
@@ -394,6 +398,18 @@
       <command>status</command>
     </cmdsynopsis>
 
+    <cmdsynopsis>
+      <command>shorewall</command>
+
+      <arg>-options</arg>
+
+      <command>try</command>
+
+      <arg choice="plain">directory</arg>
+
+      <arg>timeout</arg>
+    </cmdsynopsis>
+
     <cmdsynopsis>
       <command>shorewall</command>
 
@@ -788,7 +804,9 @@
           want to accept the new configuration or not. If you answer "n" or if
           you fail to answer within 60 seconds (such as when your new
           configuration has disabled communication with your terminal), the
-          configuration is restored from the saved configuration.</para>
+          configuration is restored from the saved configuration. If a
+          directory is given, then Shorewall will look in that directory first
+          when opening configuration files.</para>
         </listitem>
       </varlistentry>
 
@@ -800,7 +818,9 @@
           asking if everything went all right. If you answer "n" or if you
           fail to answer within 60 seconds (such as when your new
           configuration has disabled communication with your terminal), a
-          shorewall clear is performed for you.</para>
+          shorewall clear is performed for you. If a directory is given, then
+          Shorewall will look in that directory first when opening
+          configuration files.</para>
         </listitem>
       </varlistentry>
 
@@ -988,6 +1008,33 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><emphasis role="bold">try</emphasis></term>
+
+        <listitem>
+          <para>If Shorewall is started then the firewall state is saved to a
+          temporary saved configuration
+          (<filename>/var/lib/shorewall/.try</filename>). Next, if Shorewall
+          is currently started then a <emphasis role="bold">restart</emphasis>
+          command is issued; otherwise, a <emphasis
+          role="bold">start</emphasis> command is performed. if an error
+          occurs during the compliation phase of the <emphasis
+          role="bold">restart</emphasis> or <emphasis
+          role="bold">start</emphasis>, the command terminates without
+          changing the Shorewall state. If an error occurs during the
+          <emphasis role="bold">restart</emphasis> phase, then a <emphasis
+          role="bold">shorewall restore</emphasis> is performed using the
+          saved configuration. If an error occurs during the <emphasis
+          role="bold">start</emphasis> phase, then Shorewall is cleared. If
+          the <emphasis role="bold">start</emphasis>/<emphasis
+          role="bold">restart</emphasis> succeeds and a
+          <replaceable>timeout</replaceable> is specified then a <emphasis
+          role="bold">clear</emphasis> or <emphasis
+          role="bold">restore</emphasis> is performed after
+          <replaceable>timeout</replaceable> seconds.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><emphasis role="bold">version</emphasis></term>