From e8657289fc4ed2af3f7c3dceb27d31e2816699dc Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 16 Aug 2007 16:08:53 +0000 Subject: [PATCH] Update manpages for mss option git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7152 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-common/lib.base | 2 +- Shorewall-common/lib.config | 3 ++- Shorewall-perl/prog.header | 2 +- manpages/shorewall-interfaces.xml | 12 ++++++++++++ manpages/shorewall.conf.xml | 8 ++++---- manpages/shorewall.xml | 14 ++++++++------ 6 files changed, 28 insertions(+), 13 deletions(-) diff --git a/Shorewall-common/lib.base b/Shorewall-common/lib.base index eb13e0474..065ebc6fe 100644 --- a/Shorewall-common/lib.base +++ b/Shorewall-common/lib.base @@ -1424,7 +1424,7 @@ undo_routing() { # Restore rt_tables database # if [ -f ${VARDIR}/rt_tables ]; then - [ -w /etc/iproute2/rt_table ] && cp -f ${VARDIR}/rt_tables /etc/iproute2/ && progress_message "/etc/iproute2/rt_tables database restored" + [ -w /etc/iproute2/rt_table -a -z "$KEEP_RT_TABLES" ] && cp -f ${VARDIR}/rt_tables /etc/iproute2/ && progress_message "/etc/iproute2/rt_tables database restored" rm -f ${VARDIR}/rt_tables fi # diff --git a/Shorewall-common/lib.config b/Shorewall-common/lib.config index daa831e5c..3e9090863 100644 --- a/Shorewall-common/lib.config +++ b/Shorewall-common/lib.config @@ -1741,7 +1741,7 @@ do_initialize() { USE_ACTIONS= OPTIMIZE= EXPORTPARAMS= - #EXPERIMENTAL is inherited + KEEP_TC_RULES= # # Packet Disposition @@ -2017,6 +2017,7 @@ do_initialize() { TC_EXPERT=$(added_param_value_no TC_EXPERT $TC_EXPERT) USE_ACTIONS=$(added_param_value_yes USE_ACTIONS $USE_ACTIONS) EXPORTPARAMS=$(added_param_value_yes EXPORTPARAMS $EXPORTPARAMS) + KEEP_TC_RULES=$(added_param_value_no KEEP_TC_RULES $KEEP_TC_RULES) [ "$PROGRAM" = compiler ] && [ -n "$USE_ACTIONS" ] && lib_load actions "USE_ACTIONS=Yes" diff --git a/Shorewall-perl/prog.header b/Shorewall-perl/prog.header index 6cf884d7f..e275fbabd 100644 --- a/Shorewall-perl/prog.header +++ b/Shorewall-perl/prog.header @@ -819,7 +819,7 @@ undo_routing() { # Restore rt_tables database # if [ -f ${VARDIR}/rt_tables ]; then - [ -w /etc/iproute2/rt_table ] && cp -f ${VARDIR}/rt_tables /etc/iproute2/ && progress_message "/etc/iproute2/rt_tables database restored" + [ -w /etc/iproute2/rt_table -a -z "$KEEP_RT_TABLES" ] && cp -f ${VARDIR}/rt_tables /etc/iproute2/ && progress_message "/etc/iproute2/rt_tables database restored" rm -f ${VARDIR}/rt_tables fi # diff --git a/manpages/shorewall-interfaces.xml b/manpages/shorewall-interfaces.xml index 9efaafc3b..0f1a140ff 100644 --- a/manpages/shorewall-interfaces.xml +++ b/manpages/shorewall-interfaces.xml @@ -307,6 +307,18 @@ loc eth2 - + + mss[=number] + + + Added in Shorewall 4.0.3. Causes forwarded TCP SYN + packets entering or leaving on this interface to have their + MSS field set to the specified + number. + + + norfc1918 diff --git a/manpages/shorewall.conf.xml b/manpages/shorewall.conf.xml index dcc099350..3cac01a50 100644 --- a/manpages/shorewall.conf.xml +++ b/manpages/shorewall.conf.xml @@ -635,10 +635,10 @@ net all DROP infothen the chain name is 'net2all' role="bold">Yes|No} - When set to , this option prevents scripts - generated by Shorewall-perl from altering the - /etc/iproute2/rt_tables database when there are entries in - /etc/shorewall/providers. If you set this + Added in Shorewall 4.0.3. When set to , + this option prevents scripts generated by Shorewall-perl from + altering the /etc/iproute2/rt_tables database when there are entries + in /etc/shorewall/providers. If you set this option to while Shorewall (Shorewall-lite) is running, you should remove the file /var/lib/shorewall/rt_tables diff --git a/manpages/shorewall.xml b/manpages/shorewall.xml index d4746ad23..8bf4b533d 100644 --- a/manpages/shorewall.xml +++ b/manpages/shorewall.xml @@ -582,9 +582,10 @@ are untouched. Clear is often used to see if the firewall is causing connection problems. - If the is given, the command will be - processed by the compiled script that executed the last successful - start, The option was added in Shorewall 4.0.3. + If is given, the command will be processed by + the compiled script that executed the last successful start, restart or refresh command if that script exists. @@ -1179,9 +1180,10 @@ url="shorewall-routestopped.html">shorewall-routestopped(5) or by ADMINISABSENTMINDED. - If the is given, the command will be - processed by the compiled script that executed the last successful - start, The option was added in Shorewall 4.0.3. + If is given, the command will be processed by + the compiled script that executed the last successful start, restart or refresh command if that script exists.