From f5e1a42ac9800e858b359d8cd44169ea96e68f55 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sun, 2 Sep 2012 09:10:19 -0700 Subject: [PATCH] Update the Shorewall-Lite article - Mention shorewallrc - Mention that /etc/shorewall/shorewall.conf is no longer read when the configuration directory has a shorewall.conf file. Signed-off-by: Tom Eastep --- docs/Shorewall-Lite.xml | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/docs/Shorewall-Lite.xml b/docs/Shorewall-Lite.xml index 2d7e752d0..bbf8eccbc 100644 --- a/docs/Shorewall-Lite.xml +++ b/docs/Shorewall-Lite.xml @@ -248,7 +248,8 @@ command, Shorewall will use ssh to run /usr/share/shorewall-lite/shorecap on the remote firewall to create a capabilities file in the firewall's - administrative direction. See below. @@ -592,8 +593,9 @@ command:
- shorewall compile [ -e ] [ <directory name> ] [ - <path name> ] + shorewall compile [ -e ] [ <directory + name> ] [ <path name> + ]
where @@ -615,6 +617,11 @@ supports. It rather reads those capabilities from /etc/shorewall/capabilities. See below for details. + + Also, when is specified you should have + a copy of the remote firewall's shorewallrc + file in the the directory specified by <directory + name>. @@ -626,12 +633,19 @@ before those directories listed in the CONFIG_PATH variable in shorewall.conf. - When -e <directory-name> is included, only the - SHOREWALL_SHELL and VERBOSITY settings from + When -e <directory-name> is + included, only the SHOREWALL_SHELL and VERBOSITY settings from /etc/shorewall/shorewall.conf are used and these apply only to the compiler itself. The settings used by the compiled firewall script are determined by the contents of <directory name>/shorewall.conf. + + + Beginning with Shorewall 4.5.7.2, + /etc/shorewall/shorewall.conf is not read + if there is a shorewall.conf file in the + specified configuration directory. +