#
# Shorewall version 4 - Macro Template
#
# /usr/share/shorewall/macro.template
#
# Macro files are similar to action files with the following exceptions:
#
#	- A macro file is not processed unless the marcro that it defines is
#	  referenced in the /etc/shorewall/rules file or in an action
#	  definition file.
#
#	- Macros are translated directly into one or more rules whereas
#	  actions become their own chain.
#
#	- All entries in a macro undergo substitution when the macro is
#	  invoked in the rules file.
#
# Columns are the same as in /etc/shorewall/rules.
# A few examples should help show how Macros work.
#
# /etc/shorewall/macro.FwdFTP:
#
#	#ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	ORIGINAL RATE	USER/
#	#				PORT(S)	PORT(S)	DEST	 LIMIT	GROUP
#	DNAT	-	-	tcp	21
#
# /etc/shorewall/rules:
#
#	#ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	ORIGINAL RATE	USER/
#	#				PORT(S)	PORT(S)	DEST	 LIMIT	GROUP
#	FwdFTP	net	loc:192.168.1.5
#
# The result is equivalent to:
#
#	#ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	ORIGINAL RATE	USER/
#	#				PORT(S)	PORT(S)	DEST	 LIMIT	GROUP
#	DNAT	net	loc:192.168.1.5	tcp	21
#
# The substitution rules are as follows:
#
#	ACTION column		If in the invocation of the macro, the macro
#				name is followed by slash ("/") and a second
#				name, the second name is substituted for each
#				entry in the macro whose ACTION is PARAM
#
#				For example, if macro FOO is invoked as
#				FOO/ACCEPT then when expanding macro.FOO,
#				Shorewall will substitute ACCEPT in each
#				entry in macro.FOO whose ACTION column
#				contains PARAM. PARAM may be optionally
#				followed by a colon and a log level.
#
#				You may also follow the
#
#				Any logging specified when the macro is
#				invoked is applied to each entry in the macros.
#
#	SOURCE and DEST		If the column in the macro is empty then the
#	columns			value in the rules file is used. If the column
#				in the macro is non-empty then any value in
#				the rules file is appended with a ":"
#				separator.
#
#	Example:		###############################################
#				#ACTION	 SOURCE	DEST		PROTO	DEST
#				#					PORT(S)
#		macro.FTP File	PARAM	 net	loc		tcp	21
#		rules File	FTP/DNAT -	192.168.1.5
#		Result		DNAT	 net	loc:192.168.1.5	tcp	21
#
#	Remaining		Any value in the rules file REPLACES the value
#	columns			given in the macro file.
#
# Multiple parameters may be passed to a macro. Within this file, $1 refers to the first parameter,
# $2 to the second an so on. $1 is a synonym for PARAM but may be used anywhere in the file whereas
# PARAM may only be used in the ACTION column.
#
# You can specify default values for parameters by using DEFAULT or DEFAULTS entry:
#
#      DEFAULTS  <default for $1>,<default for $2>,...
#
#######################################################################################################
#                                         DO NOT REMOVE THE FOLLOWING LINE
?FORMAT 2
#################################################################################################################################################################################################
#ACTION		SOURCE		DEST		PROTO	DEST	SOURCE		ORIGINAL	RATE		USER/	MARK	CONNLIMIT	TIME         HEADERS         SWITCH        HELPER
#							PORT	PORT(S)		DEST		LIMIT		GROUP