holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Manpage updates:

Browse Source 
- interfaces: Clarify the 'bridge' option
- rtrules:    Warn about similar rules with same priority
This commit is contained in:
Tom Eastep 2017-02-10 11:43:04 -08:00
parent 7e984af094
commit 09fda9eb6c
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
4 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall/manpages/shorewall-interfaces.xml
View File

@ -303,6 +303,12 @@ loc eth2 -</programlisting>
<para>Designates the interface as a bridge. Beginning with <para>Designates the interface as a bridge. Beginning with
Shorewall 4.4.7, setting this option also sets Shorewall 4.4.7, setting this option also sets
<option>routeback</option>.</para> <option>routeback</option>.</para>
<note>
<para>If you have a bridge that you don't intend to define
bport zones on, then it is best to omit this option and
simply specify <option>routeback</option>.</para>
</note>
</listitem> </listitem>
</varlistentry> </varlistentry>

11
Shorewall/manpages/shorewall-rtrules.xml
View File

@ -129,6 +129,17 @@
<para>Beginning with Shorewall 5.0.2, the priority may be followed <para>Beginning with Shorewall 5.0.2, the priority may be followed
optionally by an exclaimation mark ("!"). This causes the rule to optionally by an exclaimation mark ("!"). This causes the rule to
remain in place if the interface is disabled.</para> remain in place if the interface is disabled.</para>
<caution>
<para>Be careful when using rules of the same PRIORITY as some
unexpected behavior can occur when multiple rules have the same
SOURCE. For example, in the following rules, the second rule
overwrites the first unless the priority in the second is changed
to 19001 or higher:</para>
<programlisting>10.10.0.0/24 192.168.5.6 provider1 19000
10.10.0.0/24 - provider2 19000</programlisting>
</caution>
</listitem> </listitem>
</varlistentry> </varlistentry>

6
Shorewall6/manpages/shorewall6-interfaces.xml
View File

@ -234,6 +234,12 @@ loc eth2 -</programlisting>
<para>Designates the interface as a bridge. Beginning with <para>Designates the interface as a bridge. Beginning with
Shorewall 4.4.7, setting this option also sets Shorewall 4.4.7, setting this option also sets
<option>routeback</option>.</para> <option>routeback</option>.</para>
<note>
<para>If you have a bridge that you don't intend to define
bport zones on, then it is best to omit this option and
simply specify <option>routeback</option>.</para>
</note>
</listitem> </listitem>
</varlistentry> </varlistentry>

11
Shorewall6/manpages/shorewall6-rtrules.xml
View File

@ -129,6 +129,17 @@
<para>Beginning with Shorewall 5.0.2, the priority may be followed <para>Beginning with Shorewall 5.0.2, the priority may be followed
optionally by an exclaimation mark ("!"). This causes the rule to optionally by an exclaimation mark ("!"). This causes the rule to
remain in place if the interface is disabled.</para> remain in place if the interface is disabled.</para>
<caution>
<para>Be careful when using rules of the same PRIORITY as some
unexpected behavior can occur when multiple rules have the same
SOURCE. For example, in the following rules, the second rule
overwrites the first unless the priority in the second is changed
to 19001 or higher:</para>
<programlisting>2601:601:8b00:bf0::/64 2001:470:b:787::542 provider1 19000
2601:601:8b00:bf0::/64 - provider2 19000</programlisting>
</caution>
</listitem> </listitem>
</varlistentry> </varlistentry>