Reconcile ipsec masq implementation and documentation

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1875 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall2/changelog.txt

@@ -202,3 +202,6 @@ Changes since 2.0.3
 98) Fix mis-leading typo in tunnels.
 
 99) Fix brain-dead ipsec option handling in setup_masq().
+
+100) Reconcile ipsec masq file implementation with the documentation.
+

Shorewall2/firewall

@@ -4884,6 +4884,7 @@ setup_masq()
 
 	for option in $options; do
 	    case $option in
+		[Yy]es)         ;;
 		strict)         policy="$policy --strict" ;;
 		next)           policy="$policy --next" ;;
 		reqid=*)        policy="$policy --reqid ${option#*=}" ;;

Shorewall2/masq

@@ -116,6 +116,10 @@
 #				matches these options will have their source address
 #				changed.
 #
+#					Yes or yes -- must be the only option listed
+#					and matches all outbound traffic that will be
+#					encrypted.
+#
 #					reqid=<number> where <number> is specified
 #					using setkey(8) using the 'unique:<number>
 #					option for the SPD level.

Shorewall2/releasenotes.txt

@@ -520,7 +520,7 @@ New Features:
 
     The OPTIONS, IN OPTIONS and OUT OPTIONS columns specify the
     input-output, input and output characteristics of the security
-    policies to be used to decrypt (input) or encrypt (output) traffic
+    associations to be used to decrypt (input) or encrypt (output) traffic
     to/from the zone.
 
     The available options are: