Add a note about the SOURCE and DEST columns

2010-12-24 14:03:55 -08:00 · 2010-12-24 14:03:55 -08:00 · 29da130eef
commit 29da130eef
parent ce8f33b623
2 changed files with 15 additions and 6 deletions
--- a/docs/Actions.xml
+++ b/docs/Actions.xml
@ -224,6 +224,9 @@ ACCEPT   -              -               tcp     135,139,445

      <para>When using Shorewall 4.4.16 or later, there are no restrictions
      regarding which targets can be used within your action.</para>
+
+      <para>The SOURCE and DEST columns in the action file may not include
+      zone names; those are given when the action is invoked.</para>
    </section>

    <section>
@ -578,7 +581,7 @@ add_rule $chainref, '-d 224.0.0.0/4 -j DROP';
 Limit:none:SSHA,3,60   net               $FW            tcp         22</programlisting>

    <para>Using Shorewall 4.4.16 or later, you can also invoke the action this
-    way: </para>
+    way:</para>

    <programlisting>#ACTION                SOURCE            DEST           PROTO       DEST PORT(S)
 Limit(SSHA,3,60):none  net               $FW            tcp         22</programlisting>
--- a/docs/LennyToSqueeze.xml
+++ b/docs/LennyToSqueeze.xml
@ -120,7 +120,7 @@
      </listitem>
    </orderedlist>

-    <para>In Squeeze, there are five packages:</para>
+    <para>In Squeeze, there are six slightly different packages:</para>

    <orderedlist>
      <listitem>
@ -144,6 +144,12 @@
        runs IPv6 firewall scripts.</para>
      </listitem>

+      <listitem>
+        <para>shorewall-init — Allows the firewall to be closed before
+        interfaces are brought up and also allows the firewall to react to
+        interfaces coming up and going down.</para>
+      </listitem>
+
      <listitem>
        <para>shorewall-doc — Documentation.</para>
      </listitem>
@ -223,8 +229,8 @@
            by Shorewall 4.4.x</emphasis></para>

            <para>You should not be receiving this error if you are upgrading
-            from Lenny since BRIDGING=Yes did not work in that
-            release<footnote>
+            from Lenny since BRIDGING=Yes did not work in that release
+            either<footnote>
                <para>If you are upgrading from a release using a kernel
                earlier than 2.6.20, then BRIDGING=Yes did work correctly with
                Shorewall-shell.</para>
@ -424,8 +430,8 @@ loc     Local           The local LAN</programlisting>
 #                                       OPTIONS                 OPTIONS</programlisting>

      <para>You will need to add an entry for your firewall zone. The default
-      name for the firewall zone is 'fw' but may have been overriden using
-      <link linkend="FW">the FW option in
+      name for the firewall zone is 'fw' but may have been overriden in your
+      old configuration using <link linkend="FW">the FW option in
      <filename>shorewall.conf</filename></link>.</para>

      <programlisting>#ZONE   TYPE            OPTIONS         IN                      OUT