diff --git a/docs/Actions.xml b/docs/Actions.xml
index 00650e501..80c25bec3 100644
--- a/docs/Actions.xml
+++ b/docs/Actions.xml
@@ -193,17 +193,6 @@ ACCEPT - - tcp 135,139,445
action begins with a capital letter; that way, the name won't conflict
with a Shorewall-defined chain name.
- The name of the action may be optionally followed by a colon
- (:
) and ACCEPT, DROP or REJECT. When this is done, the
- named action will become the default action for
- policies of type ACCEPT, DROP or REJECT, respectively. The default
- action is applied immediately before the policy is enforced (before
- any logging is done under that policy) and is used mainly to suppress
- logging of uninteresting traffic which would otherwise clog your logs.
- The same policy name can appear in multiple actions; the last such
- action for each policy name is the one which Shorewall will
- use.
-
Shorewall includes pre-defined actions for DROP and REJECT --
see above.
@@ -506,74 +495,6 @@ ACCEPT:debug - - tcp 22
bar:debug
-
- If you define an action acton
and you have an
- /etc/shorewall/acton script, when that script is
- invoked, the following three variables will be set for use by the
- script:
-
-
-
- $CHAIN = the name of the chain where your rules are to be
- placed. When logging is used on an action invocation, Shorewall
- creates a chain with a slightly different name from the action
- itself.
-
-
-
- $LEVEL = Log level. If empty, no logging was specified.
-
-
-
- $TAG = Log Tag.
-
-
-
- Example:
-
- /etc/shorewall/rules:
-
- #ACTION SOURCE DEST
-acton:info:test $FW net
-
- Your /etc/shorewall/acton file will be run
- with:
-
-
-
- $CHAIN=%acton1
-
-
-
- $LEVEL=info
-
-
-
- $TAG=test
-
-
-
- Shorewall-perl sets lexical variables as follows:
-
-
-
- $chainref is a reference to the
- chain-table entry for the chain where your rules are to be
- placed.
-
-
-
- $level is the log level. If
- false, no logging was specified.
-
-
-
- $tag is the log tag.
-
-
-
- For an example of how to use these variablesl, see this article.
@@ -591,6 +512,29 @@ acton:info:test $FW net
An action to drop all broadcast packets
+ If you define an action acton
and you have an
+ /etc/shorewall/acton script, the rules compiler
+ sets lexical variables as follows:
+
+
+
+ $chainref is a reference to
+ the chain-table entry for the chain where your rules are to be
+ placed.
+
+
+
+ $level is the log level. If
+ false, no logging was specified.
+
+
+
+ $tag is the log tag.
+
+
+
+ Example:
+
/etc/shorewall/actionsDropBcasts
/etc/shorewall/action.DropBcasts# This file is empty/etc/shorewall/DropBcastsuse Shorewall::Chains;