Add warning about side effects of ADD_SNAT_ALIASES and ADD_IP_ALIASES

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/shorewall.conf

@@ -372,6 +372,10 @@ IP_FORWARDING=On
 # for each NAT external address that you give in /etc/shorewall/nat. If you say
 # "No" or "no", you must add these aliases youself.
 #
+# WARNING: Addresses added by ADD_IP_ALIASES=Yes are deleted and re-added during
+# processing of the "shorewall restart" command. As a consequence, connections
+# using those addresses may be severed.
+#
 
 ADD_IP_ALIASES=Yes
 
@@ -383,6 +387,10 @@ ADD_IP_ALIASES=Yes
 # say "No" or "no", you must add these aliases youself. LEAVE THIS SET TO "No"
 # unless you are sure that you need it -- most people don't!!!
 #
+# WARNING: Addresses added by ADD_SNAT_ALIASES=Yes are deleted and re-added during
+# processing of the "shorewall restart" command. As a consequence, connections
+# using those addresses may be severed.
+#
 
 ADD_SNAT_ALIASES=No
 
@@ -811,9 +819,9 @@ MAPOLDACTIONS=No
 # going from the 'loc' zone to the 'net' zone, ESTABLISHED/RELATED packets are
 # ACCEPTED in the 'loc2net' chain.
 #
-# If you set FASTACCEPT=Yes, then ESTABLISHED/RELEATED packets are accepted 
+# If you set FASTACCEPT=Yes, then ESTABLISHED/RELEATED packets are accepted
 # early in the INPUT, FORWARD and OUTPUT chains. If you set
-# FASTACCEPT=Yes then you may not specify ESTABLISHED policies in 
+# FASTACCEPT=Yes then you may not specify ESTABLISHED policies in
 # /etc/shorewall/policy.
 
 FASTACCEPT=No