Improve documentation of HIGH_ROUTE_MARKS in the configuration files

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3855 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/providers

@@ -24,9 +24,10 @@
 #			file to direct packets to this provider.
 #
 #			If HIGH_ROUTE_MARKS=Yes in shorewall.conf, then the
-#			value must between 0x0100 and 0xff00 and the
-#			low-order byte of the value must be zero. Otherwise,
-#			the value must be between 1 and 255.
+#			value must be a multiple of 256 between 256 and 65280
+#			or their hexadecimal equivalents (0x0100 and 0xff00
+#			with the low-order byte of the value being zero).
+#			Otherwise, the value must be between 1 and 255.
 #
 #	DUPLICATE	The name of an existing table to duplicate. May be
 #			'main' or the name of a previous provider.

Shorewall/shorewall.conf

@@ -860,10 +860,11 @@ IMPLICIT_CONTINUE=Yes
 #
 # Normally, Shorewall restricts the set of mark values to 1-255. If you set
 # HIGH_ROUTE_MARKS=Yes, Shorewall will rather restrict the set of routing
-# mark values (those specified in the /etc/shorewall/providers file) from
-# 0x0100 to 0XFF00 (with the low-order byte being zero). This allows
-# connection marks to be shared between traffic shaping and policy routing
-# (traffic shaping marks are always restricted to 1-255).
+# mark values (those specified in the /etc/shorewall/providers file) to
+# a multiple of 256 (256 to 65280) or their hexadecimal equivalents
+# (0x0100 to 0xff00, with the low-order byte of the value being zero).
+# This allows connection marks to be shared between traffic shaping and
+# policy routing. Traffic shaping marks are always restricted to 1-255.
 #
 # Setting HIGH_ROUTE_MARKS=Yes requires that your kernel and iptables support
 # both the extended CONNMARK target and the extended connmark match