From 4c6014aa9c8875336816ad35f49a5e3fe7cb9005 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sat, 21 Jul 2007 15:45:25 +0000
Subject: [PATCH] Document ipset name restrictions

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6924 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 docs/Shorewall-perl.xml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/Shorewall-perl.xml b/docs/Shorewall-perl.xml
index 0e52e1e2f..dad75032c 100644
--- a/docs/Shorewall-perl.xml
+++ b/docs/Shorewall-perl.xml
@@ -366,6 +366,12 @@ insert_rule $filter_table-&gt;{OUTPUT},     1, "-p udp --sport 1701 -j ACCEPT";
           </listitem>
 
           <listitem>
+            <para>Shorewall-perl insists that ipset names begin with a letter
+            and be composed of alphanumeric characters and underscores (_).
+            When used in a Shorewall configuration file, the name must be
+            preceded by a plus sign (+) as with the shell-based
+            compiler.</para>
+
             <para>Shorewall is now out of the ipset load/reload business. With
             scripts generated by the Perl-based Compiler, the Netfilter
             ruleset is never cleared. That means that there is no opportunity