forked from extern/shorewall_code
Clarify 'loose'
This commit is contained in:
Tom Eastep
parent
d84458518e
commit
795ffb7212
@ -235,7 +235,7 @@
|
|||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Use mark values > 255 for provider marks in this
|
<para>Use mark values > 255 for provider marks in this
|
||||||
column. </para>
|
column.</para>
|
||||||
|
|
||||||
<itemizedlist>
|
<itemizedlist>
|
||||||
<listitem>
|
<listitem>
|
||||||
@ -428,6 +428,16 @@
|
|||||||
this provider. Useful for defining providers that are to be
|
this provider. Useful for defining providers that are to be
|
||||||
used only when the appropriate packet mark is
|
used only when the appropriate packet mark is
|
||||||
applied.</para>
|
applied.</para>
|
||||||
|
|
||||||
|
<para>Shorewall makes no attempt to consolidate the routing
|
||||||
|
rules added when <emphasis role="bold">loose</emphasis> is
|
||||||
|
not specified. So, if you have multiple IP addresses on a
|
||||||
|
provider interface, you may be able to replace the rules
|
||||||
|
that Shorewall generates with one or two rules in
|
||||||
|
<filename>/etc/shorewall/route_rules</filename>. In that
|
||||||
|
case, you can specify <emphasis role="bold">loose</emphasis>
|
||||||
|
to suppress Shorewall's rule generation. See the <link
|
||||||
|
linkend="Complete">example</link> below.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user