Remove wrong information from description of the blacklist file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4547 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-09-08 14:47:08 +00:00 · 2006-09-08 14:47:08 +00:00 · 7fc803c7e5
commit 7fc803c7e5
parent 6293545800
1 changed files with 2 additions and 49 deletions
--- a/docs/Documentation.xml
+++ b/docs/Documentation.xml
@ -3847,58 +3847,11 @@ all      all     tcp         ftp-data          -               8</programlisting
        <term>PORTS</term>
        <listitem>
-          <para>Optional; may only be given if PROTOCOL is tcp, udp or icmp.
+          <para>Optional; may only be given if PROTOCOL is tcp or udp.
          Expressed as a comma-separated list of destination port numbers or
          service names (from /etc/services). If present, only packets
          matching the specified protocol and one of the listed destination
-          ports are blocked. When the PROTOCOL is icmp, the PORTS column
+          ports are blocked.</para>
          contains a comma-separated list of ICMP type numbers or names (see
          <quote>iptables -h icmp</quote>).</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term>OPTIONS</term>
        <listitem>
          <para>(Optional) A comma-separated list of options. The
          currently-supported options are:</para>
          <itemizedlist>
            <listitem>
              <para>routeback - Set up a rule to ACCEPT traffic from these
              hosts back to themselves.</para>
            </listitem>
            <listitem>
              <para>source - Allow traffic from these hosts to ANY
              destination. Without this option or the 'dest option, only
              traffic from this host to other listed hosts (and the firewall)
              is allowed. If 'source' is specified then 'routeback' is
              redundant.</para>
            </listitem>
            <listitem>
              <para>dest - Allow traffic to these hosts from ANY source.
              Without this option or the 'source' option, only traffic from
              this host to other listed hosts (and the firewall) is allowed.
              If 'dest' is specified then 'routeback' is redundant.</para>
            </listitem>
            <listitem>
              <para>critical - Allow traffic between the firewall and these
              hosts throughout '[re]start', 'stop' and 'clear'. Specifying
              'critical' on one or more entries will cause your firewall to be
              "totally open" for a brief window during each of those
              operations.</para>
            </listitem>
          </itemizedlist>
          <note>
            <para>The 'source' and 'dest' options work best when used in
            conjunction with ADMINISABSENTMINDED=Yes in
            /etc/shorewall/shorewall.conf.</para>
          </note>
        </listitem>
      </varlistentry>
    </variablelist>