holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Clarify SWITCH settings and reload

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2019-04-25 14:26:18 -07:00
parent c127cec76c
commit 8b0cfdf779
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
3 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Shorewall/manpages/shorewall-files.xml
View File

@ -720,9 +720,9 @@ DNAT { source=net dest=loc:10.0.0.1 proto=tcp dport=80 mark=88 }</programlisting
<refsect1> <refsect1>
<title>Time Columns</title> <title>Time Columns</title>
<para>Several of the files include a TIME column that allows you to specify <para>Several of the files include a TIME column that allows you to
times when the rule is to be applied. Contents of this column is a list of specify times when the rule is to be applied. Contents of this column is a
<replaceable>timeelement</replaceable>s separated by apersands list of <replaceable>timeelement</replaceable>s separated by apersands
(&amp;).</para> (&amp;).</para>
<para>Each <replaceable>timeelement</replaceable> is one of the <para>Each <replaceable>timeelement</replaceable> is one of the
@ -898,11 +898,10 @@ DNAT { source=net dest=loc:10.0.0.1 proto=tcp dport=80 mark=88 }</programlisting
<para>here are times when you would like to enable or disable one or more <para>here are times when you would like to enable or disable one or more
rules in the configuration without having to do a <command>shorewall rules in the configuration without having to do a <command>shorewall
reload</command> or <command>shorewall restart</command>. This may be reload</command>. This may be accomplished using the SWITCH column in
accomplished using the SWITCH column in <ulink <ulink url="manpages/shorewall-rules.html">shorewall-rules</ulink> (5) or
url="manpages/shorewall-rules.html">shorewall-rules</ulink> (5) or <ulink <ulink url="manpages6/shorewall6-rules.html">shorewall6-rules</ulink> (5).
url="manpages6/shorewall6-rules.html">shorewall6-rules</ulink> (5). Using Using this column requires that your kernel and iptables include
this column requires that your kernel and iptables include
<firstterm>Condition Match Support</firstterm> and you must be running <firstterm>Condition Match Support</firstterm> and you must be running
Shorewall 4.4.24 or later. See the output of <command>shorewall show Shorewall 4.4.24 or later. See the output of <command>shorewall show
capabilities</command> and <command>shorewall version</command> to capabilities</command> and <command>shorewall version</command> to
@ -930,7 +929,7 @@ DNAT { source=net dest=loc:10.0.0.1 proto=tcp dport=80 mark=88 }</programlisting
role="bold">on</emphasis>. If you precede the switch name with ! (e.g., role="bold">on</emphasis>. If you precede the switch name with ! (e.g.,
!switch1), then the rule is enabled only when the switch is <emphasis !switch1), then the rule is enabled only when the switch is <emphasis
role="bold">off</emphasis>. Switch settings are retained over role="bold">off</emphasis>. Switch settings are retained over
<command>shorewall restart</command>.</para> <command>shorewall reload</command>.</para>
<para>Shorewall requires that switch names:</para> <para>Shorewall requires that switch names:</para>

4
Shorewall/manpages/shorewall-mangle.xml
View File

@ -1583,7 +1583,7 @@ Normal-Service =&gt; 0x00</programlisting>
<listitem> <listitem>
<para>Added in Shorewall 5.1.0 and allows enabling and disabling the <para>Added in Shorewall 5.1.0 and allows enabling and disabling the
rule without requiring <command>shorewall restart</command>.</para> rule without requiring <command>shorewall reload</command>.</para>
<para>The rule is enabled if the value stored in <para>The rule is enabled if the value stored in
<filename>/proc/net/nf_condition/<replaceable>switch-name</replaceable></filename> <filename>/proc/net/nf_condition/<replaceable>switch-name</replaceable></filename>
@ -1614,7 +1614,7 @@ Normal-Service =&gt; 0x00</programlisting>
</simplelist> </simplelist>
<para>Switch settings are retained over <command>shorewall <para>Switch settings are retained over <command>shorewall
restart</command>.</para> reload</command>.</para>
<para>When the <replaceable>switch-name</replaceable> is followed by <para>When the <replaceable>switch-name</replaceable> is followed by
<option>=0</option> or <option>=1</option>, then the switch is <option>=0</option> or <option>=1</option>, then the switch is

4
Shorewall/manpages/shorewall-rules.xml
View File

@ -2342,7 +2342,7 @@
<listitem> <listitem>
<para>Added in Shorewall 4.4.24 and allows enabling and disabling <para>Added in Shorewall 4.4.24 and allows enabling and disabling
the rule without requiring <command>shorewall the rule without requiring <command>shorewall
restart</command>.</para> reload</command>.</para>
<para>The rule is enabled if the value stored in <para>The rule is enabled if the value stored in
<filename>/proc/net/nf_condition/<replaceable>switch-name</replaceable></filename> <filename>/proc/net/nf_condition/<replaceable>switch-name</replaceable></filename>
@ -2373,7 +2373,7 @@
</simplelist> </simplelist>
<para>Switch settings are retained over <command>shorewall <para>Switch settings are retained over <command>shorewall
restart</command>.</para> reload</command>.</para>
<para>Beginning with Shorewall 4.5.10, when the <para>Beginning with Shorewall 4.5.10, when the
<replaceable>switch-name</replaceable> is followed by <replaceable>switch-name</replaceable> is followed by