Clarify variable expansion

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8032 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-09 15:52:02 +00:00 · 2008-01-09 15:52:02 +00:00 · 94d060101f
commit 94d060101f
parent c01d7f2ec7
2 changed files with 60 additions and 46 deletions
--- a/docs/FAQ.xml
+++ b/docs/FAQ.xml
@ -499,7 +499,7 @@ loc      eth1         detect       <emphasis role="bold">routeback</emphasis>
        <listitem>
          <para>In <filename>/etc/shorewall/masq</filename>:</para>
-          <programlisting>#INTERFACE              SUBNET          ADDRESS         PROTO   PORT(S)
+          <programlisting>#INTERFACE              SOURCE          ADDRESS         PROTO   PORT(S)
 <emphasis role="bold">eth1:192.168.1.5        eth1            192.168.1.254   tcp     www</emphasis></programlisting>
        </listitem>
@ -589,7 +589,7 @@ dmz      eth2         192.168.2.255   <emphasis role="bold">routeback</emphasis>
          <para>In /etc/shorewall/masq:</para>
-          <programlisting>#INTERFACE    SUBNETS     ADDRESS
+          <programlisting>#INTERFACE    SOURCE      ADDRESS
 <emphasis role="bold">eth2          eth2        192.168.2.254</emphasis></programlisting>
          <para>Like the silly hack in FAQ 2 above, this will make all
@ -2190,7 +2190,7 @@ ACCEPT     loc         modem     tcp       80</programlisting>
        <para><filename>/etc/shorewall/masq</filename>:</para>
-        <programlisting>#INTERFACE         SUBNET          ADDRESS
+        <programlisting>#INTERFACE         SOURCE          ADDRESS
 eth0               eth1                        # eth1 = interface to local network</programlisting>
        <para>For an example of this when the ADSL/Cable modem is bridged, see
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@ -383,45 +383,45 @@ smtp,www,pop3,imap  #Services running on the firewall</programlisting>
      <programlisting>     shorewall/params.mgmt:
-&nbsp;&nbsp;      MGMT_SERVERS=1.1.1.1,2.2.2.2,3.3.3.3
+        MGMT_SERVERS=1.1.1.1,2.2.2.2,3.3.3.3
- &nbsp;&nbsp;      TIME_SERVERS=4.4.4.4
+         TIME_SERVERS=4.4.4.4
- &nbsp;&nbsp;      BACKUP_SERVERS=5.5.5.5
+         BACKUP_SERVERS=5.5.5.5
-&nbsp;&nbsp;      ----- end params.mgmt -----
+        ----- end params.mgmt -----
-&nbsp;&nbsp;   shorewall/params:
+     shorewall/params:
-&nbsp;&nbsp;      # Shorewall 1.3 /etc/shorewall/params
+        # Shorewall 1.3 /etc/shorewall/params
- &nbsp;&nbsp;      [..]
+         [..]
- &nbsp;&nbsp;      #######################################
+         #######################################
- &nbsp;
+  
- &nbsp;&nbsp;      INCLUDE params.mgmt&nbsp;&nbsp;&nbsp; 
+         INCLUDE params.mgmt    
- &nbsp; 
+   
- &nbsp;&nbsp;    # params unique to this host here
+       # params unique to this host here
- &nbsp;&nbsp;    #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
+       #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
-&nbsp;&nbsp;     ----- end params -----
+       ----- end params -----
-&nbsp;&nbsp;   shorewall/rules.mgmt:
+     shorewall/rules.mgmt:
-&nbsp;&nbsp;     ACCEPT net:$MGMT_SERVERS&nbsp;&nbsp;&nbsp;$FW&nbsp;&nbsp;&nbsp;               tcp&nbsp;&nbsp;&nbsp; 22
+       ACCEPT net:$MGMT_SERVERS   $FW                  tcp    22
- &nbsp;&nbsp;    ACCEPT $FW&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;        net:$TIME_SERVERS&nbsp;&nbsp;&nbsp; udp&nbsp;&nbsp;&nbsp; 123
+       ACCEPT $FW                 net:$TIME_SERVERS    udp    123
- &nbsp;&nbsp;    ACCEPT $FW&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;        net:$BACKUP_SERVERS&nbsp; tcp&nbsp;&nbsp;&nbsp; 22
+       ACCEPT $FW                 net:$BACKUP_SERVERS  tcp    22
-&nbsp;&nbsp;    ----- end rules.mgmt -----
+      ----- end rules.mgmt -----
-&nbsp;&nbsp;   shorewall/rules:
+     shorewall/rules:
-&nbsp;&nbsp;    # Shorewall version 1.3 - Rules File
+      # Shorewall version 1.3 - Rules File
- &nbsp;&nbsp;    [..]
+       [..]
- &nbsp;&nbsp;    #######################################
+       #######################################
- &nbsp;
+  
- &nbsp;&nbsp;    INCLUDE rules.mgmt&nbsp;&nbsp;&nbsp;&nbsp; 
+       INCLUDE rules.mgmt     
- &nbsp; 
+   
- &nbsp;&nbsp;    # rules unique to this host here
+       # rules unique to this host here
- &nbsp;&nbsp;    #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
+       #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
-&nbsp;&nbsp;   ----- end rules -----</programlisting>
+     ----- end rules -----</programlisting>
    </example>
  </section>
@ -630,7 +630,7 @@ use Shorewall::Config qw/shorewall/;</programlisting>
    <itemizedlist>
      <listitem>
        <para>Must not have any embedded white space.<programlisting>     Valid:   routefilter,dhcp,norfc1918
-     Invalid: routefilter,&nbsp;&nbsp;&nbsp;&nbsp; dhcp,&nbsp;&nbsp;&nbsp;&nbsp; norfc1818</programlisting></para>
+     Invalid: routefilter,     dhcp,     norfc1818</programlisting></para>
      </listitem>
      <listitem>
@ -803,17 +803,17 @@ DNAT       net        loc:192.168.1.3 tcp       4000:4100</programlisting>
    <para>Example:</para>
    <blockquote>
-      <programlisting>&nbsp;&nbsp;&nbsp; /etc/shorewall/params
+      <programlisting>    /etc/shorewall/params
        NET_IF=eth0
        NET_BCAST=130.252.100.255
        NET_OPTIONS=routefilter,norfc1918
-&nbsp;&nbsp;&nbsp; /etc/shorewall/interfaces record:
+    /etc/shorewall/interfaces record:
        net $NET_IF $NET_BCAST $NET_OPTIONS
-&nbsp;&nbsp;&nbsp; The result will be the same as if the record had been written
+    The result will be the same as if the record had been written
        net eth0 130.252.100.255 routefilter,norfc1918
 </programlisting>
@ -877,6 +877,21 @@ DNAT       net        loc:192.168.1.3 tcp       4000:4100</programlisting>
        extension script.</para>
      </listitem>
    </orderedlist>
    <para>When expanding a variable, the acceptable forms of expansion depend
    on whether you are using Shorewall-shell or Shorewall-perl.</para>
    <itemizedlist>
      <listitem>
        <para>Shorewall-shell and all Shoreawll versions prior to 4.0 can use
        any form of expansion supported by the shell ($VAR, ${VAR},
        ${VAR:=val}, ...).</para>
      </listitem>
      <listitem>
        <para>Shorewall-perl only supports the $VAR and ${VAR} forms.</para>
      </listitem>
    </itemizedlist>
  </section>
  <section id="MAC">
@ -899,16 +914,15 @@ DNAT       net        loc:192.168.1.3 tcp       4000:4100</programlisting>
    <example id="mac">
      <title>MAC Address of an Ethernet Controller</title>
-      <programlisting> &nbsp;&nbsp;&nbsp;&nbsp; [root@gateway root]# <command>ifconfig eth0</command>
+      <programlisting>      [root@gateway root]# <command>ifconfig eth0</command>
- &nbsp;&nbsp;&nbsp;&nbsp; eth0 Link encap:Ethernet HWaddr <emphasis
+      eth0 Link encap:Ethernet HWaddr <emphasis role="bold">02:00:08:E3:FA:55</emphasis>
-          role="bold">02:00:08:E3:FA:55</emphasis>
+      inet addr:206.124.146.176 Bcast:206.124.146.255 Mask:255.255.255.0
- &nbsp;&nbsp;&nbsp;&nbsp; inet addr:206.124.146.176 Bcast:206.124.146.255 Mask:255.255.255.0
+      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- &nbsp;&nbsp;&nbsp;&nbsp; UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
+      RX packets:2398102 errors:0 dropped:0 overruns:0 frame:0
- &nbsp;&nbsp;&nbsp;&nbsp; RX packets:2398102 errors:0 dropped:0 overruns:0 frame:0
+      TX packets:3044698 errors:0 dropped:0 overruns:0 carrier:0
- &nbsp;&nbsp;&nbsp;&nbsp; TX packets:3044698 errors:0 dropped:0 overruns:0 carrier:0
+      collisions:30394 txqueuelen:100
- &nbsp;&nbsp;&nbsp;&nbsp; collisions:30394 txqueuelen:100
+      RX bytes:419871805 (400.4 Mb) TX bytes:1659782221 (1582.8 Mb)
- &nbsp;&nbsp;&nbsp;&nbsp; RX bytes:419871805 (400.4 Mb) TX bytes:1659782221 (1582.8 Mb)
+      Interrupt:11 Base address:0x1800
 &nbsp;&nbsp;&nbsp;&nbsp; Interrupt:11 Base address:0x1800
 </programlisting>
    </example>