More manpage correctsions (both Shorewall and Shorewall6)

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9119 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

manpages-lite/shorewall-lite.xml

@@ -263,7 +263,7 @@
       <arg choice="plain"><option>show</option></arg>
 
       <arg
-      choice="req"><option>actions|classifiers|connections|config|macros|zones</option></arg>
+      choice="req"><option>actions|classifiers|connections|config|zones</option></arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
@@ -581,8 +581,8 @@
 
         <listitem>
           <para>Restart is similar to <emphasis role="bold">shorewall-lite
-          stop</emphasis> followed by <emphasis role="bold">shorewall-lite
-          start</emphasis>. Existing connections are maintained.</para>
+          start</emphasis> but assumes that the firewall is already started.
+          Existing connections are maintained.</para>
 
           <para>The <option>-n</option> option causes Shorewall to avoid
           updating the routing table(s).</para>
@@ -703,15 +703,6 @@
               </listitem>
             </varlistentry>
 
-            <varlistentry>
-              <term><emphasis role="bold">macros</emphasis></term>
-
-              <listitem>
-                <para>Displays information about each macro defined on the
-                firewall system.</para>
-              </listitem>
-            </varlistentry>
-
             <varlistentry>
               <term><emphasis role="bold">mangle</emphasis></term>
 
@@ -770,7 +761,7 @@
           saved configuration specified by the RESTOREFILE option in <ulink
           url="shorewall-lite.conf.html">shorewall-lite.conf</ulink>(5) will
           be restored if that saved configuration exists and has been modified
-          more recently than the files in /etc/shorewall. </para>
+          more recently than the files in /etc/shorewall.</para>
 
           <para>The <option>-n</option> option causes Shorewall to avoid
           updating the routing table(s).</para>

manpages/shorewall.xml

@@ -1055,8 +1055,8 @@
 
         <listitem>
           <para>Restart is similar to <emphasis role="bold">shorewall
-          stop</emphasis> followed by <emphasis role="bold">shorewall
-          start</emphasis>. Existing connections are maintained. If a
+          start</emphasis> except that it assumes that the firewall is already
+          started. Existing connections are maintained. If a
           <emphasis>directory</emphasis> is included in the command, Shorewall
           will look in that <emphasis>directory</emphasis> first for
           configuration files.</para>

manpages6-lite/shorewall6-lite.conf.xml

@@ -46,12 +46,12 @@
     <variablelist>
       <varlistentry>
         <term><emphasis
-        role="bold">IPTABLES=</emphasis>[<emphasis>pathname</emphasis>]</term>
+        role="bold">IP6TABLES=</emphasis>[<emphasis>pathname</emphasis>]</term>
 
         <listitem>
-          <para>This parameter names the iptables executable to be used by
+          <para>This parameter names the ip6tables executable to be used by
           Shorewall6. If not specified or if specified as a null value, then
-          the iptables executable located using the PATH option is
+          the ip6tables executable located using the PATH option is
           used.</para>
         </listitem>
       </varlistentry>
@@ -61,8 +61,8 @@
         role="bold">LOGFILE=</emphasis>[<emphasis>pathname</emphasis>]</term>
 
         <listitem>
-          <para>This parameter tells the /sbin/shorewall6 program where to look
-          for Shorewall6 messages when processing the <emphasis
+          <para>This parameter tells the /sbin/shorewall6 program where to
+          look for Shorewall6 messages when processing the <emphasis
           role="bold">dump</emphasis>, <emphasis
           role="bold">logwatch</emphasis>, <emphasis role="bold">show
           log</emphasis>, and <emphasis role="bold">hits</emphasis> commands.
@@ -119,14 +119,13 @@
 
       <varlistentry>
         <term><emphasis
-        role="bold">SHOREWALL6_SHELL=</emphasis>[<emphasis>pathname</emphasis>]</term>
+        role="bold">SHOREWALL_SHELL=</emphasis>[<emphasis>pathname</emphasis>]</term>
 
         <listitem>
           <para>This option is used to specify the shell program to be used to
-          run the Shorewall6 compiler and to interpret the compiled script. If
-          not specified or specified as a null value, /bin/sh is assumed.
-          Using a light-weight shell such as ash or dash can significantly
-          improve performance.</para>
+          interpret the compiled script. If not specified or specified as a
+          null value, /bin/sh is assumed. Using a light-weight shell such as
+          ash or dash can significantly improve performance.</para>
         </listitem>
       </varlistentry>
 
@@ -137,9 +136,9 @@
         <listitem>
           <para>This parameter should be set to the name of a file that the
           firewall should create if it starts successfully and remove when it
-          stops. Creating and removing this file allows Shorewall6 to work with
-          your distribution's initscripts. For RedHat, this should be set to
-          /var/lock/subsys/shorewall6. For Debian, the value is
+          stops. Creating and removing this file allows Shorewall6 to work
+          with your distribution's initscripts. For RedHat, this should be set
+          to /var/lock/subsys/shorewall6. For Debian, the value is
           /var/state/shorewall6 and in LEAF it is /var/run/shorwall.</para>
         </listitem>
       </varlistentry>
@@ -187,8 +186,9 @@
     shorewall6-ipsec(5), shorewall6-maclist(5), shorewall6-masq(5),
     shorewall6-nat(5), shorewall6-netmap(5), shorewall6-params(5),
     shorewall6-policy(5), shorewall6-providers(5), shorewall6-proxyarp(5),
-    shorewall6-route_rules(5), shorewall6-routestopped(5), shorewall6-rules(5),
-    shorewall6-tcclasses(5), shorewall6-tcdevices(5), shorewall6-tcrules(5),
-    shorewall6-tos(5), shorewall6-tunnels(5), shorewall6-zones(5)</para>
+    shorewall6-route_rules(5), shorewall6-routestopped(5),
+    shorewall6-rules(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5),
+    shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5),
+    shorewall6-zones(5)</para>
   </refsect1>
 </refentry>

manpages6-lite/shorewall6-lite.xml

@@ -232,7 +232,7 @@
       <arg choice="plain"><option>show</option></arg>
 
       <arg
-      choice="req"><option>actions|classifiers|connections|config|macros|zones</option></arg>
+      choice="req"><option>actions|classifiers|connections|config|zones</option></arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
@@ -246,7 +246,7 @@
 
       <arg><option>-x</option></arg>
 
-      <arg choice="req"><option>mangle|nat</option></arg>
+      <arg choice="plain"><option>mangle</option></arg>
     </cmdsynopsis>
 
     <cmdsynopsis>
@@ -607,20 +607,11 @@
               <term><emphasis role="bold">connections</emphasis></term>
 
               <listitem>
-                <para>Displays the IP connections currently being tracked by
+                <para>Displays the IPv6 connections currently being tracked by
                 the firewall.</para>
               </listitem>
             </varlistentry>
 
-            <varlistentry>
-              <term><emphasis role="bold">macros</emphasis></term>
-
-              <listitem>
-                <para>Displays information about each macro defined on the
-                firewall system.</para>
-              </listitem>
-            </varlistentry>
-
             <varlistentry>
               <term><emphasis role="bold">mangle</emphasis></term>
 
@@ -634,19 +625,6 @@
               </listitem>
             </varlistentry>
 
-            <varlistentry>
-              <term><emphasis role="bold">nat</emphasis></term>
-
-              <listitem>
-                <para>Displays the Netfilter nat table using the command
-                <emphasis role="bold">ip6tables -t nat -L -n -v</emphasis>.The
-                <emphasis role="bold">-x</emphasis> option is passed directly
-                through to iptables and causes actual packet and byte counts
-                to be displayed. Without this option, those counts are
-                abbreviated.</para>
-              </listitem>
-            </varlistentry>
-
             <varlistentry>
               <term><emphasis role="bold">tc</emphasis></term>
 
@@ -734,7 +712,7 @@
     <title>See ALSO</title>
 
     <para><ulink
-    url="http://www.shorewall.net/starting_and_stopping_shorewall6.htm">http://www.shorewall.net/starting_and_stopping_shorewall6.htm</ulink></para>
+    url="http://www.shorewall.net/starting_and_stopping_shorewall6.htm">http://www.shorewall.net/starting_and_stopping_shorewall.htm</ulink></para>
 
     <para>shorewall6-accounting(5), shorewall6-actions(5),
     shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),

manpages6/shorewall6.conf.xml

@@ -545,7 +545,7 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
           the ip6tables executable located using the PATH option is
           used.</para>
 
-          <para>Regardless of how the IP6TABLES utility is located (specified
+          <para>Regardless of how the ip6tables utility is located (specified
           via IP6TABLES= or located via PATH), Shorewall6 uses the
           ip6tables-restore and ip6tables-save utilities from that same
           directory.</para>
@@ -625,7 +625,7 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
             logging from the nat table's PREROUTING chain is:</para>
 
             <programlisting>    Shorewall:nat:PREROUTING
- </programlisting>
+</programlisting>
 
             <important>
               <para>To help insure that all packets in the NEW state are
@@ -1096,67 +1096,6 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
         </listitem>
       </varlistentry>
 
-      <varlistentry>
-        <term><emphasis role="bold">USE_DEFAULT_RT=</emphasis>[<emphasis
-        role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
-
-        <listitem>
-          <para>When set to 'Yes', this option causes the Shorewall6 multi-ISP
-          feature to create a different set of routing rules which are
-          resilient to changes in the main routing table. Such changes can
-          occur for a number of reasons, VPNs going up and down being an
-          example. The idea is to send packets through the main table prior to
-          applying any of the Shorewall6-generated routing rules. So changes
-          to the main table will affect the routing of packets by
-          default.</para>
-
-          <para>When USE_DEFAULT_RT=Yes:</para>
-
-          <orderedlist>
-            <listitem>
-              <para>Both the DUPLICATE and the COPY columns in <ulink
-              url="shorewall6-providers.html">providers</ulink>(5) file must
-              remain empty (or contain "-").</para>
-            </listitem>
-
-            <listitem>
-              <para>The default route is added to the the 'default' table
-              rather than to the main table.</para>
-            </listitem>
-
-            <listitem>
-              <para><emphasis role="bold">balance</emphasis> is assumed unless
-              <emphasis role="bold">loose</emphasis> is specified.</para>
-            </listitem>
-
-            <listitem>
-              <para>Packets are sent through the main routing table by a rule
-              with priority 999. In <ulink
-              url="shorewall6-routing_rules.html">routing_rules</ulink>(5),
-              the range 1-998 may be used for inserting rules that bypass the
-              main table.</para>
-            </listitem>
-
-            <listitem>
-              <para>All provider gateways must be specified explicitly in the
-              GATEWAY column. <emphasis role="bold">detect</emphasis> may not
-              be specified.</para>
-            </listitem>
-
-            <listitem>
-              <para>You should disable all default route management outside of
-              Shorewall6. If a default route is added to the main table while
-              Shorewall6 is started, then all policy routing will stop working
-              (except for those routing rules in the priority range
-              1-998).</para>
-            </listitem>
-          </orderedlist>
-
-          <para>If USE_DEFAULT_RT is not set or if it is set to the empty
-          string then USE_DEFAULT_RT=No is assumed.</para>
-        </listitem>
-      </varlistentry>
-
       <varlistentry>
         <term><emphasis
         role="bold">VERBOSITY=</emphasis>[<emphasis>number</emphasis>]</term>

manpages6/shorewall6.xml

@@ -838,8 +838,8 @@
 
         <listitem>
           <para>Restart is similar to <emphasis role="bold">shorewall6
-          stop</emphasis> followed by <emphasis role="bold">shorewall6
-          start</emphasis>. Existing connections are maintained. If a
+          start</emphasis> except that it assumes that the firewall is already
+          started. Existing connections are maintained. If a
           <emphasis>directory</emphasis> is included in the command,
           Shorewall6 will look in that <emphasis>directory</emphasis> first
           for configuration files.</para>