holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Correct routestopped files.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2014-03-02 10:39:12 -08:00
parent 4eadec234a
commit caa72fb7d2
2 changed files with 11 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall/manpages/shorewall-routestopped.xml
View File

@ -118,7 +118,7 @@
</varlistentry>
<varlistentry>
<term>notrack</term>
<term><emphasis role="bold">notrack</emphasis></term>
<listitem>
<para>The traffic will be exempted from connection
@ -126,6 +126,13 @@
</listitem>
</varlistentry>
</variablelist>
<note>
<para>The <emphasis role="bold">source</emphasis> and <emphasis
role="bold">dest</emphasis> options work best when used in
conjunction with ADMINISABSENTMINDED=Yes in <ulink
url="shorewall6.conf.html">shorewall6.conf</ulink>(5).</para>
</note>
</listitem>
</varlistentry>

25
Shorewall6/manpages/shorewall6-routestopped.xml
View File

@ -114,30 +114,11 @@
</varlistentry>
<varlistentry>
<term><emphasis role="bold">critical</emphasis></term>
<term><emphasis role="bold">notrack</emphasis></term>
<listitem>
<para>Allow traffic between the firewall and these hosts
throughout '[re]start', 'stop' and 'clear'. Specifying
<emphasis role="bold">critical</emphasis> on one or more
entries will cause your firewall to be "totally open" for a
brief window during each of those operations. Examples of
where you might want to use this are:</para>
<itemizedlist>
<listitem>
<para>'Ping' nodes with heartbeat.</para>
</listitem>
<listitem>
<para>LDAP server(s) if you use LDAP Authentication</para>
</listitem>
<listitem>
<para>NFS Server if you have an NFS-mounted root
filesystem.</para>
</listitem>
</itemizedlist>
<para>The traffic will be exempted from connection
tracking.</para>
</listitem>
</varlistentry>
</variablelist>