From d3ca53bdd495e93a6d6ece2dd926ce7969437a10 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 16 Nov 2006 00:17:11 +0000
Subject: [PATCH] Restore template

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4892 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 manpages/shorewall-template.xml | 98 ++++++---------------------------
 1 file changed, 16 insertions(+), 82 deletions(-)

diff --git a/manpages/shorewall-template.xml b/manpages/shorewall-template.xml
index 5585e2d15..6f1b31a87 100644
--- a/manpages/shorewall-template.xml
+++ b/manpages/shorewall-template.xml
@@ -1,128 +1,62 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <refentry>
   <refmeta>
-    <refentrytitle>shorewall-blacklist</refentrytitle>
+    <refentrytitle>shorewall-</refentrytitle>
 
     <manvolnum>5</manvolnum>
   </refmeta>
 
   <refnamediv>
-    <refname>blacklist</refname>
+    <refname>file</refname>
 
-    <refpurpose>Shorewall Blacklist file</refpurpose>
+    <refpurpose>Shorewall file</refpurpose>
   </refnamediv>
 
   <refsynopsisdiv>
     <cmdsynopsis>
-      <command>/etc/shorewall/blacklist</command>
+      <command>/etc/shorewall/</command>
     </cmdsynopsis>
   </refsynopsisdiv>
 
   <refsect1>
     <title>Description</title>
 
-    <para>The blacklist file is used to perform static blacklisting. You can
-    blacklist by source address (IP or MAC), or by application. </para>
-
     <para>The columns in the file are as follows.</para>
 
     <variablelist>
       <varlistentry>
-        <term><emphasis role="bold">ADDRESS/SUBNET</emphasis></term>
+        <term>COLUMN 1</term>
 
         <listitem>
-          <para>Host address, network address, MAC address, IP address range
-          (if your kernel and iptables contain iprange match support) or ipset
-          name prefaced by "+" (i your kernel supports ipset match).</para>
-
-          <para>MAC addresses must be prefixed with "~" and use "-" as a
-          separator.</para>
-
-          <para>Example: ~00-A0-C9-15-39-78</para>
-
-          <para>A dash ("-") in this column means that any source address will
-          match. This is useful if you want to blacklist a particular
-          application.</para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term><emphasis role="bold">PROTOCOL</emphasis> (Optional)</term>
-
-        <listitem>
-          <para>If specified, must be a protocol number or a protocol name
-          from protocols(5).</para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term><emphasis role="bold">PORTS</emphasis> (Optional)</term>
-
-        <listitem>
-          <para>May only be specified if the protocol is TCP (6) or UDP (17).
-          A comma-separated list of destination port numbers or service names
-          from services(5).</para>
+          <para></para>
         </listitem>
       </varlistentry>
     </variablelist>
-
-    <para>When a packet arrives on an interface that has the <emphasis
-    role="bold">blacklist</emphasis> option specified in
-    shorewall-interfaces(5), its source IP address and MAC address is checked
-    against this file and disposed of according to the <emphasis
-    role="bold">BLACKLIST_DISPOSITION</emphasis> and <emphasis
-    role="bold">BLACKLIST_LOGLEVEL</emphasis> variables in shorewall.conf(5).
-    If <emphasis role="bold">PROTOCOL</emphasis> or <emphasis
-    role="bold">PROTOCOL</emphasis> and <emphasis role="bold">PORTS</emphasis>
-    are supplied, only packets matching the protocol (and one of the ports if
-    <emphasis role="bold">PORTS</emphasis> supplied) are blocked.</para>
   </refsect1>
 
   <refsect1>
     <title>Example</title>
 
-    <variablelist>
-      <varlistentry>
-        <term>Example 1:</term>
-
-        <listitem>
-          <para>To block DNS queries from address 192.0.2.126:</para>
-
-          <programlisting>        #ADDRESS/SUBNET         PROTOCOL        PORT
-        192.0.2.126             udp             53</programlisting>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term>Example 2:</term>
-
-        <listitem>
-          <para>To block some of the nuisance applicataion:</para>
-
-          <programlisting>        #ADDRESS/SUBNET         PROTOCOL        PORT
-        -                       udp             1024:1033,1434
-        -                       tcp             57,1433,1434,2401,2745,3127,3306,3410,4899,5554,6101,8081,9898</programlisting>
-        </listitem>
-      </varlistentry>
-    </variablelist>
+    <para></para>
   </refsect1>
 
   <refsect1>
     <title>FILES</title>
 
-    <para>/etc/shorewall/blacklist</para>
+    <para>/etc/shorewall/</para>
   </refsect1>
 
   <refsect1>
     <title>See ALSO</title>
 
     <para>shorewall(8), shorewall-accounting(5), shorewall-actions(5),
-    shorewall-hosts(5), shorewall-interfaces(5), shorewall-ipsec(5),
-    shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5),
-    shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
-    shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_routes(5),
-    shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
-    shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
-    shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)</para>
+    shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
+    shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
+    shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
+    shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
+    shorewall-route_routes(5), shorewall-routestopped(5), shorewall-rules(5),
+    shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
+    shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
+    shorewall-zones(5)</para>
   </refsect1>
 </refentry>
\ No newline at end of file