New syntax convention in accounting manpage

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4973 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

manpages/shorewall-accounting.xml

@@ -30,7 +30,10 @@
 
     <variablelist>
       <varlistentry>
-        <term><emphasis role="bold">ACTION</emphasis></term>
+        <term><emphasis role="bold">ACTION</emphasis> — {<emphasis
+        role="bold">COUNT</emphasis>|<emphasis
+        role="bold">DONE</emphasis>|<emphasis>chain</emphasis>[:<emphasis
+        role="bold">COUNT</emphasis>]}</term>
 
         <listitem>
           <para>What to do when a matching packet is found.</para>
@@ -56,8 +59,9 @@
             </varlistentry>
 
             <varlistentry>
-              <term><emphasis>chain</emphasis>:<emphasis
+              <term><emphasis>chain</emphasis>[<emphasis
-              role="bold">COUNT</emphasis></term>
+              role="bold">:</emphasis><emphasis
+              role="bold">COUNT</emphasis>]</term>
 
               <listitem>
                 <para>Where <emphasis>chain</emphasis> is the name of a chain.
@@ -73,19 +77,27 @@
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">CHAIN</emphasis></term>
+        <term><emphasis role="bold">CHAIN</emphasis> — {<emphasis
+        role="bold">-</emphasis>|<emphasis>chain</emphasis>}</term>
 
         <listitem>
-          <para>The name of a chain. If specified as <emphasis
+          <para>The name of a <emphasis>chain</emphasis>. If specified as
-          role="bold">-</emphasis> the <emphasis
+          <emphasis role="bold">-</emphasis> the <emphasis
           role="bold">accounting</emphasis> chain is assumed. This is the
-          chain where the accounting rule is added. The chain will be created
+          chain where the accounting rule is added. The
-          if it doesn't already exist.</para>
+          <emphasis>chain</emphasis> will be created if it doesn't already
+          exist.</para>
         </listitem>
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">SOURCE</emphasis></term>
+        <term><emphasis role="bold">SOURCE</emphasis> — {<emphasis
+        role="bold">-</emphasis>|<emphasis
+        role="bold">any</emphasis>|<emphasis
+        role="bold">all</emphasis>|<emphasis
+        role="bold">$FW</emphasis>[<emphasis
+        role="bold">:</emphasis><emphasis>address</emphasis>]|<emphasis>interface</emphasis>|<emphasis>interface</emphasis><emphasis
+        role="bold">:</emphasis><emphasis>address</emphasis>|<emphasis>address</emphasis>}</term>
 
         <listitem>
           <para>Packet Source.</para>
@@ -96,7 +108,11 @@
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">DESTINATION</emphasis></term>
+        <term><emphasis role="bold">DESTINATION</emphasis> — {<emphasis
+        role="bold">-</emphasis>|<emphasis
+        role="bold">any</emphasis>|<emphasis
+        role="bold">all</emphasis>|<emphasis>interface</emphasis>|<emphasis>interface</emphasis><emphasis
+        role="bold">:</emphasis><emphasis>address</emphasis>|<emphasis>address</emphasis>}</term>
 
         <listitem>
           <para>Packet Destination.</para>
@@ -107,38 +123,53 @@
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">PROTOCOL</emphasis></term>
+        <term><emphasis role="bold">PROTOCOL</emphasis> — {<emphasis
+        role="bold">-</emphasis>|<emphasis
+        role="bold">any</emphasis>|<emphasis
+        role="bold">all</emphasis>|<emphasis>protocol-name</emphasis>|<emphasis>protocol-number</emphasis>|<emphasis
+        role="bold">ipp2p</emphasis>[<emphasis
+        role="bold">:</emphasis>{<emphasis
+        role="bold">udp</emphasis>|<emphasis
+        role="bold">all</emphasis>}]}</term>
 
         <listitem>
-          <para>A protocol name (from protocols(5)), a protocol number,
+          <para>A <emphasis>protocol-name</emphasis> (from protocols(5)), a
-          <emphasis role="bold">ipp2p</emphasis>, <emphasis
+          <emphasis>protocol-number</emphasis>, <emphasis
+          role="bold">ipp2p</emphasis>, <emphasis
           role="bold">ipp2p:udp</emphasis> or <emphasis
           role="bold">ipp2p:all</emphasis></para>
         </listitem>
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">DEST PORT(S)</emphasis></term>
+        <term><emphasis role="bold">DEST PORT(S)</emphasis> — Value:
+        {<emphasis role="bold">-</emphasis>|<emphasis
+        role="bold">any</emphasis>|<emphasis
+        role="bold">all</emphasis>|<emphasis>ipp2p-option</emphasis>|<emphasis>port-name-or-number</emphasis>[,<emphasis>port-name-or-number</emphasis>]...}</term>
 
         <listitem>
           <para>Destination Port number. If the PROTOCOL is <emphasis
-          role="bold">ipp2p</emphasis> then this column must contain an ipp2p
+          role="bold">ipp2p</emphasis> then this column must contain an
-          option ("iptables -m ipp2p --help") without the leading "--". If no
+          <emphasis>ipp2p-option</emphasis> ("iptables -m ipp2p --help")
-          option is given in this column, "ipp2p" is assumed.</para>
+          without the leading "--". If no option is given in this column,
+          "ipp2p" is assumed.</para>
 
           <para>Service name from services(5) or <emphasis>port
           number</emphasis>. May only be specified if the protocol is
           <emphasis role="bold">tcp</emphasis> or <emphasis
           role="bold">udp</emphasis> (6 or 17).</para>
 
-          <para>You may place a comma-separated list of port numbers in this
+          <para>You may place a comma-separated list of port names or numbers
-          column if your kernel and iptables include multiport match
+          in this column if your kernel and iptables include multiport match
           support.</para>
         </listitem>
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">SOURCE PORT(S)</emphasis></term>
+        <term><emphasis role="bold">SOURCE PORT(S)</emphasis> — {<emphasis
+        role="bold">-</emphasis>|<emphasis
+        role="bold">any</emphasis>|<emphasis
+        role="bold">all</emphasis>|<emphasis>port-name-or-number</emphasis>[,<emphasis>port-name-or-number</emphasis>]...}</term>
 
         <listitem>
           <para>Source Port Service name from services(5) or <emphasis>port
@@ -152,17 +183,15 @@
       </varlistentry>
 
       <varlistentry>
-        <term><emphasis role="bold">USER/GROUP</emphasis></term>
+        <term><emphasis role="bold">USER/GROUP</emphasis> — [<emphasis
+        role="bold">!</emphasis>][<emphasis>user-name-or-number</emphasis>][<emphasis
+        role="bold">:</emphasis><emphasis>group-name-or-number</emphasis>][<emphasis
+        role="bold">+</emphasis><emphasis>program-name</emphasis>]</term>
 
         <listitem>
           <para>This column may only be non-empty if the <emphasis
-          role="bold">SOURCE</emphasis> is the firewall itself.</para>
+          role="bold">SOURCE</emphasis> is the firewall itself (<emphasis
-
+          role="bold">$FW</emphasis>).</para>
-          <para>The column may contain:</para>
-
-          <para>[!][<emphasis>user name or number</emphasis>][:<emphasis>group
-          name or number</emphasis>][+<emphasis>program
-          name</emphasis>]</para>
 
           <para>When this column is non-empty, the rule applies only if the
           program generating the output is running under the effective