Update for Shorewall 2.2.0

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Samples/three-interfaces/interfaces

@@ -76,6 +76,14 @@
 #				Check packets arriving on this interface
 #				against the /etc/shorewall/blacklist
 #				file.
+#		logmartians
+#				Turn on kernel martian logging (logging
+#				of packets with impossible source
+#				addresses. It is suggested that if you
+#				set routefilter on an interface that
+#				you also set logmartians. This option
+#				may also be enabled globally in the
+#				/etc/shorewall/shorewall.conf file.
 #		maclist
 #				Connection requests from this interface
 #				are compared against the contents of
@@ -105,9 +113,19 @@
 #				which are not part of an established connection
 #				will be accepted from this interface, even if
 #				NEWNOTSYN=No has been specified in 
-#				/etc/shorewall/shorewall.conf.
+#				/etc/shorewall/shorewall.conf. In other
+#				words, packets coming in on this interface
+#				are processed as if NEWNOTSYN=Yes had been
+#				specified in /etc/shorewall/shorewall.conf.
 #
 #				This option has no effect if NEWNOTSYN=Yes.
+#
+#				It is the opinion of the author that
+#				NEWNOTSYN=No creates more problems than
+#				it solves and I recommend against using
+#				that setting in shorewall.conf (hence
+#				making the use of the 'newnotsyn'
+#				interface option unnecessary).
 #		routeback
 #				If specified, indicates that Shorewall
 #				should include rules that allow filtering