Correct typo that cases restart failure.

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Accounting.pm

@@ -59,21 +59,21 @@ our $acctable;
 #
 
 use constant {
-	      LEGACY_SECTION      => 0,
+	      LEGACY      => 0,
-	      PREROUTING_SECTION  => 1,
+	      PREROUTING  => 1,
-	      INPUT_SECTION       => 2,
+	      INPUT       => 2,
-	      OUTPUT_SECTION      => 3,
+	      OUTPUT      => 3,
-	      FORWARD_SECTION     => 4,
+	      FORWARD     => 4,
-	      POSTROUTING_SECTION => 5
+	      POSTROUTING => 5
 	  };
 #
 # Map names to values
 #
-our %asections = ( PREROUTING  => PREROUTING_SECTION,
+our %asections = ( PREROUTING  => PREROUTING,
-		   INPUT       => INPUT_SECTION,
+		   INPUT       => INPUT,
-		   FORWARD     => FORWARD_SECTION,
+		   FORWARD     => FORWARD,
-		   OUTPUT      => OUTPUT_SECTION,
+		   OUTPUT      => OUTPUT,
-		   POSTROUTING => POSTROUTING_SECTION
+		   POSTROUTING => POSTROUTING
 		 );
 
 #
@@ -157,7 +157,7 @@ sub process_accounting_rule1( $$$$$$$$$$$ ) {
 
     $jumpchainref = 0;
 
-    $asection = LEGACY_SECTION if $asection < 0;
+    $asection = LEGACY if $asection < 0;
 
     our $disposition = '';
 

Shorewall/Perl/Shorewall/Chains.pm

@@ -138,17 +138,6 @@ our %EXPORT_TAGS = (
 				       ALL_COMMANDS
 				       NOT_RESTORE
 
-				       PREROUTING
-				       INPUT
-				       FORWARD
-				       OUTPUT
-				       POSTROUTING
-				       ALLCHAINS
-				       STICKY
-				       STICKO
-				       REALPREROUTING
-				       ACTIONCHAIN
-
 				       unreachable_warning
 				       state_match
 				       state_imatch
@@ -199,7 +188,6 @@ our %EXPORT_TAGS = (
 				       ensure_raw_chain
 				       ensure_rawpost_chain
 				       new_standard_chain
-				       new_action_chain
 				       new_builtin_chain
 				       new_nat_chain
 				       optimize_chain
@@ -468,22 +456,6 @@ use constant { NO_RESTRICT         => 0,   # FORWARD chain rule     - Both -i an
 	       ALL_RESTRICT        => 12,  # fw->fw rule            - neither -i nor -o allowed
 	       DESTIFACE_DISALLOW  => 32,  # Don't allow dest interface. Similar to INPUT_RESTRICT but generates a more relevant error message
 	       };
-#
-# Mangle Table allowed chains enumeration
-#
-use constant {
-    PREROUTING     => 1,        #Actually tcpre
-    INPUT          => 2,        #Actually tcin
-    FORWARD        => 4,        #Actually tcfor
-    OUTPUT         => 8,        #Actually tcout
-    POSTROUTING    => 16,       #Actually tcpost
-    ALLCHAINS      => 31,
-    STICKY         => 32,
-    STICKO         => 64,
-    REALPREROUTING => 128,
-    ACTIONCHAIN    => 256,
-};
-
 #
 # Possible IPSET options
 #
@@ -2353,7 +2325,6 @@ sub new_chain($$)
 		     filtered       => 0,
 		     optflags       => 0,
 		     origin         => shortlineinfo( '' ),
-		     restriction    => NO_RESTRICT,
 		   };
 
     trace( $chainref, 'N', undef, '' ) if $debug;
@@ -2767,13 +2738,6 @@ sub new_standard_chain($) {
     $chainref;
 }
 
-sub new_action_chain($$) {
-    my $chainref = &new_chain( @_ );
-    $chainref->{referenced} = 1;
-    $chainref->{allowedchains} = ALLCHAINS | REALPREROUTING | ACTIONCHAIN;
-    $chainref;
-}
-
 sub new_nat_chain($) {
     my $chainref = new_chain 'nat' ,$_[0];
     $chainref->{referenced} = 1;
@@ -8120,7 +8084,7 @@ sub save_docker_rules($) {
     emit( q(    [ -s ${VARDIR}/.filter_FORWARD ] || rm -f ${VARDIR}/.filter_FORWARD),
 	  q(else),
 	  q(    rm -f ${VARDIR}/.nat_DOCKER),
-	  q(    rm -f ${VARDIR}/.net_OUTPUT),
+	  q(    rm -f ${VARDIR}/.nat_OUTPUT),
 	  q(    rm -f ${VARDIR}/.nat_POSTROUTING),
 	  q(    rm -f ${VARDIR}/.filter_DOCKER),
 	  q(    rm -f ${VARDIR}/.filter_DOCKER-ISOLATION),

Shorewall/action.mangletemplate

@@ -1,22 +0,0 @@
-#
-# Shorewall version 5 - Mangle Action Template
-#
-# /etc/shorewall/action.mangletemplate
-#
-#	This file is a template for files with names of the form
-#	/etc/shorewall/action.<action-name> where <action> is an
-#	ACTION defined with the mangle option in /etc/shorewall/actions.
-#
-#	To define a new action:
-#
-#	1. Add the <action name> to /etc/shorewall/actions with the mangle option
-#	2. Copy this file to /etc/shorewall/action.<action name>
-#	3. Add the desired rules to that file.
-#
-#	Please see http://shorewall.net/Actions.html for additional
-#	information.
-#
-# Columns are the same as in /etc/shorewall/mangle.
-#
-####################################################################################################################################################
-#ACTION		SOURCE		DEST		PROTO	DPORT	SPORT	USER	TEST	LENGTH	TOS	CONNBYTES	HELPER	PROBABILITY	DSCP

Shorewall/manpages/shorewall-mangle.xml

@@ -123,21 +123,6 @@
           following.</para>
 
           <variablelist>
-            <varlistentry>
-              <term><emphasis
-              role="bold"><replaceable>action</replaceable>[([<replaceable>param</replaceable>[,...])]</emphasis></term>
-
-              <listitem>
-                <para>Added in Shorewall 5.0.7.
-                <replaceable>action</replaceable> must be an action declared
-                with the <option>mangle</option> option in <ulink
-                url="manpages/shorewall-actions.html">shorewall-actions(5)</ulink>.
-                If the action accepts paramaters, they are specified as a
-                comma-separated list within parentheses following the
-                <replaceable>action</replaceable> name.</para>
-              </listitem>
-            </varlistentry>
-
             <varlistentry>
               <term><emphasis
               role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term>
@@ -735,6 +720,33 @@ Normal-Service       =&gt; 0x00</programlisting>
               </listitem>
             </varlistentry>
           </variablelist>
+
+          <orderedlist numeration="arabic">
+            <listitem>
+              <para><emphasis role="bold">TTL</emphasis>([<emphasis
+              role="bold">-</emphasis>|<emphasis
+              role="bold">+</emphasis>]<replaceable>number</replaceable>)</para>
+
+              <para>Added in Shorewall 4.4.24.</para>
+
+              <para>Prior to Shorewall 4.5.7.2, may be optionally followed by
+              <emphasis role="bold">:F</emphasis> but the resulting rule is
+              always added to the FORWARD chain. Beginning with Shorewall
+              4.5.7.s, it may be optionally followed by <emphasis
+              role="bold">:P</emphasis>, in which case the rule is added to
+              the PREROUTING chain.</para>
+
+              <para>If <emphasis role="bold">+</emphasis> is included, packets
+              matching the rule will have their TTL incremented by
+              <replaceable>number</replaceable>. Similarly, if <emphasis
+              role="bold">-</emphasis> is included, matching packets have
+              their TTL decremented by <replaceable>number</replaceable>. If
+              neither <emphasis role="bold">+</emphasis> nor <emphasis
+              role="bold">-</emphasis> is given, the TTL of matching packets
+              is set to <replaceable>number</replaceable>. The valid range of
+              values for <replaceable>number</replaceable> is 1-255.</para>
+            </listitem>
+          </orderedlist>
         </listitem>
       </varlistentry>
 

Shorewall6/action.mangletemplate

@@ -1,22 +0,0 @@
-#
-# Shorewall version 5 - Mangle Action Template
-#
-# /etc/shorewall6/action.mangletemplate
-#
-#	This file is a template for files with names of the form
-#	/etc/shorewall/action.<action-name> where <action> is an
-#	ACTION defined with the mangle option in /etc/shorewall/actions.
-#
-#	To define a new action:
-#
-#	1. Add the <action name> to /etc/shorewall6/actions with the mangle option
-#	2. Copy this file to /etc/shorewall6/action.<action name>
-#	3. Add the desired rules to that file.
-#
-#	Please see http://shorewall.net/Actions.html for additional
-#	information.
-#
-# Columns are the same as in /etc/shorewall6/mangle.
-#
-############################################################################################################################################################
-#ACTION		SOURCE		DEST		PROTO	DPORT	SPORT	USER	TEST	LENGTH	TOS	CONNBYTES	HELPER	HEADERS	PROBABILITY	DSCP

Shorewall6/manpages/shorewall6-mangle.xml

@@ -124,21 +124,6 @@
           following.</para>
 
           <variablelist>
-            <varlistentry>
-              <term><emphasis
-              role="bold"><replaceable>action</replaceable>[([<replaceable>param</replaceable>[,...])]</emphasis></term>
-
-              <listitem>
-                <para>Added in Shorewall 5.0.7.
-                <replaceable>action</replaceable> must be an action declared
-                with the <option>mangle</option> option in <ulink
-                url="manpages6/shorewall6-actions.html">shorewall6-actions(5)</ulink>.
-                If the action accepts paramaters, they are specified as a
-                comma-separated list within parentheses following the
-                <replaceable>action</replaceable> name.</para>
-              </listitem>
-            </varlistentry>
-
             <varlistentry>
               <term><emphasis
               role="bold">ADD(<replaceable>ipset</replaceable>:<replaceable>flags</replaceable>)</emphasis></term>