"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "manpages/shorewall-blrules.xml" between
shorewall-docs-xml-5.2.3.6.tar.bz2 and shorewall-docs-xml-5.2.6.tar.bz2

About: Shorewall (The Shoreline Firewall) is an iptables based firewall (documentation; XML)

[ To the main shorewall (docs-xml) source changes report ]

shorewall-blrules.xml  (shorewall-docs-xml-5.2.3.6.tar.bz2):shorewall-blrules.xml  (shorewall-docs-xml-5.2.6.tar.bz2)
skipping to change at line 32 skipping to change at line 32
</cmdsynopsis> </cmdsynopsis>
</refsynopsisdiv> </refsynopsisdiv>
<refsect1> <refsect1>
<title>Description</title> <title>Description</title>
<para>This file is used to perform blacklisting and whitelisting.</para> <para>This file is used to perform blacklisting and whitelisting.</para>
<para>Rules in this file are applied depending on the setting of BLACKLIST <para>Rules in this file are applied depending on the setting of BLACKLIST
in <ulink in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5).</para> url="shorewall.conf.html">shorewall.conf</ulink>(5).</para>
<para>The format of rules in this file is the same as the format of rules <para>The format of rules in this file is the same as the format of rules
in <ulink url="/manpages/shorewall-rules.html">shorewall-rules in <ulink url="shorewall-rules.html">shorewall-rules
(5)</ulink>. The difference in the two files lies in the ACTION (first) (5)</ulink>. The difference in the two files lies in the ACTION (first)
column.</para> column.</para>
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><emphasis role="bold">ACTION- {<emphasis <term><emphasis role="bold">ACTION- {<emphasis
role="bold">ACCEPT</emphasis>|BLACKLIST|blacklog|CONTINUE|DROP|A_DROP|RE JECT|A_REJECT|<emphasis role="bold">ACCEPT</emphasis>|BLACKLIST|blacklog|CONTINUE|DROP|A_DROP|RE JECT|A_REJECT|<emphasis
role="bold">WHITELIST</emphasis>|<emphasis role="bold">WHITELIST</emphasis>|<emphasis
role="bold">LOG</emphasis>|<emphasis role="bold">LOG</emphasis>|<emphasis
role="bold">QUEUE</emphasis>|<emphasis role="bold">QUEUE</emphasis>|<emphasis
skipping to change at line 72 skipping to change at line 72
<varlistentry> <varlistentry>
<term><emphasis role="bold">BLACKLIST</emphasis></term> <term><emphasis role="bold">BLACKLIST</emphasis></term>
<listitem> <listitem>
<para>Added in Shorewall 4.5.3. This is actually a macro that <para>Added in Shorewall 4.5.3. This is actually a macro that
expands as follows:</para> expands as follows:</para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>If BLACKLIST_LOGLEVEL is specified in <ulink <para>If BLACKLIST_LOGLEVEL is specified in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5 ), url="shorewall.conf.html">shorewall.conf</ulink>(5),
then the macro expands to <emphasis then the macro expands to <emphasis
role="bold">blacklog</emphasis>.</para> role="bold">blacklog</emphasis>.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>Otherwise it expands to the action specified for <para>Otherwise it expands to the action specified for
BLACKLIST_DISPOSITION in <ulink BLACKLIST_DISPOSITION in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5 ).</para> url="shorewall.conf.html">shorewall.conf</ulink>(5).</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">blacklog</emphasis></term> <term><emphasis role="bold">blacklog</emphasis></term>
<listitem> <listitem>
<para>May only be used if BLACKLIST_LOGLEVEL is specified in <para>May only be used if BLACKLIST_LOGLEVEL is specified in
<ulink url="/manpages/shorewall.conf.html">shorewall.conf <ulink url="shorewall.conf.html">shorewall.conf
</ulink>(5). Logs, audits (if specified) and applies the </ulink>(5). Logs, audits (if specified) and applies the
BLACKLIST_DISPOSITION specified in <ulink BLACKLIST_DISPOSITION specified in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink> url="shorewall.conf.html">shorewall.conf</ulink>
(5).</para> (5).</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><emphasis <term><emphasis
role="bold">ACCEPT|CONTINUE|WHITELIST</emphasis></term> role="bold">ACCEPT|CONTINUE|WHITELIST</emphasis></term>
<listitem> <listitem>
<para>Exempt the packet from the remaining rules in this <para>Exempt the packet from the remaining rules in this
skipping to change at line 204 skipping to change at line 204
by itself.</para> by itself.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><emphasis>action</emphasis></term> <term><emphasis>action</emphasis></term>
<listitem> <listitem>
<para>The name of an <emphasis>action</emphasis> declared in <para>The name of an <emphasis>action</emphasis> declared in
<ulink <ulink
url="/manpages/shorewall-actions.html">shorewall-actions</ulink> (5) url="shorewall-actions.html">shorewall-actions</ulink>(5)
or in /usr/share/shorewall/actions.std.</para> or in /usr/share/shorewall/actions.std.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><emphasis>macro</emphasis></term> <term><emphasis>macro</emphasis></term>
<listitem> <listitem>
<para>The name of a macro defined in a file named <para>The name of a macro defined in a file named
macro.<emphasis>macro</emphasis>. If the macro accepts an macro.<emphasis>macro</emphasis>. If the macro accepts an
skipping to change at line 236 skipping to change at line 236
</varlistentry> </varlistentry>
</variablelist> </variablelist>
<para>The <emphasis role="bold">ACTION</emphasis> may optionally be <para>The <emphasis role="bold">ACTION</emphasis> may optionally be
followed by ":" and a syslog log level (e.g, REJECT:info or followed by ":" and a syslog log level (e.g, REJECT:info or
Web(ACCEPT):debug). This causes the packet to be logged at the Web(ACCEPT):debug). This causes the packet to be logged at the
specified level.</para> specified level.</para>
<para>If the <emphasis role="bold">ACTION</emphasis> names an <para>If the <emphasis role="bold">ACTION</emphasis> names an
<emphasis>action</emphasis> declared in <ulink <emphasis>action</emphasis> declared in <ulink
url="/manpages/shorewall-actions.html">shorewall-actions</ulink>(5) url="shorewall-actions.html">shorewall-actions</ulink>(5)
or in /usr/share/shorewall/actions.std then:</para> or in /usr/share/shorewall/actions.std then:</para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>If the log level is followed by "!' then all rules in the <para>If the log level is followed by "!' then all rules in the
action are logged at the log level.</para> action are logged at the log level.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>If the log level is not followed by "!" then only those <para>If the log level is not followed by "!" then only those
skipping to change at line 266 skipping to change at line 266
</itemizedlist> </itemizedlist>
<para>You may also specify <emphasis role="bold">NFLOG</emphasis> <para>You may also specify <emphasis role="bold">NFLOG</emphasis>
(must be in upper case) as a log level.This will log to the NFLOG (must be in upper case) as a log level.This will log to the NFLOG
target for routing to a separate log through use of ulogd (<ulink target for routing to a separate log through use of ulogd (<ulink
url="shorewall-logging.html">shorewall-logging.htm</ulink>).</para> url="shorewall-logging.html">shorewall-logging.htm</ulink>).</para>
<para>Actions specifying logging may be followed by a log tag (a <para>Actions specifying logging may be followed by a log tag (a
string of alphanumeric characters) which is appended to the string string of alphanumeric characters) which is appended to the string
generated by the LOGPREFIX (in <ulink generated by the LOGPREFIX (in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5)).</para> url="shorewall.conf.html">shorewall.conf</ulink>(5)).</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
<para>For the remaining columns, see <ulink <para>For the remaining columns, see <ulink
url="/manpages/shorewall-rules.html">shorewall-rules (5)</ulink>.</para> url="shorewall-rules.html">shorewall-rules (5)</ulink>.</para>
</refsect1> </refsect1>
<refsect1> <refsect1>
<title>Examples</title> <title>Examples</title>
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term>IPv4 Example 1:</term> <term>IPv4 Example 1:</term>
<listitem> <listitem>
skipping to change at line 335 skipping to change at line 335
<para>/etc/shorewall/blrules</para> <para>/etc/shorewall/blrules</para>
<para>/etc/shorewall6/blrules</para> <para>/etc/shorewall6/blrules</para>
</refsect1> </refsect1>
<refsect1> <refsect1>
<title>See ALSO</title> <title>See ALSO</title>
<para><ulink <para><ulink
url="/blacklisting_support.htm">http://www.shorewall.net/blacklisting_suppor t.htm</ulink></para> url="../blacklisting_support.htm">https://shorewall.org/blacklisting_support .htm</ulink></para>
<para><ulink <para><ulink
url="/configuration_file_basics.htm#Pairs">http://www.shorewall.net/configur ation_file_basics.htm#Pairs</ulink></para> url="../configuration_file_basics.htm#Pairs">https://shorewall.org/configura tion_file_basics.htm#Pairs</ulink></para>
<para>shorewall(8)</para> <para>shorewall(8)</para>
</refsect1> </refsect1>
</refentry> </refentry>
 End of changes. 12 change blocks. 
12 lines changed or deleted 12 lines changed or added
To the XML Documents section of the shorewall (docs-xml) source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)