| shorewall-providers.xml (shorewall-docs-xml-5.2.3.6.tar.bz2) | : | shorewall-providers.xml (shorewall-docs-xml-5.2.6.tar.bz2) |
|---|
| | |
| skipping to change at line 82 | | skipping to change at line 82 |
|---|
| provider must be assigned a unique value.</para> | | provider must be assigned a unique value.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">MARK</emphasis> (Optional) - | | <term><emphasis role="bold">MARK</emphasis> (Optional) - |
| <emphasis>value</emphasis></term> | | <emphasis>value</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| <para>A FWMARK <emphasis>value</emphasis> used in your <ulink | | <para>A FWMARK <emphasis>value</emphasis> used in your <ulink |
|
| url="/manpages/shorewall-mangle.html">shorewall-mangle(5)</ulink> | | url="shorewall-mangle.html">shorewall-mangle(5)</ulink> file to |
| file to direct packets to this provider.</para> | | direct packets to this provider.</para> |
| | |
| <para>If PROVIDER_OFFSET is non-zero in <ulink | | <para>If PROVIDER_OFFSET is non-zero in <ulink |
|
| url="/manpages/shorewall.conf.html">shorewall.conf(5)</ulink>, then | | url="shorewall.conf.html">shorewall.conf(5)</ulink>, then the value |
| the value must be a multiple of 2^^PROVIDER_OFFSET. In all cases, | | must be a multiple of 2^^PROVIDER_OFFSET. In all cases, the number |
| the number of significant bits may not exceed PROVIDER_OFFSET + | | of significant bits may not exceed PROVIDER_OFFSET + |
| PROVIDER_BITS.</para> | | PROVIDER_BITS.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">DUPLICATE</emphasis> - | | <term><emphasis role="bold">DUPLICATE</emphasis> - |
| <emphasis>routing-table-name</emphasis></term> | | <emphasis>routing-table-name</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| <para>The name of an existing table to duplicate to create this | | <para>The name of an existing table to duplicate to create this |
| routing table. May be <option>main</option> or the name of a | | routing table. May be <option>main</option> or the name of a |
| previously listed provider. You may select only certain entries from | | previously listed provider. You may select only certain entries from |
| the table to copy by using the COPY column below. This column should | | the table to copy by using the COPY column below. This column should |
| contain a dash ("-') when USE_DEFAULT_RT=Yes in <ulink | | contain a dash ("-') when USE_DEFAULT_RT=Yes in <ulink |
|
| url="/manpages/shorewall.conf.html">shorewall.conf(5)</ulink>.</para> | | url="shorewall.conf.html">shorewall.conf(5)</ulink>.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">INTERFACE</emphasis> - | | <term><emphasis role="bold">INTERFACE</emphasis> - |
| <emphasis>interface</emphasis>[:<emphasis>address</emphasis>]</term> | | <emphasis>interface</emphasis>[:<emphasis>address</emphasis>]</term> |
| | |
| <listitem> | | <listitem> |
| <para>The name of the network interface to the provider. Must be | | <para>The name of the network interface to the provider. Must be |
| listed in <ulink | | listed in <ulink |
|
| url="/manpages/shorewall-interfaces.html">shorewall-interfaces(5)</uli | | url="shorewall-interfaces.html">shorewall-interfaces(5)</ulink>. In |
| nk>. | | general, that interface should not have the |
| In general, that interface should not have the | | |
| <option>proxyarp</option> or <option>proxyndp</option> option | | <option>proxyarp</option> or <option>proxyndp</option> option |
| specified unless <option>loose</option> is given in the OPTIONS | | specified unless <option>loose</option> is given in the OPTIONS |
| column of this entry.</para> | | column of this entry.</para> |
| | |
| <important> | | <important> |
| <para>For IPv6, if the interface is an Ethernet device and an IP | | <para>For IPv6, if the interface is an Ethernet device and an IP |
| address is supplied, it should be the upstream router's link-level | | address is supplied, it should be the upstream router's link-level |
| address, not its global address.</para> | | address, not its global address.</para> |
| </important> | | </important> |
| | |
| | |
| skipping to change at line 193 | | skipping to change at line 193 |
|---|
| <para>If specified, inbound connections on this interface are | | <para>If specified, inbound connections on this interface are |
| to be tracked so that responses may be routed back out this | | to be tracked so that responses may be routed back out this |
| same interface.</para> | | same interface.</para> |
| | |
| <para>You want to specify <option>track</option> if internet | | <para>You want to specify <option>track</option> if internet |
| hosts will be connecting to local servers through this | | hosts will be connecting to local servers through this |
| provider.</para> | | provider.</para> |
| | |
| <para>Beginning with Shorewall 4.4.3, <option>track</option> | | <para>Beginning with Shorewall 4.4.3, <option>track</option> |
| defaults to the setting of the TRACK_PROVIDERS option in | | defaults to the setting of the TRACK_PROVIDERS option in |
|
| <ulink | | <ulink url="shorewall.conf.html">shorewall.conf</ulink> (5). |
| url="/manpages/shorewall.conf.html">shorewall.conf</ulink> | | If you set TRACK_PROVIDERS=Yes and want to override that |
| (5). If you set TRACK_PROVIDERS=Yes and want to override that | | |
| setting for an individual provider, then specify | | setting for an individual provider, then specify |
| <option>notrack</option> (see below).</para> | | <option>notrack</option> (see below).</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis | | <term><emphasis |
| role="bold">balance[=<replaceable>weight</replaceable>]</emphasis>
</term> | | role="bold">balance[=<replaceable>weight</replaceable>]</emphasis>
</term> |
| | |
| <listitem> | | <listitem> |
| | |
| skipping to change at line 290 | | skipping to change at line 289 |
|---|
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">optional (deprecated for use with | | <term><emphasis role="bold">optional (deprecated for use with |
| providers that do not share an interface)</emphasis></term> | | providers that do not share an interface)</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| <para>If the interface named in the INTERFACE column is not up | | <para>If the interface named in the INTERFACE column is not up |
| and configured with an IPv4 address then ignore this provider. | | and configured with an IPv4 address then ignore this provider. |
| If not specified, the value of the <option>optional</option> | | If not specified, the value of the <option>optional</option> |
| option for the INTERFACE in <ulink | | option for the INTERFACE in <ulink |
|
| url="/manpages/shorewall-interfaces.html">shorewall-interfaces(5
)</ulink> | | url="shorewall-interfaces.html">shorewall-interfaces(5)</ulink> |
| is assumed. Use of that option is preferred to this one, | | is assumed. Use of that option is preferred to this one, |
| unless an <replaceable>address</replaceable> is provider in | | unless an <replaceable>address</replaceable> is provider in |
| the INTERFACE column.</para> | | the INTERFACE column.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">primary</emphasis></term> | | <term><emphasis role="bold">primary</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| | |
| skipping to change at line 346 | | skipping to change at line 345 |
|---|
| <varlistentry> | | <varlistentry> |
| <term><emphasis | | <term><emphasis |
| role="bold">fallback[=<replaceable>weight</replaceable>]</emphasis
></term> | | role="bold">fallback[=<replaceable>weight</replaceable>]</emphasis
></term> |
| | |
| <listitem> | | <listitem> |
| <para>Indicates that a default route through the provider | | <para>Indicates that a default route through the provider |
| should be added to the default routing table (table 253). If a | | should be added to the default routing table (table 253). If a |
| <replaceable>weight</replaceable> is given, a balanced route | | <replaceable>weight</replaceable> is given, a balanced route |
| is added with the weight of this provider equal to the | | is added with the weight of this provider equal to the |
| specified <replaceable>weight</replaceable>. If the option is | | specified <replaceable>weight</replaceable>. If the option is |
|
| given without a <replaceable>weight</replaceable>, an separate | | given without a <replaceable>weight</replaceable>, a separate |
| default route is added through the provider's gateway; the | | default route is added through the provider's gateway; the |
| route has a metric equal to the provider's NUMBER.</para> | | route has a metric equal to the provider's NUMBER.</para> |
| | |
| <para>Prior to Shorewall 4.4.24, the option is ignored with a | | <para>Prior to Shorewall 4.4.24, the option is ignored with a |
| warning message if USE_DEFAULT_RT=Yes in | | warning message if USE_DEFAULT_RT=Yes in |
| <filename>shorewall.conf</filename>.</para> | | <filename>shorewall.conf</filename>.</para> |
| | |
| <caution> | | <caution> |
| <para>In IPV6, specifying the <option>fallback</option> | | <para>In IPV6, specifying the <option>fallback</option> |
| option on multiple providers does not cause balanced | | option on multiple providers does not cause balanced |
| | |
| skipping to change at line 370 | | skipping to change at line 369 |
|---|
| </caution> | | </caution> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">tproxy</emphasis></term> | | <term><emphasis role="bold">tproxy</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| <para>Added in Shorewall 4.5.4. Used for supporting the TPROXY | | <para>Added in Shorewall 4.5.4. Used for supporting the TPROXY |
| action in shorewall-mangle(5). See <ulink | | action in shorewall-mangle(5). See <ulink |
|
| url="/Shorewall_Squid_Usage.html">http://www.shorewall.net/Shore
wall_Squid_Usage.html</ulink>. | | url="../Shorewall_Squid_Usage.html">https://shorewall.org/Shorew
all_Squid_Usage.html</ulink>. |
| When specified, the MARK, DUPLICATE and GATEWAY columns should | | When specified, the MARK, DUPLICATE and GATEWAY columns should |
| be empty, INTERFACE should be set to 'lo' and | | be empty, INTERFACE should be set to 'lo' and |
| <option>tproxy</option> should be the only OPTION. Only one | | <option>tproxy</option> should be the only OPTION. Only one |
| <option>tproxy</option> provider is allowed.</para> | | <option>tproxy</option> provider is allowed.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">hostroute</emphasis></term> | | <term><emphasis role="bold">hostroute</emphasis></term> |
| | |
| | |
| skipping to change at line 393 | | skipping to change at line 392 |
|---|
| that results in a host route to the defined <emphasis | | that results in a host route to the defined <emphasis |
| role="bold">GATEWAY</emphasis> being inserted into the main | | role="bold">GATEWAY</emphasis> being inserted into the main |
| routing table and into the provider's routing table. <emphasis | | routing table and into the provider's routing table. <emphasis |
| role="bold">hostroute</emphasis> is required for older | | role="bold">hostroute</emphasis> is required for older |
| distributions but <emphasis role="bold">nohostroute</emphasis> | | distributions but <emphasis role="bold">nohostroute</emphasis> |
| (below) is appropriate for recent distributions. <emphasis | | (below) is appropriate for recent distributions. <emphasis |
| role="bold">hostroute</emphasis> may interfere with Zebra's | | role="bold">hostroute</emphasis> may interfere with Zebra's |
| ability to add routes on some distributions such as Debian 7. | | ability to add routes on some distributions such as Debian 7. |
| This option defaults to on when BALANCE_PROVIDERS=Yes, in | | This option defaults to on when BALANCE_PROVIDERS=Yes, in |
| <ulink | | <ulink |
|
| url="/manpages/shorewall.conf.html">shorewall.conf(5)</ulink>.</
para> | | url="shorewall.conf.html">shorewall.conf(5)</ulink>.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">nohostroute</emphasis></term> | | <term><emphasis role="bold">nohostroute</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| <para>Added in Shorewall 4.5.21. nohostroute inhibits addition | | <para>Added in Shorewall 4.5.21. nohostroute inhibits addition |
| of a host route to the defined <emphasis | | of a host route to the defined <emphasis |
| role="bold">GATEWAY</emphasis> being inserted into the main | | role="bold">GATEWAY</emphasis> being inserted into the main |
| routing table and into the provider's routing table. <emphasis | | routing table and into the provider's routing table. <emphasis |
| role="bold">nohostroute</emphasis> is not appropriate for | | role="bold">nohostroute</emphasis> is not appropriate for |
| older distributions but is appropriate for recent | | older distributions but is appropriate for recent |
| distributions. <emphasis role="bold">nohostroute</emphasis> | | distributions. <emphasis role="bold">nohostroute</emphasis> |
| allows Zebra's to correctly add routes on some distributions | | allows Zebra's to correctly add routes on some distributions |
| such as Debian 7. This option defaults to off when | | such as Debian 7. This option defaults to off when |
| BALANCE_PROVIDERS=Yes, in <ulink | | BALANCE_PROVIDERS=Yes, in <ulink |
|
| url="/manpages/shorewall.conf.html">shorewall.conf(5)</ulink>.</
para> | | url="shorewall.conf.html">shorewall.conf(5)</ulink>.</para> |
| </listitem> | | </listitem> |
| </varlistentry> | | </varlistentry> |
| | |
| <varlistentry> | | <varlistentry> |
| <term><emphasis role="bold">persistent</emphasis></term> | | <term><emphasis role="bold">persistent</emphasis></term> |
| | |
| <listitem> | | <listitem> |
| <para>Added in Shorewall 5.0.2 and alters the behavior of the | | <para>Added in Shorewall 5.0.2 and alters the behavior of the |
| <command>disable</command> command:</para> | | <command>disable</command> command:</para> |
| | |
| | |
| skipping to change at line 569 | | skipping to change at line 568 |
|---|
| | |
| <para>/etc/shorewall/providers</para> | | <para>/etc/shorewall/providers</para> |
| | |
| <para>/etc/shorewall6/providers</para> | | <para>/etc/shorewall6/providers</para> |
| </refsect1> | | </refsect1> |
| | |
| <refsect1> | | <refsect1> |
| <title>See ALSO</title> | | <title>See ALSO</title> |
| | |
| <para><ulink | | <para><ulink |
|
| url="/MultiISP.html">http://www.shorewall.net/MultiISP.html</ulink></para> | | url="../MultiISP.html">https://shorewall.org/MultiISP.html</ulink></para> |
| | |
| <para><ulink | | <para><ulink |
|
| url="/configuration_file_basics.htm#Pairs">http://www.shorewall.net/configur
ation_file_basics.htm#Pairs</ulink></para> | | url="../configuration_file_basics.htm#Pairs">https://shorewall.org/configura
tion_file_basics.htm#Pairs</ulink></para> |
| | |
| <para>shorewall(8)</para> | | <para>shorewall(8)</para> |
| </refsect1> | | </refsect1> |
| </refentry> | | </refentry> |
| | | |
| End of changes. 12 change blocks. |
|---|
| 19 lines changed or deleted | | 17 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 