From cc861d0d6c243d4a4dbadf05862b53edd0ef6f03 Mon Sep 17 00:00:00 2001
From: Wouter van Bommel <wouter@vanbommelonline.nl>
Date: Wed, 23 May 2012 21:57:04 +0200
Subject: [PATCH] Patch to add shorewall6 module

---
 shorewall6/CHANGELOG                       |   43 +
 shorewall6/acl_security.pl                 |   32 +
 shorewall6/backup_config.pl                |   51 +
 shorewall6/check.cgi                       |   22 +
 shorewall6/clear.cgi                       |   18 +
 shorewall6/config                          |    5 +
 shorewall6/config.info                     |    7 +
 shorewall6/config.info.ca                  |    7 +
 shorewall6/config.info.de                  |    0
 shorewall6/config.info.es                  |    5 +
 shorewall6/config.info.fr                  |    7 +
 shorewall6/config.info.nl                  |    7 +
 shorewall6/defaultacl                      |    2 +
 shorewall6/delete.cgi                      |   19 +
 shorewall6/down.cgi                        |   14 +
 shorewall6/dump.cgi                        |   15 +
 shorewall6/edit.cgi                        |   55 +
 shorewall6/editcmt.cgi                     |   37 +
 shorewall6/images/.xvpics/hosts.gif        |  Bin 0 -> 2374 bytes
 shorewall6/images/.xvpics/nat.gif          |    5 +
 shorewall6/images/.xvpics/policy.gif       |    5 +
 shorewall6/images/.xvpics/routestopped.gif |    5 +
 shorewall6/images/.xvpics/tunnels.gif      |  Bin 0 -> 2374 bytes
 shorewall6/images/.xvpics/zones.gif        |    5 +
 shorewall6/images/after.gif                |  Bin 0 -> 82 bytes
 shorewall6/images/before.gif               |  Bin 0 -> 84 bytes
 shorewall6/images/blacklist.gif            |  Bin 0 -> 2450 bytes
 shorewall6/images/down.gif                 |  Bin 0 -> 108 bytes
 shorewall6/images/gap.gif                  |  Bin 0 -> 73 bytes
 shorewall6/images/hosts.gif                |  Bin 0 -> 1067 bytes
 shorewall6/images/icon.gif                 |  Bin 0 -> 2403 bytes
 shorewall6/images/interfaces.gif           |  Bin 0 -> 362 bytes
 shorewall6/images/masq.gif                 |  Bin 0 -> 1535 bytes
 shorewall6/images/nat.gif                  |  Bin 0 -> 1481 bytes
 shorewall6/images/params.gif               |  Bin 0 -> 306 bytes
 shorewall6/images/policy.gif               |  Bin 0 -> 372 bytes
 shorewall6/images/providers.gif            |  Bin 0 -> 315 bytes
 shorewall6/images/proxyndp.gif             |  Bin 0 -> 311 bytes
 shorewall6/images/routestopped.gif         |  Bin 0 -> 1939 bytes
 shorewall6/images/rules.gif                |  Bin 0 -> 2918 bytes
 shorewall6/images/shorewall6.conf.gif      |  Bin 0 -> 478 bytes
 shorewall6/images/smallicon.gif            |  Bin 0 -> 1238 bytes
 shorewall6/images/tos.gif                  |  Bin 0 -> 402 bytes
 shorewall6/images/tunnels.gif              |  Bin 0 -> 1206 bytes
 shorewall6/images/up.gif                   |  Bin 0 -> 103 bytes
 shorewall6/images/zones.gif                |  Bin 0 -> 1631 bytes
 shorewall6/index.cgi                       |  104 ++
 shorewall6/install_check.pl                |   15 +
 shorewall6/lang/ca                         |  455 ++++++
 shorewall6/lang/de                         |  212 +++
 shorewall6/lang/en                         |  455 ++++++
 shorewall6/lang/es                         |  298 ++++
 shorewall6/lang/fr                         |  304 ++++
 shorewall6/lang/nl                         |  431 +++++
 shorewall6/lang/tr                         |  316 ++++
 shorewall6/lang/zh_CN                      |  349 ++++
 shorewall6/list.cgi                        |  123 ++
 shorewall6/log_parser.pl                   |   19 +
 shorewall6/manual_form.cgi                 |   27 +
 shorewall6/manual_save.cgi                 |   18 +
 shorewall6/module.info                     |   10 +
 shorewall6/refresh.cgi                     |   21 +
 shorewall6/restart.cgi                     |   21 +
 shorewall6/save.cgi                        |   44 +
 shorewall6/savecmt.cgi                     |   33 +
 shorewall6/shorewall6-lib.pl               | 1724 ++++++++++++++++++++
 shorewall6/start.cgi                       |   21 +
 shorewall6/status.cgi                      |   15 +
 shorewall6/stop.cgi                        |   18 +
 shorewall6/up.cgi                          |   14 +
 70 files changed, 5413 insertions(+)
 create mode 100644 shorewall6/CHANGELOG
 create mode 100755 shorewall6/acl_security.pl
 create mode 100755 shorewall6/backup_config.pl
 create mode 100755 shorewall6/check.cgi
 create mode 100755 shorewall6/clear.cgi
 create mode 100644 shorewall6/config
 create mode 100644 shorewall6/config.info
 create mode 100755 shorewall6/config.info.ca
 create mode 100644 shorewall6/config.info.de
 create mode 100755 shorewall6/config.info.es
 create mode 100644 shorewall6/config.info.fr
 create mode 100644 shorewall6/config.info.nl
 create mode 100644 shorewall6/defaultacl
 create mode 100755 shorewall6/delete.cgi
 create mode 100755 shorewall6/down.cgi
 create mode 100755 shorewall6/dump.cgi
 create mode 100755 shorewall6/edit.cgi
 create mode 100755 shorewall6/editcmt.cgi
 create mode 100644 shorewall6/images/.xvpics/hosts.gif
 create mode 100644 shorewall6/images/.xvpics/nat.gif
 create mode 100644 shorewall6/images/.xvpics/policy.gif
 create mode 100644 shorewall6/images/.xvpics/routestopped.gif
 create mode 100644 shorewall6/images/.xvpics/tunnels.gif
 create mode 100644 shorewall6/images/.xvpics/zones.gif
 create mode 100644 shorewall6/images/after.gif
 create mode 100644 shorewall6/images/before.gif
 create mode 100644 shorewall6/images/blacklist.gif
 create mode 100644 shorewall6/images/down.gif
 create mode 100644 shorewall6/images/gap.gif
 create mode 100644 shorewall6/images/hosts.gif
 create mode 100644 shorewall6/images/icon.gif
 create mode 100644 shorewall6/images/interfaces.gif
 create mode 100644 shorewall6/images/masq.gif
 create mode 100644 shorewall6/images/nat.gif
 create mode 100755 shorewall6/images/params.gif
 create mode 100644 shorewall6/images/policy.gif
 create mode 100644 shorewall6/images/providers.gif
 create mode 100644 shorewall6/images/proxyndp.gif
 create mode 100644 shorewall6/images/routestopped.gif
 create mode 100644 shorewall6/images/rules.gif
 create mode 100644 shorewall6/images/shorewall6.conf.gif
 create mode 100644 shorewall6/images/smallicon.gif
 create mode 100644 shorewall6/images/tos.gif
 create mode 100644 shorewall6/images/tunnels.gif
 create mode 100644 shorewall6/images/up.gif
 create mode 100644 shorewall6/images/zones.gif
 create mode 100755 shorewall6/index.cgi
 create mode 100755 shorewall6/install_check.pl
 create mode 100755 shorewall6/lang/ca
 create mode 100644 shorewall6/lang/de
 create mode 100644 shorewall6/lang/en
 create mode 100644 shorewall6/lang/es
 create mode 100644 shorewall6/lang/fr
 create mode 100644 shorewall6/lang/nl
 create mode 100644 shorewall6/lang/tr
 create mode 100644 shorewall6/lang/zh_CN
 create mode 100755 shorewall6/list.cgi
 create mode 100755 shorewall6/log_parser.pl
 create mode 100755 shorewall6/manual_form.cgi
 create mode 100755 shorewall6/manual_save.cgi
 create mode 100644 shorewall6/module.info
 create mode 100755 shorewall6/refresh.cgi
 create mode 100755 shorewall6/restart.cgi
 create mode 100755 shorewall6/save.cgi
 create mode 100755 shorewall6/savecmt.cgi
 create mode 100755 shorewall6/shorewall6-lib.pl
 create mode 100755 shorewall6/start.cgi
 create mode 100755 shorewall6/status.cgi
 create mode 100755 shorewall6/stop.cgi
 create mode 100755 shorewall6/up.cgi

diff --git a/shorewall6/CHANGELOG b/shorewall6/CHANGELOG
new file mode 100644
index 000000000..879361776
--- /dev/null
+++ b/shorewall6/CHANGELOG
@@ -0,0 +1,43 @@
+---- Changes since 1.360 ----
+(Updates by Paul Gear <paul@gear.dyndns.org>.)
+BUG: Corrected mis-handling of nested zones introduced in 1.350.
+Removed debugging cruft added in 1.350.
+Added support for end-of-line comments in zones, params, and shorewall6.conf.
+Added support for display of long zone names under the new zones format.
+Added module option to disable display of long zone names in the rules file.
+---- Changes since 1.350 ----
+(Updates by Paul Gear <paul@gear.dyndns.org>.)
+Corrected name to "Shoreline Firewall".
+Correctly determine Shorewall version for beta releases.
+Corrected zones file support on version 3 or greater when IPSECFILE=ipsec.
+Added bug compatibility with IPSECFILE on Shorewall 3.4.0-3.4.4.
+Added support for renaming firewall zone.
+Added support for editing of params & shorewall6.conf.
+---- Changes since 1.140 ----
+Added buttons for adding rules or other table entries above or below an existing entry.
+Added support for OpenVPN and generic tunnels.
+---- Changes since 1.150 ----
+Added the ability to edit the blacklist table.
+---- Changes since 1.160 ----
+Added a button for manually editing a table file.
+Added simple access control, written by Stephen Carville.
+---- Changes since 1.170 ----
+Improved access control, to limit which Shorewall tables a user can edit.
+---- Changes since 1.180 ----
+Added Module Config page options for commands to run before and after starting, applying and refreshing Shorewall.
+---- Changes since 1.200 ----
+Added support for standard Shorewall actions on the rules page.
+---- Changes since 1.240 ----
+Added support for the providers Shorewall table.
+---- Changes since 1.250 ----
+Updated the module to support new options and columns in Shorewall version 3, such as macros, the new zones table and so on.
+Several records can be deleted at once from any table using checkboxes next to them.
+---- Changes since 1.320 ----
+Comments can now be created and edited in the rules table (and a few others), when running Shorewall 3.3.3 or higher.
+Added logging so that changes made using the module show up in the Webmin Actions Log module.
+---- Changes since 1.390 ----
+Blacklist rules can now match any host.
+---- Changes since 1.480 ----
+Added a button to create a shorewall6 dump, thanks to a patch by Paul Gear.
+---- Changes since 1.500 ----
+New rules are added after the SECTION NEW line, if there is one.
diff --git a/shorewall6/acl_security.pl b/shorewall6/acl_security.pl
new file mode 100755
index 000000000..b660bdc09
--- /dev/null
+++ b/shorewall6/acl_security.pl
@@ -0,0 +1,32 @@
+
+do 'shorewall6-lib.pl';
+
+# acl_security_form(&options)
+# Output HTML for editing security options for the acl module
+sub acl_security_form
+{
+print "<tr> <td><b>$text{'acl_nochange'}</b></td> <td>\n";
+printf "<input type=radio name=nochange value=0 %s> $text{'yes'}\n",
+	$_[0]->{'nochange'} ? '' : 'checked';
+printf "<input type=radio name=nochange value=1 %s> $text{'no'}</td>\n",
+	$_[0]->{'nochange'} ? 'checked' : '';
+
+print "</tr>\n";
+
+print "<tr> <td valign=top><b>$text{'acl_files'}</b></td> <td>\n";
+print &ui_radio("files_def", $_[0]->{'files'} eq '*' ? 1 : 0,
+		[ [ 1, $text{'acl_all'} ], [ 0, $text{'acl_sel'} ] ]),"<br>\n";
+print &ui_select("files", [ split(/\s+/, $_[0]->{'files'}) ],
+		 [ map { [ $_, $text{$_."_title"}." ($_)" ] }
+		       @shorewall6_files ], 5, 1);
+}
+
+# acl_security_save(&options)
+# Parse the form for security options for the acl module
+sub acl_security_save
+{
+$_[0]->{'nochange'} = $in{'nochange'};
+$_[0]->{'files'} = $in{'files_def'} ? "*"
+				    : join(" ", split(/\0/, $in{'files'}));
+}
+
diff --git a/shorewall6/backup_config.pl b/shorewall6/backup_config.pl
new file mode 100755
index 000000000..6f38a6f6a
--- /dev/null
+++ b/shorewall6/backup_config.pl
@@ -0,0 +1,51 @@
+
+do 'shorewall6-lib.pl';
+
+# backup_config_files()
+# Returns files and directories that can be backed up
+sub backup_config_files
+{
+local @rv;
+opendir(DIR, $config{'config_dir'});
+while($f = readdir(DIR)) {
+	next if ($f eq "." || $f eq ".." ||
+		 $f =~ /\.rpmsave$/ || $f =~ /\.bak$/);
+	push(@rv, "$config{'config_dir'}/$f");
+	}
+return @rv;
+}
+
+# pre_backup(&files)
+# Called before the files are actually read
+sub pre_backup
+{
+return undef;
+}
+
+# post_backup(&files)
+# Called after the files are actually read
+sub post_backup
+{
+return undef;
+}
+
+# pre_restore(&files)
+# Called before the files are restored from a backup
+sub pre_restore
+{
+return undef;
+}
+
+# post_restore(&files)
+# Called after the files are restored from a backup
+sub post_restore
+{
+local $out = &backquote_logged("$config{'shorewall6'} restart 2>&1");
+if ($?) {
+	return "<pre>$out</pre>";
+	}
+return undef;
+}
+
+1;
+
diff --git a/shorewall6/check.cgi b/shorewall6/check.cgi
new file mode 100755
index 000000000..32d1d97ab
--- /dev/null
+++ b/shorewall6/check.cgi
@@ -0,0 +1,22 @@
+#!/usr/bin/perl
+# check.cgi
+# Check if the firewall is valid
+
+require './shorewall6-lib.pl';
+&ui_print_header(undef, $text{'check_title'}, "");
+print "<b>$text{'check_cmd'}</b><br>\n";
+print "<font size=-1><pre>";
+open(STATUS, "$config{'shorewall6'} check 2>&1 |");
+while(<STATUS>) {
+	print &html_escape($_);
+	}
+close(STATUS);
+print "</pre></font>\n";
+if ($?) {
+	print "<b>$text{'check_failed'}</b><p>\n";
+	}
+else {
+	print "<b>$text{'check_ok'}</b><p>\n";
+	}
+&ui_print_footer("", $text{'index_return'});
+
diff --git a/shorewall6/clear.cgi b/shorewall6/clear.cgi
new file mode 100755
index 000000000..409e5fca7
--- /dev/null
+++ b/shorewall6/clear.cgi
@@ -0,0 +1,18 @@
+#!/usr/bin/perl
+# clear.cgi
+# Clear out all rules
+
+require './shorewall6-lib.pl';
+if ($access{'nochange'}) {
+  &redirect("/");
+  exit 0;
+}
+
+&error_setup($text{'clear_err'});
+$out = &backquote_logged("$config{'shorewall6'} clear 2>&1");
+if ($?) {
+	&error("<pre>$out</pre>");
+	}
+&webmin_log("clear");
+&redirect("");
+
diff --git a/shorewall6/config b/shorewall6/config
new file mode 100644
index 000000000..072f722bf
--- /dev/null
+++ b/shorewall6/config
@@ -0,0 +1,5 @@
+config_dir=/etc/shorewall6
+shorewall6=shorewall6
+actions=/etc/shorewall6/actions	/usr/share/shorewall6/actions.std
+macros=/usr/share/shorewall6
+display_zone_descriptions=1
diff --git a/shorewall6/config.info b/shorewall6/config.info
new file mode 100644
index 000000000..5770a8a17
--- /dev/null
+++ b/shorewall6/config.info
@@ -0,0 +1,7 @@
+config_dir=Shorewall6 configuration directory,0
+shorewall6=Path to shorewall6 command,0
+actions=Standard actions files,9,40,5,\t
+macros=Macro files directory,0
+before_apply_cmd=Command to run before applying configuration,3,None
+after_apply_cmd=Command to run after applying configuration,3,None
+display_zone_descriptions=Display zone descriptions in rules file?,1,0-No,1-Yes
diff --git a/shorewall6/config.info.ca b/shorewall6/config.info.ca
new file mode 100755
index 000000000..3ad17d853
--- /dev/null
+++ b/shorewall6/config.info.ca
@@ -0,0 +1,7 @@
+config_dir=Directori de configuraci� de Shorewall6,0
+shorewall6=Cam� de l'ordre shorewall6,0
+actions=Fitxers d'accions est�ndards,9,40,5,\t
+macros=Directori de fitxers de macros,0
+before_apply_cmd=Ordre a executar abans d'aplicar la configuraci�,3,Cap
+after_apply_cmd=Ordre a executar depr�s d'aplicar la configuraci�,3,Cap
+display_zone_descriptions=Mostra les descripcions de zona al fitxer de regles,1,0-No,1-S�
diff --git a/shorewall6/config.info.de b/shorewall6/config.info.de
new file mode 100644
index 000000000..e69de29bb
diff --git a/shorewall6/config.info.es b/shorewall6/config.info.es
new file mode 100755
index 000000000..f60bf7eab
--- /dev/null
+++ b/shorewall6/config.info.es
@@ -0,0 +1,5 @@
+config_dir=Directorio de configuraci&#243;n de Shorewall6,0
+shorewall6=Ruta al comando shorewall6,0
+actions=Archivo de acciones est&#225;ndar,0
+before_apply_cmd=Comando a ejecutar antes de aplicar la configuraci&#243;n,3,Ninguno
+after_apply_cmd=Comando a ejecutar despu&#233;s de aplicar la configuraci&#243;n,3,Ninguno
diff --git a/shorewall6/config.info.fr b/shorewall6/config.info.fr
new file mode 100644
index 000000000..9f2b81c16
--- /dev/null
+++ b/shorewall6/config.info.fr
@@ -0,0 +1,7 @@
+config_dir=R&#233;pertoire de configuration de Shorewall6,0
+shorewall6=Chemin vers la commande shorewall6,0
+actions=Fichiers standards des actions,9,40,5,\t
+macros=R&#233;pertoire des fichiers macro,0
+before_apply_cmd=Commande &#224; ex&#233;cuter avant d'appliquer la configuration,3,Aucune
+after_apply_cmd=Commande &#224; ex&#233;cuter apr&#232;s avoir appliqu&#233; la configuration,3,Aucune
+display_zone_descriptions=Afficher les descriptions des zones dans le fichier des r&#232;gles ?,1,0-Non,1-Oui
diff --git a/shorewall6/config.info.nl b/shorewall6/config.info.nl
new file mode 100644
index 000000000..380d5ffd6
--- /dev/null
+++ b/shorewall6/config.info.nl
@@ -0,0 +1,7 @@
+config_dir=Shorewall6 configuratie directory,0
+shorewall6=Pad naar Shorewall6 opdracht,0
+actions=Standaard actie files,9,40,5,\t
+macros=Macro files directory,0
+before_apply_cmd=Opdracht om uit te voeren voor toevoegen configuratie,3,Geen
+after_apply_cmd=Opdracht om uit te voeren na toevoegen configuratie,3,Geen
+display_zone_descriptions=Laat zone omschrijvingen zien in regel file?,1,0-Nee,1-Ja
diff --git a/shorewall6/defaultacl b/shorewall6/defaultacl
new file mode 100644
index 000000000..c32d9ac4a
--- /dev/null
+++ b/shorewall6/defaultacl
@@ -0,0 +1,2 @@
+nochange=0
+files=*
diff --git a/shorewall6/delete.cgi b/shorewall6/delete.cgi
new file mode 100755
index 000000000..45d8a66ad
--- /dev/null
+++ b/shorewall6/delete.cgi
@@ -0,0 +1,19 @@
+#!/usr/bin/perl
+# Delete a bunch of table rows
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+$pfunc = &get_parser_func(\%in);
+&error_setup($text{'delete_err'});
+@d = split(/\0/, $in{'d'});
+scalar(@d) || &error($text{'delete_enone'});
+
+&lock_table($in{'table'});
+foreach $idx (sort { $b <=> $a } @d) {
+	&delete_table_row($in{'table'}, $pfunc, $idx);
+	}
+&unlock_table($in{'table'});
+&webmin_log('deletes', 'table', $in{'table'});
+&redirect("list.cgi?table=$in{'table'}");
+
diff --git a/shorewall6/down.cgi b/shorewall6/down.cgi
new file mode 100755
index 000000000..1b8049b31
--- /dev/null
+++ b/shorewall6/down.cgi
@@ -0,0 +1,14 @@
+#!/usr/bin/perl
+# down.cgi
+# Move a row in a table down
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+$pfunc = &get_parser_func(\%in);
+&lock_table($in{'table'});
+&swap_table_rows($in{'table'}, $pfunc, $in{'idx'}, $in{'idx'}+1);
+&unlock_table($in{'table'});
+&webmin_log('down', 'table', $in{'table'});
+&redirect("list.cgi?table=$in{'table'}");
+
diff --git a/shorewall6/dump.cgi b/shorewall6/dump.cgi
new file mode 100755
index 000000000..2b22d0d67
--- /dev/null
+++ b/shorewall6/dump.cgi
@@ -0,0 +1,15 @@
+#!/usr/bin/perl
+# dump.cgi
+# Show a shorewall6 dump
+
+require './shorewall6-lib.pl';
+&ui_print_header(undef, $text{'dump_title'}, "");
+print "<font size=-1><pre>";
+open(DUMP, "$config{'shorewall6'} dump 2>&1 |");
+while(<DUMP>) {
+	print &html_escape($_);
+	}
+close(DUMP);
+print "</pre></font>\n";
+&ui_print_footer("", $text{'index_return'});
+
diff --git a/shorewall6/edit.cgi b/shorewall6/edit.cgi
new file mode 100755
index 000000000..9a6de5992
--- /dev/null
+++ b/shorewall6/edit.cgi
@@ -0,0 +1,55 @@
+#!/usr/bin/perl
+# edit.cgi
+# Display a form for editing or creating a table entry
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&get_clean_table_name(\%in);
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+if ($in{'new'}) {
+	&ui_print_header(undef, $text{$in{'tableclean'}."_create"}, "");
+	if ($in{'before'} ne '') {
+		$msg = &text('edit_before', $in{'before'}+1);
+		}
+	elsif ($in{'after'} ne '') {
+		$msg = &text('edit_after', $in{'after'}+1);
+		}
+	print "<center><font size=+1>$msg</font></center>\n" if ($msg);
+	}
+else {
+	&ui_print_header(undef, $text{$in{'tableclean'}."_edit"}, "");
+	$pfunc = &get_parser_func(\%in);
+	@table = &read_table_file($in{'table'}, $pfunc);
+	$row = $table[$in{'idx'}];
+	}
+
+print "<form action=save.cgi>\n";
+print "<input type=hidden name=table value='$in{'table'}'>\n";
+print "<input type=hidden name=idx value='$in{'idx'}'>\n";
+print "<input type=hidden name=new value='$in{'new'}'>\n";
+print "<input type=hidden name=before value='$in{'before'}'>\n";
+print "<input type=hidden name=after value='$in{'after'}'>\n";
+
+print "<table border width=100%>\n";
+print "<tr $tb> <td><b>",$text{$in{'tableclean'}."_header"},"</b></td> </tr>\n";
+print "<tr $cb> <td><table width=100%>\n";
+
+$ffunc = $in{'tableclean'}."_form";
+&$ffunc(@$row);
+
+print "</table></td></tr></table>\n";
+print "<table width=100%>\n";
+if ($in{'new'}) {
+	print "<td><input type=submit value='$text{'create'}'></td>\n";
+	}
+else {
+	print "<td><input type=submit value='$text{'save'}'></td>\n";
+	print "<td align=right><input type=submit name=delete ",
+	      "value='$text{'delete'}'></td>\n";
+	}
+print "</table>\n";
+
+print "</form>\n";
+
+&ui_print_footer("list.cgi?table=$in{'table'}", $text{$in{'tableclean'}."_return"});
+
diff --git a/shorewall6/editcmt.cgi b/shorewall6/editcmt.cgi
new file mode 100755
index 000000000..12510331d
--- /dev/null
+++ b/shorewall6/editcmt.cgi
@@ -0,0 +1,37 @@
+#!/usr/bin/perl
+# Display a form for editing or creating a comment
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&get_clean_table_name(\%in);
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+if ($in{'new'}) {
+	&ui_print_header(undef, $text{"comment_create"}, "");
+	}
+else {
+	&ui_print_header(undef, $text{"comment_edit"}, "");
+	$pfunc = &get_parser_func(\%in);
+	@table = &read_table_file($in{'table'}, $pfunc);
+	$row = $table[$in{'idx'}];
+	}
+
+print &ui_form_start("savecmt.cgi", "post");
+foreach $f ("table", "new", "idx") {
+	print &ui_hidden($f, $in{$f});
+	}
+print &ui_table_start($text{'comment_header'}, 2);
+
+print &ui_table_row($text{'comment_msg'},
+		    &ui_textbox("msg", join(" ", @$row[1..@$row-1]), 60));
+
+print &ui_table_end();
+if ($in{'new'}) {
+	print &ui_form_end([ [ "create", $text{'create'} ] ]);
+	}
+else {
+	print &ui_form_end([ [ "save", $text{'save'} ],
+			     [ "delete", $text{'delete'} ] ]);
+	}
+
+&ui_print_footer("list.cgi?table=$in{'table'}", $text{$in{'tableclean'}."_return"});
+
diff --git a/shorewall6/images/.xvpics/hosts.gif b/shorewall6/images/.xvpics/hosts.gif
new file mode 100644
index 0000000000000000000000000000000000000000..c5b2fa3682a8b3e385a0d1a5f6fdaf17ec7f84c4
GIT binary patch
literal 2374
zcmbVO-D=w~7*#K$5~q(4s0~X-v#mdC8SH9p7Y*7Dw#z|bw3jxF?V@{#4y>|1NFnmO
zSno3L9Le%eO1HF*V=14`_vz?J`96Q#AMfmJ%T0CiUY#DFz1cmu+C3Pn?Beq3@?!k#
z)yvoW<F7w|Tz;R(&7;%9^RwggcV{OjN2i}ZNdR$g@9jwyD`kx_YM!tyletQ)DGgdx
zl*YAg+~e#M@WNkfBCdNvtO*tRFs_BZHHa^&|6DeV8vzFcye+GuEQ=Dv!I{r{9fN^P
zsCkXI4p`Faow^+ZcY{aT$HN6E;CZ_#0CRrMVstL39r^qrfto`-fpcR3+!(WqVgWv}
zTdyq@uK5ROjw?;lrqAE7r%7du)>v=A%P5l3WHgkKoS`R&F9v9$DSD&9Oh&|~kHkME
zeyykK@<D$vnvfv54cCV?pKGBeEnY^$^)2T%C4S(R5zWw}TV?KU`*?(_*ZWX>>=(|k
zI}b@T<HXbhJP;H@x&8n;!8V0HjGxqcCXfzz2{()mpQ8u2&P0{bI1i2fE8u(jC*2+D
zES$tRjqJw9@tKb#NPtSKAW&22w1nq+SHtH8^ogyBSH<7pJOhvTrJb+iSYduL+Tso^
z3so&{a^1m?+8u2+LPlGZ*lk3W7diir)SvMko<d+B{0ZPj^zlLe2l?PYks!HMd8_|w
zczyS+-d~R=83cmlOGnwQpvv_f`8=r46z)Af8vjS1e^!V;taPrS&tZrka^7;=B*War
z5Br5wXkDsdu0kqsUyT-FHNU(&`Xezhy)mIJ3VP7xKHi^y@CVrEO{7VG5sVaNT>OoV
z4NP<0>gnS%_x0lk{M#@3*YB)@r?PND8ZI?IH5<J^+?K!7-(-23r8-TsJWD%mmiphW
zbr`3=3DqXF-Lm9tjY0AJqc-~5S0+Nl$jvEM33ZXbQ<cQvjNv)OLkUHF>En^k!HsyU
z^HibiQA1aAQEL;-(5b%y2@E!vSccgG&zMCS!^G7#_`tqy8_uqrS_6OQ7x4eCs=}fW
zvHmyp9W-5$W3BS#jRtp`&}s3sat@)Py#M5xhVuSdn*?KrcMOkj`FE&$V~p1W&cyYH
X_-LJ8I2C*+>Aj=WYb=mV9*zGCFpss#

literal 0
HcmV?d00001

diff --git a/shorewall6/images/.xvpics/nat.gif b/shorewall6/images/.xvpics/nat.gif
new file mode 100644
index 000000000..31f6bfe47
--- /dev/null
+++ b/shorewall6/images/.xvpics/nat.gif
@@ -0,0 +1,5 @@
+P7 332
+#IMGINFO:48x48 Indexed (1481 bytes)
+#END_OF_COMMENTS
+48 48 255
+I$II۶��IH%I۶��%HI%۶ڶ%HII�ڶ�%HII۶��I$II۶��I$II۶��IH%I۶��%HI��۶�$II%ڷڶ%HII�ڶ�%HII۶��I$II۶��IH%I۶��%HI%۶ڷڒ��۶۶$IIH�ڷ�H%IH۶��I$II۶��IH%I۶��%H�%ڷڶ��H��ڷ�$II$۶۶$IIH�ڷ�۶��I$II۶��%H%I۶m�I$�I�۶�$IIIڷ��H%IIڷ��$I%I۶��I$II۶��%H%I۶ڶ%H�%ڷ��H%IIڷ��$I%Iڷڶ$II%۶��I$II۶��%H%I۶ڻ�{{�߶ֻ$IHE�ֺ�$IHI׺��D)IH۶��I$II۶��%H%Iۛ{�W[�[7��$II)ڷֶ(EII�׶�$IEII$II۶��IH%I��ڷHW{wZW�7�D۶��HI$I۶��$IH%۶ڷI$II۶��IH%I��۶HSS6272�D۶��E(EI۶��%H)EۺֶI$II۶��IH%I۶��%w.�D�۶�H%IIڷ��$I%Iڷ��I$II۶��IH%I۶��%H�wrWVr��D)����$IDI۶��D)HE۶��۶��I$II۶��%H%I۶ڶ%�$I۶��ڑ������$IH%۶ڷ$IIH۶��I$II۶��%H%I۶ڷ��$%�ڶ�%HII�ڶ�I$II۶��%H%I۶��I$II۶��%H%I۶����$I۶��$IH%۶ڷ$IHI�ڷ�$IIH۶������������������������������������������$IIII$II۶��IH%��۶�%HII�ڶ�I$II۶��%H%I����$II$۶۶I$II۶��IH%��ڶ�%HII۶��I$II۶��%H%I��۶$IIH�ڷ�I$II۶��IH%��ڶ�%HII۶��I$II۶��%H%I��۶$IIH�ڷ�I$II۶����$��ڶ�%HII�ڶ�I$II۶ڷ��$I�۶�$IIIڷ��۶��I$IIۺ�����$۶��H%IH۶��$I%H۶����$I׺ַ$IH)۶��I$I��[w�[Wֻ��ID)I۶��%HE)�7�W7z�W߶��$I)E۶��I$I7;W{3�����$I%Iڷڶ$II�W�;�67ֻ�$II$۶��I$I2v337R߶��)DI)۶ֺ%HE�W�67�2׺�%HI)I$II۶�2
1�%(I۶ַ(EH)�ֶ�S(EIڷ��I$II۶���VSR6w��%HI%۶ڶ%HII�ڶ��231Rw�$IH۶��I$II۶��IH%��۶��$II۶��I$II۶��$I$I�����$I%�۶�I$II۶��IH%������$IIֻ��H%IIڷ��%H%I�����$IIֻ��۶��I$II۶��$I%H۶۶$II$۶۶$IIH�ڷ��$I$۶۶$IIH۶��I$II۶��$I$I۶��$II$۶۶$IIH�ڷ��H%H۶۶$II$۶��I$I�ֻ����ں�ڶ�(EHI۶��H)DI��׺����ڷ��$I)E۶��I$���������q׶��E(EI۶��%H)E���������m��$IH%I$II۶ڶ�����ڶ��H%H۶۶$II$۶۶�������۶l�%ڷ��I$II۶ڶI$II۶ڒ�%IH۷��H%IIڷ�ڒH%Iڷ�ֶm�$۶��I$II۶ڶIH%I۶ې�H%Iڷֺ$II%ڷڶ�$II�۶��q�(׺׶I$II۶ڶI$II۶ڒ�%IH۶��H%IH۷�ڒH%Iڷڶ�m�$۶��۶��I$��۶��I$����ڶ%HII�ڶ�E(II��۶$IID����(E)I۶��I$۶�������m��۶$II$۶۶$II��������۵m���$II۶��I��rm�m�m�mm����DI(I׺��(Eߵ�q�q�q�qn����$I(۶�������������q����(EIH۶��D)ֶ�����������q�)H%I$II���������������$�ڶ�I$II۶���������������ڶ�I$II۵۶�ֺ�׹ב�$II�۶�)DII۶�ѻ�׺�ںֶ��$۶��I$II������������$I%Iڷֺ$II%ڷڑ���������(EH�ֻ�I$II۶��IH%I۶��%HI%۶ڶ%HII�ڶ�%HII۶��I$II۶��۶��I$I�ڷڶ��$I�۶�$IIIڷ��H%IIڷڷ�ڷ��ڶ�$IHI۶��I$I����ڷ�$I�۶�H%IIڷ��$I%Iڷڶ�ڶ�ڶ��$II%۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�I$II۶��HI$I۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�I$II۶��HI$I
\ No newline at end of file
diff --git a/shorewall6/images/.xvpics/policy.gif b/shorewall6/images/.xvpics/policy.gif
new file mode 100644
index 000000000..75a766e7c
--- /dev/null
+++ b/shorewall6/images/.xvpics/policy.gif
@@ -0,0 +1,5 @@
+P7 332
+#IMGINFO:48x48 Indexed (372 bytes)
+#END_OF_COMMENTS
+48 48 255
+I$II۶��IH%I۶��%HI%۶ڶ%HII�ڶ�%HII۶��I$II۶��Iڷڷ�ڷ�۶$۶۶$IIH�ڷ�H%IH۶��HI%H۶��$II$۶۶I����������ڷ�۶H%IIڷ��HI%Iڷ��$II%ڷڶ$III�۶�IImmnmmImnm�����ڷ�۶��۶��$۶��$II$۶۶�%HI۶��۶���$IH۷�mmmIn���۶H%I�ڶ�%I�۶�۶$IIH۷��$I%I۶���$IH۷�ڶI$Inmm���%۶ڷ�H%I۶ڶ�H%HI۶ڷ$II$۶���$IH۷�ڶI$I۶�I���ڷڷ�H�$۶۶�H%II۶ڶ%HI%۶���$IH۷�ڶI$I۶ڷ���J�۶�H�%ڷڶ�I$II۶ڷ$IH%I$II۶ڶ�H%I�۶�%HI۶ۑm%I�%����$IH%۶ڷ�$I%۶ڶI$II۶ڶ�H%I�۶�%H�H�ڷ�nH�$�۶��$I%ڷڶ�%H%۶ڷI$II۶ڶ%�$�����$�$I۶ڒm%�$۶��$IH%۶ڷ�$I%۶ڶI$I�ڷڶ$��ڶ�ڶ۶ڷڶۑn�%H�ڷ�$I%�����ڷ$I�ڶ�۶��I$II۶��%H%I۶ڶ%HIےIڷH%HI۶��$I$I۶ڷ$IH%۶��I$II۶��%H%I۶ڶ%HIےIڷH%HI۶��$I$I۶ڷ$IH%۶��I$II۶��%H%I۶ڶ%HIےIڷH%HI۶��$I$I۶ڷ$IH%۶��I$II۶��%H%I۶ڶ%HIےIڷH%HI۶��$I$I۶ڷ$IH%I$II۶��IH%I۶��%HI%۶ڷ�mI%ڷڶ$III�۶�$IIIڷ��I$II۶��IH%I۶��%HI%�lJmmmnIڷڶ$II%�۶�$III�۶�I$II۶��IH%I۶��%HI%�l��ڶ�Iڷڶ$II%�۶�$III�۶�I$II۶��IH%I۶ڷH%HI�ImmmJmm۶��%H%I۶��%HI%۶ڶ۶��I$II۶��%H%�����Im۶�ڶmn$IIڷ��H%IIڷ��$I%I۶��I$II۶��%H%�����Im�$۶�mn$IIڷ��$I%Iڷ��$II%۶ڷڶI$��ڶ%HI۶�۶$��ڶ���۶$I�ڶ�$II$�ڷڷH%�۶��$�$%����I$I�ڷ��H%�$۶��$I�$�ڷ��$II�ڶ۶$�$I$�$�۶�$�$I۶��$IIH�ڷ�$I�$۶۶�%H%����H�$I۶��I$�$�۶�$I�$۶��$IIH�ڷ�$I�$۶۶�%H%����H�$I۶��I$�$�۶ڶ%�$۶��$IH%۶�����I�۶��$IH۶۶$�H%����Iڷڶ۶۶ڷH۶���$I۶۶�ڶ۶�ڶ�%��ڷ�ڷ$I�ڶ�۶۶��I$II۶��%H%I۶ڶ%�lJmmm�$II$�ڷ�$IIH�۶�H%II۶��I$II۶��%H%I۶ڶ%�ڶ�ڷ�$II$�ڷ�$IIH�۶�H%II۶��I$II۶��%H%I۶ڶ%�lJmmm�$II$�ڷ�$IIH�۶�H%II۶��I$II۶��%H%I۶ڶ%�ڶ�ڷ�$II$�ڷ�$IIH�۶�H%III$II۶��IH%I۶��%HI%۶ڷ�mI%ڷڶ$III�۶�$IIIڷ��I$II۶��IH%I۶��%HI%۶ڷ�mI%ڷڶ$III�۶�$IIIڷ��I$II۶��IH%I۶��%HI%۶ڷ�mI%ڷڶ$III�۶�$IIIڷ��I$II۶��IڷH۶��H۶۶ڶ�ڒIH۶��$I%H۶۶$II$�ڷ�۶��I$I�ڶ��$II%�۶�%H%Iۑn�$I%Iڷڶ$II%�۶�$I�H۶��I$I�ڶ��$II%�����$IHےI�$IHI۶��H%HI۶��$�$I۶�ڷH۶۶ڷڶI%�����$IH�ڒm�$�ڷڷڶ�$Iڷڶ%�$%۶��%�$���۶$�$I۶�ڶ%HI۶�m�$I�ڶ۶H�$I۶��$�$%I$��ڶ��$I�H�ڷ��%HI۶ڷ$ۑ�����$I�H�ڷ��۶۶ڷ�I$�$�ڷ�$I�$۶۶�%H%����Hۑ�����$I�$۶ڷ�$I%�ڶ�I$�$�۶�$I�$�۶�H�$۷ڶ�%�%�����$I�$�ڶ��$I۶ڷ�I$I�ڷ��۶ڷڶ۶$��ڶ�ڶ���%�m���ڶ۶�ڶ%��$۶۶۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%Hnm�����۶�ڶ�ڷڶI۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HIImJmmm����������I۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�IImnmmmInmm$۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�I$II۶��HI$I
\ No newline at end of file
diff --git a/shorewall6/images/.xvpics/routestopped.gif b/shorewall6/images/.xvpics/routestopped.gif
new file mode 100644
index 000000000..8ae701aff
--- /dev/null
+++ b/shorewall6/images/.xvpics/routestopped.gif
@@ -0,0 +1,5 @@
+P7 332
+#IMGINFO:48x48 Indexed (1939 bytes)
+#END_OF_COMMENTS
+48 48 255
+I$II۶��IH%I۶��%HI%۶ڶ%HII�ڶ�%HII۶��I$II۶��I$II۶��IH%I۶��%HI%۶ڶ%HII�ڶ�%HII۶��I$II۶��I$II۶��IH%I۶��%HI%۶ڶ%HII�ڶ�%HII۶��I$II۶��I$II۶��IH%I۶�������������������$I%ڷڶ$III�۶�۶��I$II۶��%H�ġ�������������������(EI(�ַ�(IEH۶��I$II۶��%�����������������������%HII�ֶ�I$II۶��I$II۶���������������������������I$I۶ֻ$IH%۶��I$II۶����������������������������D)ֶֻ$IIII$II۶��IH�ġ���������������Ġ��������߶D)IH׺��I$II۶��I�Ġ����������������������������%HE)۶ֺI$II۶����������������������������ġ�����%H%۶ڷI$II۶��Ġ��������������������������������$I�׶�۶��I$��������������������������������������(IDI۶��I�Ġ���������Š���������������Š��������%HI%۶���������������������������Ġ��������������E(I۶�����������������Š��������������������Һ�$IDI$II�������͠���ͩ���Ġ�����Ġ��ɤ�������ֶ����I$I���������Ҡ�����������������������ɠ��׶����I$II�������������������������������������Ҷ����I$I����������������������������������ġ�Ҷ��ֶ۶������������Ġ������������������������ֶ%�$I۶���������������������������������������E�$I۶���������������������������������������E�$I۶������������������������������������������I�D)I$I�����������������������������������׶����I$II���������͠���������Ѡ������Ҡ���������۶�I$II���������������������������Π������׵����I$II�����Š���������������������������������۶�۶�����������������������������������������D�%H۶����������ʠ�������������������͠������ֶ$�%H۶���������������Ť������������������������E�$I۶������������������������������������ġ������(EI$II��Π�������������������������������������޷�I$II���������������������������Ġ�����������۶��I$II۶��������������������������Š��������������I$II۶�������������������������Ġ������������ڶ�۶��I$II�����������������������������߲�����(EH)۶��I$II���ɠ�����������Ġ���������������޷�$IE(۶��I$II۶�������������ġ����������������ڶ�%HII۶��I$II۶������������������������۵���$۶۶$IIHI$II۶��IH%I�������������������������޷�$IIH׺��I$II۶��IH%I۶��Ť��ĥ��ġ���Ť�ۖ��ڻ��$II)ֶֻI$II۶��IH%I۶���ڻ��׺���׺���ە��ڻ�ֶ)HEI�ֶ�I$II۶��IH%I۶�ڷ���������������H��$۶ڶ%HI%۶ڷ۶��I$II۶��%H%I��������������%$����%HII۶��I$II۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�I$II۶��HI$I۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�I$II۶��HI$I۶��I$II۶��%H%I۶ڶ%HI%۶ڶ%HII�ڶ�I$II۶��HI$I
\ No newline at end of file
diff --git a/shorewall6/images/.xvpics/tunnels.gif b/shorewall6/images/.xvpics/tunnels.gif
new file mode 100644
index 0000000000000000000000000000000000000000..db6ec294d2bdf37328f9135bab10b67a783fb245
GIT binary patch
literal 2374
zcmd6oO>Wgd5QOb*P7#T*1Um@7V$0u*r6fqOM?z$m@dg%f44bnszKiED=Bu8u`FSs}
zLLzyI^IodURn^_&*N;!{-#<IK70zFUi<g&AA3XW|;K^wiK3sji`fz&t-r3zpr|-Xf
zy83wM<kpLe=kG3GzI%3ge*WU(?VA&Tyv`mzJP9s@oKgzD({<^5=yF;T*Dx>1uJ-?e
z%l{kxCv9k#2h;wGhY+VY_?&j_#mf!&WtygOh%wI4QAIX?!hicZ0v}@^f&Udhk7*bu
z;IY5%q4m3_WBI2vnwT*TAsYGo2mGAU^lh4CHb&vYGH==s`m5ef38&^2G1sWS8Lt=$
z9D2eWeD5veWBKHyPlYF#VGILWpvP`-NANkLrP711+Fi&L9N^cy&|<8PGt_1k_DJiG
z^=sAbs@0;VvRm4}=AUzHf^QqwxNiJPkmG<=yjnD1y9K5_|Lk4cG@$uueHc=-BrSKA
z>34h<P}rtxoNJv6X4U$Hc*m$||F-^SgX&i+J-i?s%M_4`-YJ`sba1Pv3%H^UGF<np
zvEXP=iwm~nDWn1~Vww(3PIw1D!E`ud6qcl$C_u4GJ~E_7FBrjhA;O9JMmYMVncxes
zax}2GTi?ne+?*~{Qly^ij8UE?nnQN(VB%Yx@)x^k^IW2|Ab0IWjS3VNKo7Yz@rlg3
zMmZjVOP#A;HMRv`;4r}!8f#CH->DyHpYf{mai*m3OTLknWGolW0eHFI&eVe6#Eag-
zlyH(Hou<j;q*YA3l?Rhw>6M;&1*7&r&?tA|HqUYkkB}x^nG|+1Y*DW}X>ydV{$a@o
zZ{+HynyM#40l-~*yJ$WmlVDyC#DEX03(B#2SiooWz)X=TFHUt<R(Quo+pLkN@?X(?
zT#WBW==Uszr<7uwNK<dh%^2*yUwItty{a>jRsz|*`cAPIF=5P>JL2H2&j&QE%x~)(
zl2Tm2O*+TUs?phUpLLi^5Bq3Zek3WUz6WkzRbIU+VAW)Hf|`w7dg8F{taed%)y`Br
zI|;rFf#v}Gz|nZ{yjK3EX{CeuuG)R*msKaDiWQ=+^1k8Own=9^QYB_e1pkv)W0UUU
gx8}8i6naQ2F>HD4vs34EyT=XB-(AC2|4;GX0lHMB0{{R3

literal 0
HcmV?d00001

diff --git a/shorewall6/images/.xvpics/zones.gif b/shorewall6/images/.xvpics/zones.gif
new file mode 100644
index 000000000..4c4316256
--- /dev/null
+++ b/shorewall6/images/.xvpics/zones.gif
@@ -0,0 +1,5 @@
+P7 332
+#IMGINFO:48x48 Indexed (1631 bytes)
+#END_OF_COMMENTS
+48 48 255
+I$II۶��IH%I۶��%HI%۶�������������%ֻ��I$II۶��I$II۶��IH%I۶��%�������������۶���$۶��H%IH۶��I$II۶��IH%I۶��������������������������$I%Iڷ��I$II۶��IH%I۶���������۶�������������۶$IIH�ڷ�۶��I$II۶��%H%I����������������ڷ��%HI%۶ڶ%HII۶��I$II۶��%H%����������������������$II۶��I$II۶��I$II۶��%H����ڷ���۶�����ڷ����$IIIڷ��H%II۶��I$II۶��%H�۶�ڶn���mn�m�m�������H%I۶��%HI%I$II۶��IH%I۶����ے�n��m���n�ۑ��������$I$I۶ڷI$II۶��IH%I۶���ڷ�۶ڷ���۶�����������$I(E۶ڷI$II۶��IH%I�����������ڷ������������۶�$III�۶�I$II۶��IH%I������ڷ��������������������$I%H۶۶۶��I$II۶��%H%�������������ڷ������$I%H۶۶$II%۶��I$II۶��%H%������۵J���������۶�%H%I۶ڷ$IH%۶��I$II۶��%H%I۶ڶ���lJ������%ڷ��$I%Iڷڶ$II%۶��I$II۶��%H%I۶ڶ%H�mn������$۶��HI$I۶��$IH%I$II۶��IH%I۶��%HI%۶�ln�$I۶ڶ%HI%۶ڷ$IHI�ڶ�I$II۶��IH%I۶��%HI�۶��ڶ��ڶ��$IHI�ڶ�$IHI۶��I$II۶��IH%I۶��%������������ۑ�$IHI�ڶ�$IHI۶��I$II۶��IH%I۶�ڒ���������������$I$I۶ڷ$IH%۶ڷ۶��I$II۶��%H%Iۑ������۶���ڒ���ڶ$III�۶�%HII۶��I$II۶��%H%Iڒ�������������$۶ڷ$IH%۶ڷ$IHI۶��I$II۶��%H%I۶�ڶ�������ڒH%۶ڶ%HII�ڶ�$IHI۶��I$II۶��%H%I۶ڶ%H�Im�ے��H%۶ڶ%HII�ڶ�%HIII$II۶��IH%I۶��%HI%���l��$I۶��IH%I۶��%HI%۶ڶI$II۶��IH%I۶��%��۶��m��I$۶۶$IIH�ڷ�(EIH۶��I$II۶��IH%I۶���n���������������)D)۶ֻ$IHE�ֺ�I$II۶��IH%I۶ۑ�r������������r��%HI�ֶ�(EHI۶��۶��I$II۶��%�HJhrn�����������w�ۻֶ$II)�׶�(EII۶��I$II۶��%�H%$E)IHjM�n����w������$I)Iֻ��(EI)۶��I$II۶��%H�mnHI%HEIIDnmI�nr�۶��E(EI۶��%H)E۶��I$II۶��%H%I۶�mI�IIIinh�I���ֺ�$IHI�ڶ�H%HII$II۶��IH%I۶��%HI�I��mm�nmin��)D)I۶��)HE)۶ֻI$II۶��IH%I۶���$�m���m�$�I�׺�D)IIֻ��HE)Iڷ��I$II۶��IH%I۶����n�۶�m�(�M�۶�)DII۶��E(EI۶��I$II۶��IH%I۶��I��$۶�m�$I�����$I%H۶��$II$۶۶۶��I$II۶��%����۶�H)E�۶��m��D�����$)D۶۶$II(۶��I$II۶ڷڶ������%H�n����mn���۶���%H۶��D)EH۶��I$II۶������۶ڶ%HI�n��۶m��������$I۶ڶ%HI%۶��I$II۶����ڷ�׶�(EI�����E������۶�$I�ֶ�I$III$II۶��IH���۶��$II���ڷ��I�۶���۶����%HII۶��I$II۶��I��������%HI����������ڶ��ۑ��ֻ$IH%�ֻ�I$II۶��۶��ےڶ�$I%����������۶�ۑ۶���$I$I۶ڷI$II۶ڷڶ����۶$III�������۶۶��n��ڷڶ$III�۶�۶��I$I����ڷ��%�۶����ۑ����$I$�۶�$II$۶۶$IIH۶��I$II۶��%H%I۶���۵�����$IH%۶ڷ$IHI�ڷ�$IIH۶��I$II۶��%H%I۶ڶ��������%H%I۶��%HI%۶ڶ%HII۶��I$II۶��%H%I�����ڶ�����H%HI۶��$I%H۶۶$II$
\ No newline at end of file
diff --git a/shorewall6/images/after.gif b/shorewall6/images/after.gif
new file mode 100644
index 0000000000000000000000000000000000000000..f4c0eb151f48aa6d9faba736ff1b7e9d01ff80c8
GIT binary patch
literal 82
zcmZ?wbhEHb6krfwSjfQe|NnolmH)x?f5o3Hj9d&13_3szloeoLU{Y@BUwK+gQK~A?
hDkFcZN%OqMv(8D%JLj(4;`g-M>X6U%E$t!<)&PWn9o+x`

literal 0
HcmV?d00001

diff --git a/shorewall6/images/before.gif b/shorewall6/images/before.gif
new file mode 100644
index 0000000000000000000000000000000000000000..5c1010e84a67c7fb4f5e858773851727d2564dd7
GIT binary patch
literal 84
zcmZ?wbhEHb6krfwSjfQe|NnolmH&Y>0|SHNPZmZX#h?QsK=KSssxAGQ2jA*Wo3SNm
it3jUB&Ks;u#ib0Hav4=!Io!)uzuA=Z=UFTxgEasb4;z>O

literal 0
HcmV?d00001

diff --git a/shorewall6/images/blacklist.gif b/shorewall6/images/blacklist.gif
new file mode 100644
index 0000000000000000000000000000000000000000..36b9f9bfb9d8fb5882dd595adc53bc3fcbfb1b18
GIT binary patch
literal 2450
zcmWmDi&xTz0s!D2KTr_?krV|H5eyND5ET*41QgLw(V0?~N2nZHGcr?0N(cyuN{VJ`
z>hO`P?1A=j&9nI|U2f^>tgX|UJ?@=%x8339Hn(}bkMDo@Qq#n|I0YME1K$Gx2!hzM
zGGFB}T;5UtJx59WV+2Azsn4FRc95VVd}~t>$W1Nl42DKzl=NV&CIWPO+CDp{+$vOd
z<Y=!2>8+9s3z2pJ2Zl%-=0IHb?!3m7glewR#-|nHw0bOv$1>s>WhPeZd0x6E({4(?
z)5pncU?^>9&_Ai#!Q*SVv_b|UE;7p;Zn5JvXSk${!oGV!7-_2QI+wg3S6a!zr!fmG
zM6QaX)uKTxzRW1RZqMwthG}ZWmKsKuA=Eb_QLitwUSTGl#uca;IR5s-MkY-~5G!#N
zMo!>CEJut0y$J+DFr|Qw<tExYGOac|TfxzoA};svO`6csrbNAomQ_nAHznTbX6nzA
zjx=zzw#;rD868eSNaVvE!oEwn9d~f0XN24eLQW~ys%PP(<byi8#>B!3(Kr&LLXRu1
zVQDoxJ6i(ssuE3hp5q+DFW<jXlT&>${A_dP*|EZ5JE`2P_^3ax`z~(xyJ3iUxps&~
zSK;@cmgqlJw%yFNIw|ZDN%uem_argtc$n7g4k9>Q4XM;Z)3*{3Aw0_f11-rMvxS^&
z<7n-E%2UECR*uygoqUFzbDDt=^E+%LrH)+I99-Ez$T%fe^@V7xySqN5!cx*x>cTYb
zq+)Fln20yGQu4I4ik1M9Ecwcif1xI8w3m6ZMO4}yrfrK5YhtQ<X-Vahnju>EK$7ty
z8NpzXl=-G>q&!OqsbJT^bK;IZ`Pth^))4}@qvS?^sJJ>%U7NkXrBE}>EoqN!bucJO
zLa~-2)uaz}P@u6a&H1Rpv$4Z%xSX=^veu}uQVLy3!RK%+7jkl}X>HdCrTREo15;(=
z=z1eqWn@dUeC(><agEG)F_BqHsnmpM+x?ZbfnqhG(j+lo-qFw_Xc@sFNEE$oU-d;^
z-Qa=o>v5gEA=*YxM{i;MWqi*2yc4}NbUGzTopZ%R#^(#Q1JSHXin0R>1``=YOyGb1
ze*u7R0T4J*;&e<I;M*7n=AHdBW(+mGM>0Av*BB60`h2{_hZ;t%8VX3W4}IE7u6(PW
zw!BJhC2uaQn;{101uxkS3Axzhe)Oy8#m<o8IyN$Vf1)&mQ@<NNT|V&YAHN9E#g6Eb
zFQ<Ps;)-utLkEWc`2rkD_q#tE_iLYftv|XKnsWCAA+<d*n{)dI{EpMVwVe9e`CbY(
zeu&M>{+j&5le=G`{eZp4Gk4`btahzXZ+zRBK(*HwrW(Zjf@-3ip7Qw@;F%K7^j<}h
z=r(xX1F1f;aPIidgv74W4_S{Us!zRYCe+VoaYe5%#xeD<J9*A6yJ5L#1@tTa_u^K7
zPtoPr;;3iD_xER&{KVMz^vU)Msr$3=qV?zXocsNz(6``w@9JXR*fTRhAgoAy{O^;B
z`?%FfKooa&{%1*Cjbcq2`!uvo8u}MT31@%2YDRgGB%ol=pDG{)JyC5>2VNRqTk&e+
z%~@=fWMeA!yEh@JLDz2S=VP4G#~JK}34@oL5hH-@f(M8WB7fI8>RA5tX_1@v(yA5p
z@QG@si>n&MBY%8zVo%WFPQaV@Y3Lu)(D4<agl~K+d=%N=vsy<WsMPSN_5{}?_WGn^
z0n3Jwb#W72gUw+DuBiuMea$ito@?@#MmXgvR?4m!re-$$b&g{rZ^<^_@#Z7wx<fq3
zWRd9o>z$9uM73%V6@09SZms{|HwZdN;wXBQxb#ff$Xiw%f>fDZWA&g1bJUF(KRp%b
z?ASz@HQm-6Tf(qwIVGWXea$PDXL0Be$TuTGGCJ8YwcENrBVy#`I$`7YUW^|#eA2Bj
z-MyftSn1y}r|)~UtuHSIKA)&VasoHL6flue8OqlUDQuwU$?LwD*<(D^FjKtAPu&(m
z&uI$l9(cVF<~QNACb+&DMc^b!(9gMn>emlp4WZzm|G=B66w==uhD<lK3CeV404^A{
ztY{czd}hfJ#P`)u&7M!M_SZ9b<Ic}L!&+L>wtO~V%a5XWK3Nu#K9I=;yj53H6fxx1
zEF3b8_;`-|bM8vRvs3a>MAU6n<U^*QXGKW6c^C^rJikhLuzi<gxt@QJxaArAth03(
zfJt7D+(=MGnYqEPQEA+d@==S=8TQN{-*+WDA)c%rHY)bkVw)flKQU=yemDP%XWX;N
z(WXHZ>+#5qlbwU7cGdKhKlBpQvvt_n6_L~jPR2asvMO|oy=(J2;IYe%%Nz(=T`?5v
zViMOrQldLf%;BmX4M!IHiI)RlkSzy1rDqV=pned!>SK{x7D=~Or|I3J9>GI(sJ%r7
z`kN5%0LLNEIRN)3T#cU-V0^a<H*^t6Yi96`12DTxJ6+`M6qye4`<NMa&*y9;@(^<0
zB|Z9+RCLAjse<AF7#$8+<JL<tzXEe{2S#C3ozN$D!^7{AtXVA8fgjV2?UjngT39jR
zoJ1UD8a0O>UPDn_Mk+tjBIsPp_s*q42r&RSxdxUWcH6e$14*zz1M2BUB%&2{U<t&D
zjy`~6ASSHzB_e-GK-4DLf?ZSYudr15PzVY#K0rF-&{xS7I{b5;=M$$6N@r7K)-hys
zb*g>%rDwY9rN`Hs5K8>0`(BlvbuwTU7>WcS5~%Gz<A5(xwumFX<NvM`04pI)8vPiO
zv$Z5*4>hEx@Ta{BC&AeG(WZAgMLpsGfUvw^6?z_lD0uq#qii%fxv0zJs3Wbfm^tkN
z?`YoMP|9+>*Ex}If*MBTzqA_BWNn;dn(q|@RX9LD0I0)+Y77LI0g7{_FpssO4;+4d
zDO&EqqD=Ld%`5%-CiVWvdnTh^X_H|-Lt<NW7YHfjrXn+DV97mZb`ttpl}x(>L7l#|
z67-X0HvXQ#>r)x!N}=3974#d4xr6?H27H#`5$LDD%zC!KMZVLrJQ}%;uqhkyQct4F
zWNm?TxuG~l&_vuE^cVO*^F11^)1*0aW>G53h;dKi8GJ8TYOe*ob$A_t3o$Qv$&|7P
z_!2q=ITY|CXga;EYY2daOC+V=K<e%z&-*SlmsP|<zI~ckHSVQKf|i!s+sIWOC`B@&
zd*t9-<?pmrKlfZR0Qr{^_=u`lNUqe?{dRqpN<JY>>$HO{)kbPjGfL+nT>%3(CgGXR
JBoGAR{|h(fwhjOQ

literal 0
HcmV?d00001

diff --git a/shorewall6/images/down.gif b/shorewall6/images/down.gif
new file mode 100644
index 0000000000000000000000000000000000000000..73025ba5106abd951438d98486908e4b3f02e5d2
GIT binary patch
literal 108
zcmZ?wbhEHb6krfwSjfO|<j9etq9O(chX4QnEB@p2O-xBuD9<d(P;mG34Pa3G$->CR
zz|5cnQ~*>jz`($yJ*R&qv+QgK4kjhfw+BNv-^`rzJ=Lo@$?=!OW$tEAo_3C0y^U*6
Mr}#CAFfdpH03Em@y#N3J

literal 0
HcmV?d00001

diff --git a/shorewall6/images/gap.gif b/shorewall6/images/gap.gif
new file mode 100644
index 0000000000000000000000000000000000000000..1a777645397418e3aa27b12c3b14998fb601445a
GIT binary patch
literal 73
zcmZ?wbhEHb6krfwXkcLY4+e_=_<R#nQWeTGOEMJPJ$(Zh6o0ZXaxpM4=m0TLr2qp1
X6JJaJ%F}Q87th&pt9!E@D}yxvf}Izk

literal 0
HcmV?d00001

diff --git a/shorewall6/images/hosts.gif b/shorewall6/images/hosts.gif
new file mode 100644
index 0000000000000000000000000000000000000000..ed415b16d5e17ad3de96b3669736f08fdb3b0c9a
GIT binary patch
literal 1067
zcmcK1|5KWE00;1AkMePTa`^3nu{>hVG#M_lAi!nA^HA|dh8-Cik(ai#IjhSqZ=pj)
zWs}WE_oSqV&p1?;P94M4@(WI;xUtSPZZW@&87Y-_`h&AwN7*0I>&N%q`<M4SJyXc#
zeUOMGB6b8pQI!8QDI$WR)oRPj%l&>oilHKrSZUko@9%fJ-9T6lL=|N1_W1ZXkZ5om
zUszZGa(zllicY61EiFBCh;Fml^m@J5>xG}$=ybYLsU%CaPNyR}I@WA9!{VVmNl6@7
zWR}U~K!$rf9)ck3cDvPTg>wDo=BC5pAj>d~MhnCm48xX}mw`+N3kZ|R<Z`)yST#C2
z3M3eZ!+~-FNHK{-s#2+eOb?_wpU(&OLXip-nE3pZ2pJA5oIr}FrV61<2ZR+sq7{q9
z6bc0v^#idQh?Hcx9!hbzSC`<hz=UDA%jJf}R*%OEL~0ZTHk;k)behfm1YrVVEi4-P
z=l^l|ufTl}sYF=Fp8q~Ug8WsLs_L3rbzOaf=KO`mdL+LIYi?=DyxiJai;z0>orW&r
zih-P8)6Np?tr|`r7)Xe>+^`ORKTM?tB0VHlT++3ngzF=-mN6>%j+1-m$BC)waJk%m
zYyRQld_48WZ8De3WJWJk_tI#V_Z)LuD`QqVGdMV~+eZ?_(SlGIl`&uts7P;DAx+}2
zZU#*p6_z?k%$z^?ij2iT(;C&4bYXkXpmDAd(w=&5kyq!wd4YHA=O;&rtXA%8nhe8`
zH@JaU4V&7|bWWq3OjsL#J#L~ispZ(~@sUf8D>g!0IGVU}{}O3Pv}7Jc-c$>xU``^=
zvZMZII_QNnuD&^xy{%eH8}3`ukg^TCyX?$!<CXJJC}{3fNtKa7_Q~C&?~}fWoS2y$
z*?Q}C8~e=76X$HpXzS@Tf1bgzVQH6Kv*sbHKkva$dMIBH?wp?Q`TTBq9z*@<;%HrS
zf-;KZTQd?_PhK_fHy6X}KYqw|w%2!jRKkiqIc44Q1r!+H=t~}Bhr0D`$#pONpxE}_
z?H(o{AHG`hOVxA;@7J?+7t_D$nxrYiZYn0L@6W8#av!`~eG(?H?uGDvJ2;!8f(4gW
z5D*xKRLqWSFTcEUAxHb=qXsHba==V|RDttOOlptstUtbZ0&F~f=kPv7OiX^1rgsg?
zik(|)PUlBw#5}+LQ(Ew|yI}$QnToF30L5;$Ao2)TU~H*FR?{vADS8VJFdvlJNQ{td
zK`1}BELQhzZlWMO^6%hN;WZS|DZ_JrG?-$tIc{UjSrvQ9sDDwnA8~$Y-Y~Tn>7+-H
hGKM*nz-7!{6H#pL#Zx@%R~v=Q-@miCWEl)3`Cl^B4OIXD

literal 0
HcmV?d00001

diff --git a/shorewall6/images/icon.gif b/shorewall6/images/icon.gif
new file mode 100644
index 0000000000000000000000000000000000000000..65810aa3483c9d3b2abb22fa47220662d75a77e3
GIT binary patch
literal 2403
zcmV-p37qyvNk%w1VK4wN0OtSz0|EppY%o`YPRgbl@VXQY84v2d9u_nr#?Z|cN*><g
z;8I2of_4@fRwC%?>ejL<W}b#ZYCN)v4mDLa@$&J)o*sURlvQj*af4ubdLGiMHZocs
zHa;S_z{*NiN;^h299ko8a8i<ykD#-wlACu{drSKI`Wh-7j*fB*5)3+CDz2K2W@KYD
zMmQ!iCTePEPhCc4b~ZL54seuQOL#~rW-ObUoL)*6K4u=uwtfu`4Krac(b3T>IVV<j
zOm1;)6Co8US|%b(D2}R%hI(RVP97*oLozNdhMsORcwByhUa7ObB33O;T~_Aau3DCQ
zJz_p!Zd5UAGD2}ZYMP4v{{Fzexh!5tc7=CFRxYTDK5BZBRze<1P&yqu9(t^n2nq?#
z!mcP(I&OStPG&C7*xDW*9;v9OVR}u9nszc;B9Wl1CtfK{YEvQ_AUJF`V1!muYg1-*
zS6*UUK3zsMUOOg7DzdV&MrK+jJ|>2eZlR`^e4dtWdsa14Mk-DwHbON<aY1s9W*$8@
zAz>&dDk(j4I@i|N@9ytaa#XImu7QnkHCi=}mXh477bambLS#B7KtN4pKm`T{+1%T3
zdUQ@!PG5anXNy;2c36IXCc3JQSY%Fij&`fAt43Tt78e(amU8Ci=9+RAG-Nt9O-01U
z#ym_pPHIUsW-nTLW>8U3EI=$wa!@96QktTMb&6#sRw8|qW1y^{ijtOqg?B4SH$+oL
zMq5bs_V#{$eNSUmwvH|zG$o>*e#*$n9!4fRYd}6tMS6s4i<XIBa#%V#I);XZHd;aw
z5)w5`HCSv_dVWHtmO7rGoE|ndA0#1Oc1mV(XW!l5JY+PqwzYbGeobXbXoOlrVnaJ!
zJS|d2Do!(ad3ZfkMN4o+LR&p9HaaawC}3@1LrgX+S~FQzSRX4VD^xH@YD6j~DnCL$
zJ!U<Yein+FqAXuAK5jLKmZ>OWCml^O!j29;QZ8zehPb-EGC?kic0wplK8cNoLuN%B
zR4)n!2r)7*A^s3SWN%_+AW3auXJt}lVPts#EC2ui05AYB000R70ILWbNU)&6g9sBU
zT*$DY!-o(fN}LE05e14E37V*7$^=3a6fR~|Xu^gw6Cf#AR4J;Z$dL)}+;ecqlubSe
z%7}8{01-@u)vAf2WNHM2Bu~Dy6!r3_!8><E)wJiz)fWgnDLHV8FsRgDd#KD>(xHPp
z3knqGQt&GmMW{UD#apu_9v^q{%5JS<B9{XMp7!j+LrmN*XKp3lsdi|t+$Bp8C=jK<
ziiJj4O5IX*Dvq2;W1d~AwKw8osiy8NxkpJ<nGu~94T6P&6C-rBxW&<@Y96UElpf}q
zMa$WoI|{1Z@#Jal7&}JNN$Rz%m^WO07TF=CZ44cD*M9yzH1(kkCl8Hqonoa72DChu
z@Ezy@s8^FQrK~4n7p#poBidXti$@LFphFKnWP(L|J>WwQIX#ebLNEB7aDXyCJTt}w
zB~UX#F{BvbLlf3Cm5>R#_>;mn%M3F?3m*W|Ll^jba84dx^is+R(3~Sl1i`Q)Mk0QY
z@=ZG9Oykfr=72&69b>R^iZZtV(gh64obm@d=qNJ@0HC-Kgdy<MfKEEdTq4Ob;x%N#
zG{&58i#6P!altK_$ngywWx^ALE#??wP60L4AjLcEeA0>#P-t@pfmJvl3>Ky|g;Flz
z=x|Cm6G#F}6nI3Tj3I$Yk&Zm#<kL(D$*@sq4gT_^!p=8G?(>o<LP!zEGK)yF#~DBD
zv&t%Nu&{y$<)9G)JHuS_jUkY{ArC9OJfMXe6UZYEA&;;D4?pkFF^(t$-Qfj0Py}-g
z6rsHG$q%Jiazs9xZ~_Y_wWM=R8<6Y(2OA)KU_}^+907zBAP`c+4(!xX0wd!bG7thO
zOi%|J*(4H57T;VGP9fxY!|O7YV1dCHX-ERk4yp7qOfDc<1BMrD5aMbbjHD7wCRPkY
z$s`55!Ob^`pplLs!~Am&3#*K=$1EevGRqKS$dQUXJ3vDTN>zxWP6{9-Oo$=ukRkvb
zhzXR7F#vcG>l@U}kOm9=2muHX$Z!J-{tQT5vco%i?C^#-EcC@!6|4C3M=CYH0mlxP
zOn`+?0wHij0q+E`0~;l%-~}+ioREwUaTK#iF=&+V4kqcq!vP9aBxZs+I(X5KArZ^~
z#XJ!NlH@?S+@V7p+on=NEPvzy1~kfG@c}AhEP_EcOc;Vj1_Nkeg-0ehQG^UJBmf5*
z6X<h=A#m){ra%<@Q@{@L7(z`ALg-My3H-pqN-MjNzzhvRXaE@;K>z}9K}jaafg>DI
zfqG!#8#M4k320D)M4SOqCinpugisDcydf2Ym`5sn-~(i60~Jy5g%ai`4;&DX02;8u
zFRZbE0uF!~eYik0PJxROfCCEtwju~6py7{RK%o^Y>jx8tREKOV;~KJn#0<VMg$*#E
z9TFHtFDA4AdN2SS(ddIM(7}#4u)`ZhkOsL1VuEfYV;7~64m!k8hY5TG7o~uO9Qc8b
zMW{dkn83sacCZ0?Bme|E5XU?&k&OxT10LnL#x~jz2@hP5jXYQfC@{2xI@BQo*tmuf
z#vqAZ1cM2gD1i@TQG!%}pax+JKrCX>M|4cVH+PJ~IGP}gAC!hKmH<N{QXz#B(BT`U
zpo6nM!H7$&3=I^7pTa;80Qy}43fG9lHnxEdR-E7*$pC{t=CDSAm_P*TP{t*KfC)7a
zVn`Uc1}?sFfplbJ2UGr#LJbH3f^A7*2gpz+5DGAff_@1A04QiTC^rxatfL1f0D?ET
z@s1s6V;4RcM<y=7ggU?@9c+*S!1}SU0{}q>U^r+(!H^7Sgku%mutH*h2MUA&Af+h)
z#yseNjB(WB0^fjwAsE31Lj>Uw{dh(JY`VOcvY-|saK;^eaR>)MY9NUChYrk8(}e0^
z9@|g>KVAV;5J&+Eq!7XZyg<-Nq(B|(=*Ag-F%3~z<f;cT!6BsT2^PE{9FrJC9oE$c
ze7N9#_yB@G5(=hu=;97M5CzO4f|9-<LMlqb#Wv#L0+k{Z3}DcKF^*vhtKyX+D6s)T
z4Z2mX>OdVV*gA&|?jefP!h{E4SnUyXafW+%!UlJs#9g^k5EFP}4y*WqGirM&+Y(o8
VqNwXkpG)29TKBrxeQrPi06Q#kxK#iE

literal 0
HcmV?d00001

diff --git a/shorewall6/images/interfaces.gif b/shorewall6/images/interfaces.gif
new file mode 100644
index 0000000000000000000000000000000000000000..8932c3fd00524524abc68c93057d676f180102d7
GIT binary patch
literal 362
zcmZ?wbhEHbG+;1bc+9{sbLLEi4w?V||1&T!+~3>%OW1+o|NpeKG|}G-{~yKx#nFJ`
zPZmZ727U$|pn9MQ1`G@=|2~}bT)o%g_1WG36Eyl#GUsKiT9@;Bp9Vv9Lk?@jy7x8j
zpKtYcFwha|-2X(sLfT@!zf5A3f&|AY#S(`#vV2nyh-od2+IUm<9QU%0<LBP^Z+OeJ
zFR>!#T`>EM$|@Uow^qxNfHJ2lW}BXB%epx8mZ^RHRvrFjxp_7DJ=T-T&FA;`wwKl~
zNu1^}eWBIjxxx!lQYX$>*|~a)(6&Ge4vw80JtsHTF$N!P@;Z^X&hm`Ka_fwY)lQyQ
z4kTX>a$sPc(z@RIQj67%M^8>}pKtpn+wA?pk2arIbNJr>QDpjKtI>D<1Y3XB|BO<B
zix(bl7kI5J!l>YQv|G$L>5fHWQb(_ZlylRRiUK#bezo9LF()@IJw4qZ`P32tMh0sD
DyML%S

literal 0
HcmV?d00001

diff --git a/shorewall6/images/masq.gif b/shorewall6/images/masq.gif
new file mode 100644
index 0000000000000000000000000000000000000000..b77574b0f4d83f4ff87cd29bd12e3771ce12b712
GIT binary patch
literal 1535
zcmds$c~jB}06>2rry_@-l9Hi<{=f?wEIh`6KtN4HZ4(O%lug&HL2Y)O$;_)nozzJ4
z+!pd!8#S}E8QZ4760g-k)7C95)OEJCrdIPTv#qbO?~nHh-V=w3xB*HQzykgTfG=OZ
ztgWr3r>AdiZKbBBCMG6sZ*PD6_%S9X1^|Hg`1ntsK3%wQK_-)pj*jl^>||tQSX*1S
zw6xUJ)HpdgSy@@RySonz41E6l+1c4SEiJ9SzW&v#SGKmcY&JVKHuk}T2e)qBij0iJ
z<MB`^G&?){?%lhSlaotJOPiaUr%#`L{ra`RV1UEnd3kv}9?#d;x2mctA|m3*ks~A$
zDL6Qo!{N-%&gSIgn9b(U(9rAGuUjmZ@bK{b{QQlLjmE}C7Z;bZvN9A3b@}pTkx1m}
z=?Q}1)YMdFW~NT3gFqn9pFijG`A8&kWMqU$B%;x1J3BiZ4(I0PcJk!O@$qpwoh}xO
zDHIBoN)-qM3<jg3qQcM5@6e$`SFc`OU0r?j=uvfbwO+3u8ykD`=FPo(_Yeq#R4Nq;
zg-j;%?Af!=o;_14mFw&45{V=_Iyx{gFeN3$-``)MP#iyg{KbnGK|w)|j*c`MjX)r{
zy1M%K_*}bot*57lOeQxsHye${4<A0%)z!)6axRx^V`HOMt52Lbv2Wi#EEe0=*4EV2
zG(A0CTwJ_&@7{obfX>cN2M33&tgJI<&fLF$e|~<xx3~B0+qVk~3keAcm6er?i;FWe
zGa(@%rKP1qLqlF(UbVHgQBhIv-@i{vN{Wk%+rNMR^78V-hY!2EyIWgZlarG*8cjz>
z2Mh*VSy?%D>{xkuIR=Ay_wJoarJ9(S_}a<;64xyl<ZI}F_cwie0zmBm5EMmnTW2gl
z5t#?c3jO0E8#pFc(&Yv~;TYMB=3gKmiY9qmBwA_#40Ps#@hcEmCE87*2wO42tU)hX
zu6hnKT0+Jf3Tyd~5m;o7Zv(5FF^qKy$(5$E3N?htuu7J34OT*eA8yw%D?$rlZbvyC
zmK&}{N0!G92QM&ToM@@sNW}ueXp2^F|E@1El_7&gtJC$mi{*Quc{J34*g<@a5FoMp
z$cqFTpw+2vs)o!C2kW^1H0b(>SgD<m5x^^Xii^E;fPLWm6nn2YX(EGByJq(0D^l|q
za84M(M3nzIp}Z68>lKFO)*IGe`i4aBWbqjVPc(jtzT2b%t%+=kEvbM=J&cYR5K|W*
z5FYH`Kp$2joZ6d>0%&Ts&VmeVALk=!x+kU!U=JkM*_7@uiy_6#J#|(K9TO;|VYV5U
zsTp+IO+s9m<ay$aqTSWSvb>{c15XM4F-2(JorS4FhDXTt11_vx#v-^V%PbD{FicwE
zthNaKQq=YpfU3q5BpIOIb&y(!QRc~UQ^=>Jix$P8w1}#e*vP@YLI}}2gW`_kXmj03
zwlR=XK3RC>sd6q9opeQ_<x%a=>)rC)<Ucf6+uK6>T9OC5{-9N=b%{{%rfM9}_Em~$
zRk8{5u9uA->LF1YIXV<mqe@)j(VsAjL+d~_9>G9$hqX7zU@+Rx_`im*zo_Db?K)W#
z9W55l^N|rcV;@A{py#!-WviFKb4q%VeK}{XAJl4GO?#R!^g&T`O}=}03@H(f0A^TV
z_^;$b2osEC+lg<s-Wg_kZgS0CU{?mdzoX(iGrgB?u?B1^<}Lw00XhM+DCI^vztf=2
zg?9}?iQdVr{v*Q(g3^i7W)xB>zs(0%jGgO<E-@p~bCskV*YkK3S1*j%73F!j)CY}O
P7Ejp}r;i9A5FqG3X*KoV

literal 0
HcmV?d00001

diff --git a/shorewall6/images/nat.gif b/shorewall6/images/nat.gif
new file mode 100644
index 0000000000000000000000000000000000000000..8dcca0c49f13fedcc9ed406c67f0573b88f28499
GIT binary patch
literal 1481
zcmciB{ZkZm00!{m<p2-nLO=>c@QxP~iB7y2CAEMPdC4n~4548(qv${~(vxoL@D4<~
z^ny!Qxpak%Idy+nWSv==9cM?^n+-NvakGs!yV0xG+{T;Qm>axlzC`~-pP!$fo_U__
zHB}oo?KP+js)s67v<=(prOT+WlNOy^$SDFcAd^y<3IU7798Cbb-7+v>N$~|`S(22<
zE|l}~@>>{}?&VR;<MCKMOaSJB5M-CakwOpEO$a_-g5d#<#c@%tVnH_*2t`045fTKJ
zBuPe6C>qndNtPuM#8v90EdpSJp>SAHB7h*^28`!8T9SgrK0)iEAR*M%)lAbkhC-1@
zB%4rpIZV^U5*sTA0s@M9x&)xLV-1Y5l?w4Zk4m7F3JW}A=apbENK>d8VZs1FL6C`s
zmUz8ho2@yH01QLoIKnBQmXusVm?9BT<RHkYaT0EKH;SSV8`OI_Ego)V!&Ou$5C$wu
zAqc{8+&};{aDb-iQi!%#Ea_xKQ9>F!9s$560#OuMmWCjRVHi6jwPKu}its#x1tTR0
zZ?jo^K6fAxFjF!d1fBp81dgI806?4_t3sF*B+$*sB<X7<M7P_fAtE^L^$1EczmybQ
zv}nQk^Z`PYL%0m|cqkoLP@mf^Mzkc5BuSQK0!OyO3`L<;^im0d6j(rfZX2g)ow!|y
zz%b0RY#<=A3`qu+cW~ZH3VIKnNk$lkD4~Jb$7bVlD+kQ9f=B?vAiJ$q6nR++DvIK9
zTU`U)6p13Ri>6Ut0TnP)ODjCjnn}qn0xc1?b0Ll;!r^c*DEWL#Q?X%~*X>@~3D8pj
z7el39h9Z4&b{zG22;8?7W>a8M>m(NcN4h7mQ7YA<sz|luzfY(VfNF7BR`r#Un|%qX
zg>Np5r(QHC<<>T~`?-u9t2Bmhn8+<R$DA?tSMy&@_wJ8#Zk|>~rXa)aEkir+A2*yW
zxX_8V^(BlHS;l_$4<Gon-qCb#PJd(!D%d^MnY^RjpO9%>95^)1ynDBQ**aCVH}iv-
zBUjs_lGgt@&Sm17mZTfs#a65{Y>u@$6AnN4rq?=Fy?bZ;=~JgaiN`LN<^JV=-YOW)
zGner;b8m4=D?M{ux(#jUg%_^1z4yiO7GKqlgD+I(<kvPmIqcQxPF_(9P|y8ccngG_
zKVfZa&iK5dbnSFQ-cUiZrA)KzkZaDJ^Yv=oV8XV{;fCBMa8ArCc;COJ(ZA=TH1y?c
zb#xwGzP#_%nEl2%Rl9De^5nLcW}Vady8cmzDRb;7wDzg$d55!oV*MR;N>b_#Lr>FS
z`SvWM!@0Jy^A;1g(l*~v_@Sx0VPD;x<Mj4*kMSRBW)k`{IyUZL_^#~lf4`Gn6FXcn
zXtJ7q9W*iYV1|96+?7*ke01#Tt2K8|oT{%K{wyYO`hc^TR7LrUUvE6}t!XkXRXR&P
zTcSRrnO@yjj=Z*MxjNoaa<oJJXf*!(ik|L=<!i40_}c|_)ZUAx+gW};d@Q=~l4&xl
zzi(9IaK?POXV(L@kxZgzi_0%fOIe1z*<0yl>GO$(ONsu%j^f07_p1xIB9l{}G$nWB
zeA4*K(Tw=0s9O_L*>xJ@?7<tVxI~Ai6X)jnM8nSHj=_oYgMU1}X6U(Nf!!bf^jvXT
ztfMY@Ro<xzO}2mKcnRAxdvh}3P_*m%KZSiUNefzIA32$JuJY#OLe!edEvru)&?dj}
z=<L4B&rC2``9-6_nib=t8eQFtu0F40wti^&=90IMt;!#HP?^{JO3~jl@#<LBi~j<G
COjsTO

literal 0
HcmV?d00001

diff --git a/shorewall6/images/params.gif b/shorewall6/images/params.gif
new file mode 100755
index 0000000000000000000000000000000000000000..3c3e84ca9c78b26b4ec907e9ea9549f018e8333a
GIT binary patch
literal 306
zcmZ?wbhEHbG+;1bc+9}?|NsA0t5$`EhFV%$GB7Y4KYm<RR<@|9=<(yneSLjESu~*d
zlZBCsfuBJKs2FI10Rsce{SPNSSMRlWeRlWxMg<-g!w$!fYl9W16!1v1A1XSb{l2I+
znS(iB!kDFQszM>BwUVmSvMX&i9_yJ^k~BSRxj2OaOT7i=ihd6GApHJ<nCyG=GilqL
zU$O7^&beb$Aj{~SB3aa^(^4$mVc6s^6KLHwQHIrJn*3y=vRS>!^QAZ%<}Om0W5iaq
zTqMhR_1Z%3jhohaGq2e;!-ajD*iz#O+iF(r+Rxvee?n}%;k+}#eX9E|id<$neB#Ef
x{j7`+9x@)k_Vn5F{hUg#U%$A)^3M5V&$IWRt-l-nG<@;u&D$4D)4CZLtO4gyi;DmN

literal 0
HcmV?d00001

diff --git a/shorewall6/images/policy.gif b/shorewall6/images/policy.gif
new file mode 100644
index 0000000000000000000000000000000000000000..b4d025034f238791addb419bfe7f477b9a677801
GIT binary patch
literal 372
zcmV-)0gL`eNk%w1VK4wN0KxzO|NsBY%*>gYnPz5Y|Nj90|NsC0|NsC0A^8LW3IGQH
zEC2ui05AYB000C2c)HyFFtR|al{h!SySITRIzwrmo^UPI^iWvH9_P@(ip=T_|IWFE
zsdMlJe-fRNbi);&$jI{8;|z+jkdX?RLR|sD^_lI)fM06(s$KQYGoNyu-liR`9IoA3
z%h7puBP?Qrh8c8+iZ6wWj)Y^6j){_oH6@jX10a!^cs`e%o^L{%7MP=W3?)3MhcJ6i
zcX?QIMuB=zx2kGiJY`c}T)jcUzd*-mfN{#ny2UOH1k=;ZT)=v5wL8Edw79v$g8?;y
zsT1Dkh~?@r>FqI%@bRMajP;qa*%R{PTV-#4^&4Ra;IbS8HOS#Z#-PAWSRy*v6HQAl
zhx{N)wD>ygSDzyo32^`k@?$fSzW5OVXs`~nXD?@bK*<taHdt9?^|7Ji-9&SXN~G}S
SMqP~*DeSEZ<w_}r1OPj47`Ai(

literal 0
HcmV?d00001

diff --git a/shorewall6/images/providers.gif b/shorewall6/images/providers.gif
new file mode 100644
index 0000000000000000000000000000000000000000..d9e6090f7f331a56f080c263ccbc5441208adaeb
GIT binary patch
literal 315
zcmV-B0mS}CNk%w1VK4wN0KxzO|NsBY%*+4)0GXMY`V&A=QTqS@00000A^8LW00000
zEC2ui05AYB000C22)f+<Fv>tHmCai0g7{#-EgtxZBWa!~P?~7_hVm-J>CEOfKI*sH
z%E!@EWJY3Z$(#%V&*-Hnl`0?5Y;_vZdY{(}bU-eHF%+|z+ibfX<agXn0L<HWCSjjv
z_EUR-19F3Oc7=F|O?7`Qjev)QZ;Xn5l@NiMdy#IBj+dV!YNMoP3Z<x*si&!}rEd?O
z5Pb!;wzs&sy1TcWunV#c1-`$;7{kF!$qUG!oz4%<#lX-G($mHg*VD@i+r`}g-`FYR
zZAoFw*-b#{-s?>59Ompj^YBaZ$M`}p_u*ZV{HsPT8owV~&OpFL5KY1?VQc~HFlH1R
NYX=L)s+0i$06VmQlaBxZ

literal 0
HcmV?d00001

diff --git a/shorewall6/images/proxyndp.gif b/shorewall6/images/proxyndp.gif
new file mode 100644
index 0000000000000000000000000000000000000000..d7f9810538dee86cd3e274272453ef7d193604d5
GIT binary patch
literal 311
zcmV-70m%MGNk%w1VK4wN0HFW?|NsAHW@ee0nas@0A^8LW00000EC2ui05AYB00091
zgpaAq?GK}zwAzdF4Iy!^d|d-Z9|E3-ScWYyy6qg7s&~Kc8pC6+L-iPfB1d3&1%0Gp
zqBw{ilRzhvu`~#x17iT`t2wh&A{VS=jjg=J_FRn1+qj1=&duw)^nNq3mnS!;GxLWK
zm>4Bcs8+@^qu4cAw4nAQCgLL*2&SPRN$L3s$SFwbCaQ|c+UoiW8!J02p^0@PBxKvP
ztBV`v%SQKm^_wFclIx+Ibmd$@_6Q@*G6)e}jETb`I9lgmC@qAycx(5=tgCgl1D?sE
zrTSLxXIbS4FdvFmW53d_N>LbFHt;FaXKJ8|g7CftOcV<tCt0EdMl{7`mOKecv^skH
J2ogd806PSkiG2V7

literal 0
HcmV?d00001

diff --git a/shorewall6/images/routestopped.gif b/shorewall6/images/routestopped.gif
new file mode 100644
index 0000000000000000000000000000000000000000..0cbd21e63e73e45f969388b313dc30b76b1392fb
GIT binary patch
literal 1939
zcmb`G|5Fop8poHYG5CeX01;wJA<%#kV+4yzEyUmih>-CDhni9kV+j})DSEVL)q@Bj
z5<rMTHFYu?H3yXAXsW4lmcxh<qHJ;1t+&_i!ADtTud}0DZ%emx;d1}Oy?%UVo|*T&
zp7)cRuimh6w*pc?&mkzli3o57NSeywaJXD9uh;AI`7jJ42tbk~w#x_$BvikLq9~`+
zNxEFXY@unI@_Lv6%rFe$aG)6~+6N=D3{ZO<0Kl>=qE>^pHU>jb7{;q=V39N!3}Sk{
z+wG=E66OdfpP#~UI8KV0OsK9T5D~`^Bn1b8Gz}~kzu(W`7_i$12M0;d5KB=s3}ePx
zSR!K?h9=4W-d;qjLo+pjKmgdC6hV@`9+)E}EN!S-!_qX0q6|d^I6`=l5F9sCgWe#^
z5>6K)m3urMG)oP0g@oP70D!4WaD#DZXo$sd21aNUL*$th07O?8XtrYr0@}K$K_44Z
zp)=w*P6uG3%ZUU6s62}ft<W^4HIQyMrZ<6_T1=&70YI{}xUmY6$Wd(xER+z<UEqir
z(ddvkDQ>D|FdUAMk`5>3bR!7T-`@|K+c1ru3E2|K5osD>w+BOF&CN7L;=7EfN`pw!
zh)|3nKjraaC3+e`NS7N;Q?WQsb~%Bu3g(Cqm5wDTU~WUCnM9kNbh=OkL1kH}T1Wc>
zaD)ig=mT6~kfI2CSCD2H9Kez^M4knXG$V0xe3yxI^}-PnqSg$mYUz+tyA#uvAR;-c
z(lLMtGAt@rQ8*yl9EeEP>vppQiR+E1Mh8r_m|DluOn@UGLO7f(MF%*dARA->0WT6U
z7=YtsxWNR64o%TiXeg8db2HK9pa%V*<_K=ALE>bHGy_QsHOJ0`x*?H+;}+27Al<z*
zMX@*l#u`kkM?`6J|5p-znIE<YnuAiI5dZrLh!=$B!o_(57jB*4MaoJ?2QJ=j;wOqW
zd6UPTw&*qbn|ae+4z6H%O;I@qT5Etbf})c(qwOi4h`J?vtG~URG-By{)RX=kKAkf<
z!=A2_-g>XHU`f8`OwYYP$vd;68_eAg{ur206dKHXzjG#^d^^^5x+h+q+iV%3_xAkb
z%c_f-R_yiowrl*AJsh%VMsvNc(0XSkE&TCSe#hYb8^7N-<@?=Y+W}ch>tjpz#K<&x
z?UnAz`^j(2V4X1=uYMA#W1ro)7Jlo>Q(<i>v-Gojyp_|UUyG7o^tWZ(7LXYg4`qY=
zx4uuD{I||uxPE=>&9mO3^PO||Q=jl=AO7vqiQuW@?|!mw_NA>NX7<oT#M7k1=j%>?
zm71TBdHChz&a2(9ZnHwEv_<V{tn&+bmf_FC)0MlGrnz;y?^eWH%P#V?{CT$<mwUtN
z62y)vL9!T|uxy2jIiuNkVm@pt3%i_P=6~^`T9a|$5nmm-qG2jeyiqLiC913!=5h1)
zCz{vnv?g$5_exa-%U5~x+8Ye34~?#DfvW3yw!SmI#fJIS$Qnt5q%mrzwYoJtiCLyx
zf5kfR-I-0|q>H+HF$tU`k#SjW{hC=pop!4=ek}hh>*Rv9@g)YcpxatERvBG9<Jtj5
zogCp+-)LBR&b)MOBTsq$Q9bV%{~_;-;K-w?%NZNW1HfHce#pivRBkH~B(x9e-j)<3
zoLw%N4cqI8%^P^Os`T%sY2~LGSC*#VR4L+C-HsV7zSJYw)8y)}Nin~3Jm3EODra|3
z<jUbpiI1B#*--d(lSBEVJoC@Jsn+s%vvqa(vY+bQ3%)r!l2)#GwPdm0s%X{yAhwU?
z=dWW6wWC?X7kI5@;?8hw-@gpo7jKLAb8`6gvh986?I(58>)(%Qj#*!h^W!sgKkSf-
zkM8psIt(LR8#G+U!w)}hjTjpKydhn(g)V?PuIIPdSJ=G8V>ywpL8aYV*04|_b}cIE
z6HB<2PbMY4_ybPQ7~lQk=GmZjL-=^VlA0>Mx1i8kHZP*_ol7mku>IxZ3L&Vut5cj2
z)a)_W|L5b#W2x$vC}FB9uRAC2=|9V)Wdr`0eSaOv-FURUM7)9*d0EXJjq3We*ziq>
ztg;|BS6K02*-u+H%rAZQwbHcX#FC2g_s|^`RpZl-i}F(x1!40?po_}z?q#<94;DOs
zbNh)xHG0kzrGTOqrd(DlVv626+D+teJELza*DAwupTL_(71{Vl#K#Z+@U7YM^Wwzo
ze}S;Qc^h6=zd56vK62{S2dgxb*(viU67KMt#FLWFUppEPK1kfULZE~ePE4NQZ#Jh}
zevW?r@|pSlkJNm9-n?^Lwk$k6w=HLtI>#{;+jKDdmpc(3#AILkQ5oipedFN3dg0bH
z7aF%$g5Ub4T9WVANB32#(}(l?X_-%(3vOyQ5525Uzy7MV`sk(PBORMo_x>h6`$E{#
qMZ<Tq*e_4b&4$HNJKDKXPur~pNs@*1d#X&jqrK(BEgTN??tcMS>ILus

literal 0
HcmV?d00001

diff --git a/shorewall6/images/rules.gif b/shorewall6/images/rules.gif
new file mode 100644
index 0000000000000000000000000000000000000000..650a15379bd59079f5b03223c3ae11d5cc541764
GIT binary patch
literal 2918
zcmWlak3Z9iAICp?Z^ni-%r-w_ekP43zqQkhYzYZTPL3(RQlS#A(>9D)Yvfl-jpWpI
zLM6%h&iqKqH6^K}&DACSqASt&&V7Aff5GeVd_7*T7iW{dhi4oEVIZ#&Bp6`&ELOBH
zGA-P%6Cjr5k_*rkgg)lBs>>fErDHw-e0dQhXJZ-w$|C&#;|-DSbb%keJypNJ8s_dh
zba|nF%}tyHXxL_P?d;K)KX06_h6}b310Y%n)d0LT77dor7D||(j5!1_3h<jN^f!uL
z6k^N0$rsEZjBfq=P<_uH+?zITXN3Q0SB>smw*oRW14scn9icP9aDI}<vo)$EV?Oo>
z&pAN03ETr16A+t>F;B}Jd&AMP4frm5Ot7ul+2VaXfIpk}cDI++=tF@%^klF3^wfKH
zz_!5^bBGLWCHrS)x;uIJvEqQ?y_#1!o}reeDFB}U@(IwG;@Ax!1ZX6~K<kN`D0-O{
z%v{p1T?rk{;+c;9O>C`^!`PWlVW~cJ@6<W3k85{;moIPZ=6Yti7=Ieh?92#mHioep
zo{SeVd6qX1kn3ofxdO(EOxs*wb|6HNfUb*M{c@RSW{e2n1OeIr+5*wa!)BH4Yd*-M
zS{*dTq|8(zbo1~{_Ll9T>;ZtY09UGVGGhWSx!DhNRW%Uc5`f}+`0$}S6rlEK!pu<2
z`zzYz!K{&^wmE3H8wLpkm@3CNld&x<<JL6uV|e%nVDhj=Mu1mNRKRciq|pS7ESOrn
z*}XG&T_pidnm~UbrVJ0)EI}6OHFC(I_aJ4*GMNYLOgec&64L4oGXR4Lw6k<GMP|%+
zDt083e8mes^k#hh?@$ff{#BjF^~QodcxbhSyV2-Be%{ryjr<fq$-|_0Ilk}M(#hMx
z-?g=Qo$YZ4i*_?mNHQee_LrjU9*Wi`EHkgkxkQKR2=C<J4XSdBhUGNza0(CY0B5W<
zo>zr82iX2KzVq4GFZ%#m_B++Av&>v}8%^l<2SsJhln}($pa3WasK>*hs7-Bt*e+RK
z3d?0UmnAz8HQnU$G!rT~HZ{E9eO#}52^w@{S^w_>qP2u<u4s$r$b9m83Ha!iyC-nw
z19qNi7zIizo8Nhm?Jf(`&EDCGTylDV5`^v`H_@9I>K+mGh>Lz={w_+kxo)|gfUx<7
z{-=YL)1!9~8b?U|wxg33cQGGx^&M|sis%x->pi`$6+@<TBny8$HCVZ&nP%7H(j$J-
zTp8fR6t5bzq;Z+UAN&d(pOvOc59aol4Zqu}NihG$P`{Sdx@`_}nNk$+`(;gCANmwG
z65Z&Zy%vZ6e4MIV?6li0Wmo-0`A&x;3q>53)Wb)@HKxX9S|utt-2~*Vy69Jxna}8~
z^J%0i%X_jiN*<`c+h@FgNBE@8)yE@oc}wx>@e_HP-?z6_EZAKMDzV-rE-gJ6Tzug`
zSvU2^&)m~ay8eF)?wF6r*2$55q!5-6->Htp5ZjPC6SSYfapYDt>-2%Lj*5+e&Rf}e
zG>qR%{!aGdp?s6+Y!xM^JsS89`=)I|eZ9l|S%uU<8v}|^$>Oirq-5c2T$8Si=sA-4
zlO^qE4&Sk9|NGj*AZ?FPEfhwoMmuK=N1XCd+UPZ)eT<Yi^6PA3PkM-`z%0qPf)PrN
z%CL}Br6zOv9#bBV2PqMrWeK<^)rogcH#lXV$&M^Xjz!c?ywP;_tQ;>&jZfgPm}N<t
zY=10YBOY_q#`x9t9JOmWWr;SPeo-_<Mek(hJV26UvZ#4IT78|njkX!zkeoP^TtM-%
z6oeF;XN)AAIPmyb^-4;as?n5Y!}Yve(qK_iu(ehhA3<^DGXhOsUz44~&OZH%ORDyZ
z`)D<PWNwfTeg^_Dbdp6&KB03YNccQb>kjff+zzq5@J@(o<UgHXrAzT3HXWD?sXxQ4
zU9hr2kmxDPG!0Ta<p&#TNFG}6uItI>qj>fm4U_eWPc~v@Ve)M2s_4{u4r%srYz_)Q
z_kQrZJP()Yl+zwt`{KWxt4e<5d~#jr4(iBi%I#A%j(eET`)ngO-Wizda5fqx92qqv
ze{Fd(l{igJyu0+B9|u49LZT#Y=_?(%u;$96J}ZgeO;r7#!C$jPH+I+?zvtaGe?-f&
zvfI6=Z0>4gBQ~Vt-)=<MEacsud0Srb^@o>+2_&t}VFNc;u8s>Zs=B`zT9sjqg5?oT
z5){ta<bN?rTuK`|#x%sm>|pllSZUm{YXDsxu^c(RcJcF792}ky@G;X@g-a$KDt$J=
zGhcP@yQPH#0R=}FI9U7~KL3_)H$tjP$t)F5_*gg4`gOb+c}6O=!R-!qI``_y`oUhk
zDXy^kjI*?yp=o>rN0K#{l^&Y#(H1Bbuz`ibe@5`<277+!b0(pqLx`KkAMDklRa{`4
z*ISCv(m%G8Z+#vEsLhcI_`V6D%+vHN__Cqm3<FIqq0YfpT}s<a7snz6x4cDHcM7ZJ
za0Ef=z7s$VS719Y)7;MoQp9$jgPwe>UF1ZO7UP#EMZU(I40$P6Q^=ZD8ICO=OjYZE
zzdcQdBxPy8=#bP>WtM~@1+{lj!(mZwU*b_}Wop6Y1hO^bw9p$=dLq{W8rC<9tux?6
zV9csYuW;+PK6u4Ha>h=4Tuy41%^x=yAz&m(p?(B|V0Kxk$t?15IY$)7POEF)DD&vO
zv&AbepU1udlzTmg@6WaTQQ0DN>7F~D{<)sgry8IqlnQd@)n|WNLVV5JrIHAS`dlEj
zU-z37mD_}%9#&)Fa@_GCr5Y}_a3m@>y)?TpTs(p%M$oj~qW{8eQT4d_NeMfzokzVV
z3IpEOX(wNz=|<5Cn6lSJ*L@Og51rD|lB<iI#C4U=rsWoN*65xYi>5bxgdS^w*%A(9
zToZ?pB@;3ld>U1kSD#9Vx2_#v<GdD<b=rwKZY?O#OuCI~7|J80)}b~BiK4$lm0(R>
zsW+|rxk-s-LFsW~(#4+bM~CuOi7ip&7C~rSI{&(Noas+Wjj(@5#JlA6D~U?<IuV0l
z6Ki-XPF#rVU~$vN<c4ePE*tr$^RZ`SsEUxKi$tv6gKg7ONJW~DA-&{@?;xAR3V~on
z@<zvdqJwV&C?0-kMX@?O61!>7`j<800I^)hH?qJ8TZg6CS#}aV1oT{!i8TJnOxJ%%
zs0@SPUEs5#hbza7s*ZiLJ#RF;aGQjU6TQuNtZ{@02@W*vlp>*VMs=Ul!wZkJ#cOrE
zB72SbX+>C5mfp6(7W=Zf5_=?%=vXb+ZInw^j|y?uLweUm?Ln0*c$f&geAl9$6%kCC
z`6BB<GR6p>LPWv)*}e@+rDEM*fNE~*=itXIFd1dv>55!_##@n*k#cPs3;B`Cd{`AU
zb=zm(z}opa?QP|Y6ggw#lG!KuG4nHZ_&_;!RgzDM-P%V6!yy`_htvfznEhAWFZM8{
zBNFDnQ!8aEzWb+HLRgm-WwPj+yHF}*(m*d<uIa7SqkU7dsI$L0-z{EHT56qaosm>%
zZ#s-}@=%j+jQ2W!-YSlw_?q*Sx3O-sLJBF*RQ|h0?NL^$`}R0Yz0!xi4vHeBJY2jI
zUHD=oWtEEnWz8t`)ERlZ&t&RZ5>dn$lIiUJ+l#U%=4xv}$O)$o%Pci*qwxSD*wtmF
zfl~TuQ2BdJlb#XpXZc_GifE>PL<s9ypg&ZrZ6E9VJTVD-Yok<jYAD`J&F%FtR^d3W
ze|#}M=4Kj(S%ROsSQCnIlyRnX)~ka_SztM>O3_p0jOI<fyD2A6dxFltd~{7qrolb+
q$H1=G$KP0Nqe_XWacvjjK$3^|lvJ`>nnnCVWiMAd1cSjK>;DHnT(Q{z

literal 0
HcmV?d00001

diff --git a/shorewall6/images/shorewall6.conf.gif b/shorewall6/images/shorewall6.conf.gif
new file mode 100644
index 0000000000000000000000000000000000000000..e57b83c90b70c191f4e142a86a456a52438ac895
GIT binary patch
literal 478
zcmZ?wbhEHbG+;1bXklRZ|NsBYnKKy}7|x`notc^TKW*ljnKRD-!OS!NXBz)MV|-?&
z@tHHm@7}%pe<lqmnv|3TR7^Zj{Kw~;n3Aeco>`Ki;O^-gz@Ye(g%PA*2Sk8e!NB@Y
zL7^`tb6!RkTgHJty$9zuW}SY?{diB^cDtYp;(z8w9G=;s*0ML_RO-i_(Vx~uyb{e6
zb=&?RE4(|otJ+$2;}KTz&38XpYUZuZ4qS2OPw(vSZjCv<%1mud9fjdc%)LyVZl*!{
zOf0M{{S#&>wK22J)Xqtn*f58^XF>C-&PfbRj2z1?ooB6WV`p6HyQN}pa3B+B+sxX<
zAyN57bGW#<`m_AjrcBDuJ;-w|H={JnFuP?6C)c4{$3n~QuF_#Td+1c^zUly<+7COq
zxOmoIoNcM{=5fi_%?}^X+TGa6^1!-7U?Kw>=a;`fHY?rhO!&bfXIb2L;b;d>r~^0a
zbERz)l)UOsYVX|C=u{~6x3p#vJMZoe!(cxr^YppR>>93RGFENf49t8*c`}pNsfaoY
l2n2o+<v+EsEn;)l-BVjvUtgbaxJ%Z1+nSr3W1SfotO2S&y_x_3

literal 0
HcmV?d00001

diff --git a/shorewall6/images/smallicon.gif b/shorewall6/images/smallicon.gif
new file mode 100644
index 0000000000000000000000000000000000000000..0b631262a39ad3313a84ac25bac4a537e5cb223b
GIT binary patch
literal 1238
zcmV;{1S$JRNk%v~VHf}y0QUd@E@?2$)zfr<bum^wMqNv(si{J2Jvc`?TX#=AL^X18
zX@8cQQ*%eb#m8P?9qQ-e)6~*vXlXf3KAo$yLTo^nnU^MGD??;K#>vme$i_iaNj`E@
zb%$~xOC}m89E6dCLSIcnWJ47f7wqfmv$V2~e>*g0HM*HDii?d+X-D++^{ue1W_M5T
z@$e{ODev#_rmUp~2?$quN-jw`?d|UC?d(%&P%<_%BSa)BI4jD_$l2N2H$ySV$Hp2m
z8^OiDJykk6Qb09fG8Zry6e}MsSTsdrMI>M={{H?TG9>)`{5WSgG(j=?`uh0z_zx5i
zN^(Q?_V!3_L6M0cU2<8nqI*qMP)|`(DOfWI2nj!GI0Xa-PHIX^Y)4OIORKM};^N}T
z(a>jOF(N}EMOh$SbyD8m-YhFDBwr^|YEdvfGg)&wQe{U;YDhF(Fic!aae!h%UO^yT
zCQoxmEk83gVl=_R!KSXaJW@MIYD!&fVn9MaMPx^Wg@qeIArBi8rLMVfiE%M7FyG(a
zQD-<gMms)cLqBUeR&P|=+u0>pC!wODOKVAZnu#ndE}^NeC1NVa%FtSLQ9@iwK3+yW
zXFFSSNJUpeHf=OiY)dp}GEZYrELT29XGm;u9V$~ihlYnlT}3o!H77nV&C$~F^70%)
zBr-W1ELkn5siwBOxKM6Q=jiB8Y)fK!SSwaJLu^1;cTOWWB-`BFKw>>bSVC)iWF}QA
zVR|`RTw69~Gcsl`rI9@x8y#(mUnnmu{r&y>`}-|ODq(qD4-XI~JuNI^EC~$?HcmDP
z2?{@ELTGw%q^_a`1qQRUv^iirHa0fr=jY|+<)yW-FJLk%W-a5g7O0<yLt;rSE-l{Q
z-X>rvK5aTdTt|0!TeG{ZO>0a`ZAzP*oIFoB-r?aZUNM)Nm|JUIJ#9P{92GogJ55VW
zXmf2oTRp|Y#WOuGWpZG@!@q@)hIE5yaC&ZCaZYM|UV4Cg00000000000000000000
z0000000000EC2ui02lxm000R70FekBNU)&6g9sBQ1f~PnKwwT38U$8=#;h>pqScUS
z&>6XD8yc}<#j&6>438E}0Mr0Uuo@6lF<YS|p|ePL0Fes7Y#BUCn<jx6*5V)x0r%w5
zW2a{n5DA+Iv@!&uO`?hGklDh+Bms{kvPRKK0gKOoR$mUf%W)1!EjDr72vKup3?^zu
zE_`q(FVMFi?npRN(9RX23*0n`;U&w31zi-Vs6fK*Sr>cttR(Pek6sx`25y;qa6=KK
zI+eglL(<1b9Vouu9MHhwLm*eX#+6c1VaPTB6vD+r(qfMZV~22fxa4IX0(5Iii~x4+
zlnDl$pqLZ5$cHFRri8q$iZjm=nkm+*kUC+F1%ps?I5a_`B3lqCSc-H?Qzn)aT%M5O
zhXaIUQbY)pXaEKhz*LZf7RoTvO(uC%B7+Prpi#{&Tnz9EGKKt-ia>+BBMdF&AYwx%
z&m01P97mv1j0Z6^lZ*(^^dOKEA`sKeAD<WjhdN78(*Y63^l}9XD`a5C3l1@u2m}RO
zF#|U5Jdw^ZSwJI>8Bs)u5HLGz(TpGw<N}Hv(TFJ#Fsdw~jS|7QS<;<&mJ|>GJHp@U
Aw*UYD

literal 0
HcmV?d00001

diff --git a/shorewall6/images/tos.gif b/shorewall6/images/tos.gif
new file mode 100644
index 0000000000000000000000000000000000000000..ef4bad01b74768926600bcf3bb1ac118ed0d51f4
GIT binary patch
literal 402
zcmZ?wbhEHbG+;1bc+9}?|NsBc(9q+@kITx+GB7Z#TD7XLukZ2W$Cj3sMMXtGSu~*d
zPt>_6HL)Z$MWH;iBts!2BUQoO(>H)Y@h1x-&;SM<5CJlrf#sjT3D4DgEnc79{XapY
zFC}wc#;SEWulE(`oG+1Ot62BkNtK1U$spi_1k<5~jgxY$I9*RNeiTvSo9ev5>HyQK
z^DD%3-UMxX(75D)p30=$ZPT;fGP0B~B?Wn??Xmat7O8a-XYyne^KdHbsTM8iYVi~=
z$r6vA&@blB*jzJJtVx1xQNB~XY%7b{nm93bPumV(=J~7}MAxiaBvFu^!cjJ*ZTCL$
z13{dXet`>*9c9@iddiN~!T0z@AE)!T*Gl&UT$&apQ8L@&$lWIw9*Qozx7Vq8PUJO)
zJu~Y>R<O)qIHA12>y$--M2e~7g`8V0hMsu~6*~l)8#=e$U~Gs;6>61Nw=j|MFer35
osG~Ahfg!c&EIZ@QoD*|AH!nLo+oJf@os*lFpPw(R#K2$;0Ghd~aR2}S

literal 0
HcmV?d00001

diff --git a/shorewall6/images/tunnels.gif b/shorewall6/images/tunnels.gif
new file mode 100644
index 0000000000000000000000000000000000000000..9159a56e2689d8c702c3087b2f1d6d44aa3c6c0a
GIT binary patch
literal 1206
zcmd7P{ZpC+0KoBwhX+MOV(QSCB3Po}%N!XYa}1f{X^R}CGhG^<Q-?dJUYa>`h`^93
zzHOY6W2mJ@MvOI0w;7USQ|XD(GPUL@mb-bI=j<}0j<x=aKEHl{{HCSzS&5=}ARe#*
z00@E{4ktT1yQZc_tycH<_fJkv!Z7Ub@9%Uv<Kp6$mX?;6m&3!uT`t%9`g(D3aYjbQ
z#>NJN!5|We7z}1}bJJ`#OQq87?QN}A3&S2NmC9r?c|4w2EY8o*-`Uv_3WaXB8;0G3
zgM)NBoy}%zG@A1Aa;w!^S64?Okq86=pU=nPa9&<s6B83EmC9%|&d$y{of`sy0ES(K
zg@qoEr?a!uW}C07s%mIx$j!~wYK;noLZ{Oi42IFsQQPx2KM%w6F4rcXFEAL)HXFRY
zzNyvfgu?7+|4Wp=AOrxM17d*Z{(Ay=dnD(iO)|OSys}w!p`}&b*51+Cb+HS{4JMN>
zb)}-BAnqX~?c?6ISCZL`eq>S@D|D!Zha!IdMG~IHVMbn423;TPI}}YbaX==?B0pe7
zCF}d6lW2JI+@9~?1iFJ4@dLyNHqOk&k-oX+li;-)LDVyB$go9D_%Ba-Q@xdv8}Ubo
zs;uA<(YIGyA3y>u;pRTpfGk!vU^=z-kRmyp{z6FLhiTImeC4lp+WkoBVl(ayYI+X0
zNP*b9qOjxrWx<ML6Sb9C2L=2Dh2xmE^!ikJ5IU!OH`7AEWWU&T{r%Nrh|V;hl!Rem
zAO>rW&o_1BMV22=cpjauIMio>asq&Dko9+9@&!U*l&RDql3YE``fBD6he+D&rB<2l
zmW}cXpoTotg1rxko+gj7-?mT~s9W^~!#n#}6-YwJ(OwH8xu+FPI+#>^uM~~F|5=|0
zl@wglv=Az*@?Gghp5YT%nK*S%^~%(p#A)V%#<ka-eo+Z3%12-RHe`K<u^Au8KvV#=
zw&LmKBTWP~QO_?3-Ku^}g?97nL-AQbzJX*1+OPKM?JL#NSKHq`jTAVh<N*t5h=$gq
zcY?tE*fG*s#Ke$A9!1|GD%Fpx=fxCvkf;W<{*>b#*&Cl+8^abZio5rW^~j!#r;*i>
zkVg;r#@@`FdTBpMTWe1xroX2~L@k2go17}0IM0yQC`*_uS(B%GIXd0~xXz+>^gn;*
zcI?eneyaUlL}&&xPf}m*_}NeCx*Qj%;=a}<X<t@Kw6#?AJFZ7yIX0z}+wG~Gm-qzQ
zN+LBR`|)Am5`UWu^!Sg{yo+@`#lv#GLj!eT8&_JgNX<nWlYlNoUX%gWvZi~9i25ro
zniyh^aHAs#yWGK=>hZdVW;-ua96?za3;jUXKT|ehZ!pD1`a;~*v!(erM*NaOR_tN8
zkU68gJ%fEJFI5(Q2Az;naZ>A^#Yiz8I9iEJ{+etx-r`%D5Z@E%CzKGrLS6!K(4xlM
O<nuAxcUvJ4IQTD?Uti4t

literal 0
HcmV?d00001

diff --git a/shorewall6/images/up.gif b/shorewall6/images/up.gif
new file mode 100644
index 0000000000000000000000000000000000000000..23ff2fefb55f5e46e75e3e64bc02aa8a5a980b55
GIT binary patch
literal 103
zcmZ?wbhEHb6krfwSjfO|<j9etq9O(chX4QnEB@p2O-xBuD9<d(P;mG34Pa3G$->CR
zz|5cnQ~*>jz`($yHm83j+Xk+t8ue2@-yHSKKUb5aI^|I6w1Z7S?yvbaSO<SC-kc^Q
H&R`7yvK1qL

literal 0
HcmV?d00001

diff --git a/shorewall6/images/zones.gif b/shorewall6/images/zones.gif
new file mode 100644
index 0000000000000000000000000000000000000000..b672133d91991c293f29c12fecc3b6ea6faa9806
GIT binary patch
literal 1631
zcmeH`TTfaC0DunyMbvshYr$%#m3Fo<4v6(a8!rdNOQ}`bnbuYU%-Bj&;?%H>bxhAF
zT5Ks&<$)QdSV_hV!Lx>JWIYkoQzh+*(uPdh5hWd3wiva>scB%{{=we&y?$?B@>SJv
zi;6`IfB~!mK;Ef5m0E3dco9z!^N0MQt=igJy%Cm(rR(eKTU%Rlxm;m(+ui=1ogK5;
z3_CEr72Db0cez|@wHlU#9*;+-({*%oxV?U(-6P;P6|h)VtJUxK2Lgd`I4o5e^?Hlh
zj=?Z&G9hM*iwlB2pU>@fOQlky(XM~5VYf=9GMN#D#^i7~5CriBw;%|TwYCbH1PF?`
zF^pZnHX~k*)h&@oG-`v<Xw>OUa-9Wav#l<l$z+1<j$kMh3<kYkFQm{|ES5$tU!hP)
z8k-CTg9}CZb$p*MD3!{k;#OG)B$dczGMPXiFc>Tt<}>IFhzrwbG)9Bj;_$dojLYVV
z1(N;!eU;i!SI2K{ZT0#BGQGWoU1CMN2!iSjR+GtYwYyCgWM^v!w!*<c0C6}l471zq
zp-{+bv7jhwFu<%lmdhLT1lD21BWM)sV2@5?<d$$PW=k!|<$|^1rq)nsy`+Gx*O|lu
zvDM+R!fvw}K~c<Tfd6e7^!fa5H@3eY#xRfF?%;x4L6ewY*C>@LG#XvxfBt)ctUUrQ
z28aN;z<d6A0*DR+5psI9ZN&Mth(g`$j+!ME#;@JlU0xoU?LUy6wlud<J$*k%^Z9o7
z<ipDB%u47QjZ#_pfI*aP?=Ftj>SM&AmL(Sb{I@x4Yx(oGl?(d9(wGbh6ZcG;T7TJ=
z`2=!*-%-YTT>a!jbyjSiZDVqZc!DKdtzT<v`J<ee*=w89DhUT;a&P2bj+(DJmmqqT
z#uIM$4W}f(o_n)QCkBc&_kt-r2G2co;XB1J@5;#UPfvdZ#qYsyrv|G&dQNXMj4W`w
z*e4nq#_ufN=TaV_YneSHR?F*K3yvc}<tgf)g!N}X7jfBC%Sijt=il6>cB*Fj%0X4S
z^2Nb$TFnZe+<QxI;AO64zbo76IGYpQiIntFWv^lf7hAwyI+JH>{`do>sEXovQ`npE
z+x!Mj-t}-9%Gi5Tn0SqO);3Ey+|{m(V$nsTl``!pl+>Xu1BKbC56eg`^&8Fogp*oT
zYHB_hMaxSB$FBFkTkehiY@!}YYtCns9VM(WIXH@vbUWe7?k0ZV_~1zNksHxj%J`^l
zXW4-l#T!c8&^4$c;n>6`M80Fg;f^)mUFfCV8*BrB^yLBk@xjYcXiDD10vat_2P)cT
z&x3f{f#Cs8Rykqo$>E`DX7#~K%63jaIakCvRB$(I?f{?B&_iKVfZ4?GsT5}vEjAyT
z&+M&VneDr|<iwLBJW$p5skWi2KmI2mH6A~}be8652f%)gb_L%bseqi1BDuH;g{WGn
z6cJA|$B5@<>Kmx>IYPo1ZyczJkv&b~bVhO#yAwd#BtVPdl?`S5y7I$w!s>YY44-hb
zoFk0k@riw_G?a0XIefh*u9DhPeidJw$VG#rLekvTS)sBbdG`>Up&n11?!wR87D&l)
z&a{i<_ChBi;g`uDlTwvVY1~QM4FWkbyP%9aGu^U;(&^rwI2J?V{DPIvJo@-$#^w}(
zC5(NL)R~?&ohaVh$StopllfPAayqkjo|8XWSxREki!MR&)GR#ta3s6van0G0yz9!j
uQR|mERAx;a>&46R#nSL6z1=mtj2V0lubXv`(zAStRPt1`QIEp`XZ{BLR;ic(

literal 0
HcmV?d00001

diff --git a/shorewall6/index.cgi b/shorewall6/index.cgi
new file mode 100755
index 000000000..85eb65337
--- /dev/null
+++ b/shorewall6/index.cgi
@@ -0,0 +1,104 @@
+#!/usr/bin/perl
+# index.cgi
+# Display icons for the various shorewall6 configuration files
+
+require './shorewall6-lib.pl';
+
+if (!&has_command($config{'shorewall6'})) {
+	&ui_print_header(undef, $text{'index_title'}, "", undef, 1, 1);
+	print "<p>",&text('index_ecmd', "<tt>$config{'shorewall6'}</tt>",
+		  "$gconfig{'webprefix'}/config.cgi?$module_name"),"<p>\n";
+	}
+else {
+	# Get the version
+	$shorewall6_version = &get_shorewall6_version(1);
+	&open_tempfile(VERSION, ">$module_config_directory/version");
+	&print_tempfile(VERSION, $shorewall6_version,"\n");
+	&close_tempfile(VERSION);
+
+	&ui_print_header(undef, $text{'index_title'}, "", undef, 1, 1, 0,
+		&help_search_link("shorewall6", "doc", "google"),
+		undef, undef, &text('index_version', &get_printable_version($shorewall6_version)));
+
+	if (!-d $config{'config_dir'}) {
+		# Config dir not found!
+		print "<p>",&text('index_edir',
+		      "<tt>$config{'config_dir'}</tt>",
+		      "$gconfig{'webprefix'}/config.cgi?$module_name"),"<p>\n";
+		}
+	else {
+		# Just show the file icons
+		@files = grep { &can_access($_) } @shorewall6_files;
+		@titles = map { $text{&clean_name($_)."_title"}."<br>($_)" } @files;
+		@links = map { "list.cgi?table=".$_ } @files;
+		@icons = map { "images/".$_.".gif" } @files;
+		&icons_table(\@links, \@titles, \@icons, 4);
+
+		# Check if shorewall6 is running by looking for the 'shorewall6'
+		# chain in the filter table
+		print &ui_hr();
+		print "<table width=100%>\n";
+		system("$config{'shorewall6'} status 2>&1");
+		if ($?) {
+		  # Down .. offer to start
+		  # unless no permissions
+		  unless ($access{'nochange'}) {
+		    print "<form action=start.cgi>\n";
+		    print "<tr> <td><input type=submit ",
+		      "value='$text{'index_start'}'></td>\n";
+		    print "<td>$text{'index_startdesc'}</td> </tr>\n";
+		    print "</form>\n";
+		  }
+		}
+		else {
+		  # Up .. offer to restart, clear and stop
+		  # unless nochange is set
+		  unless ($access{'nochange'}) {
+		    print "<form action=restart.cgi>\n";
+		    print "<tr> <td><input type=submit ",
+		      "value='$text{'index_restart'}'></td>\n";
+		    print "<td>$text{'index_restartdesc'}</td> </tr>\n";
+		    print "</form>\n";
+
+		    print "<form action=refresh.cgi>\n";
+		    print "<tr> <td><input type=submit ",
+		      "value='$text{'index_refresh'}'></td>\n";
+		    print "<td>$text{'index_refreshdesc'}</td> </tr>\n";
+		    print "</form>\n";
+
+		    print "<form action=clear.cgi>\n";
+		    print "<tr> <td><input type=submit ",
+		      "value='$text{'index_clear'}'></td>\n";
+		    print "<td>$text{'index_cleardesc'}</td> </tr>\n";
+		    print "</form>\n";
+
+		    print "<form action=stop.cgi>\n";
+		    print "<tr> <td><input type=submit ",
+		      "value='$text{'index_stop'}'></td>\n";
+		    print "<td>$text{'index_stopdesc'}</td> </tr>\n";
+		    print "</form>\n";
+		  }
+		  print "<form action=status.cgi>\n";
+		  print "<tr> <td><input type=submit ",
+		    "value='$text{'index_status'}'></td>\n";
+		  print "<td>$text{'index_statusdesc'}</td> </tr>\n";
+		  print "</form>\n";
+		}
+
+		# Always offer to check
+		print "<form action=check.cgi>\n";
+		print "<tr> <td><input type=submit ",
+		      "value='$text{'index_check'}'></td>\n";
+		print "<td>$text{'index_checkdesc'}</td> </tr>\n";
+		print "</form>\n";
+		print "<form action=dump.cgi>\n";
+		print "<tr> <td><input type=submit ",
+		  "value='$text{'index_dump'}'></td>\n";
+		print "<td>$text{'index_dumpdesc'}</td> </tr>\n";
+		print "</form>\n";
+		print "</table>\n";
+		}
+	}
+
+&ui_print_footer("/", $text{'index'});
+
diff --git a/shorewall6/install_check.pl b/shorewall6/install_check.pl
new file mode 100755
index 000000000..85ab49f96
--- /dev/null
+++ b/shorewall6/install_check.pl
@@ -0,0 +1,15 @@
+# install_check.pl
+
+do 'shorewall6-lib.pl';
+
+# is_installed(mode)
+# For mode 1, returns 2 if the server is installed and configured for use by
+# Webmin, 1 if installed but not configured, or 0 otherwise.
+# For mode 0, returns 1 if installed, 0 if not
+sub is_installed
+{
+return 0 if (!&has_command($config{'shorewall6'}) ||
+	     !-d $config{'config_dir'});
+return $_[0] ? 2 : 1;
+}
+
diff --git a/shorewall6/lang/ca b/shorewall6/lang/ca
new file mode 100755
index 000000000..32ed07087
--- /dev/null
+++ b/shorewall6/lang/ca
@@ -0,0 +1,455 @@
+index_title=Tallafocs Shorewall6
+index_ecmd=No s'ha trobat al sistema l'ordre $1. Pot ser que no estigui instal�lada, o b� que la <a href='$2'>configuraci� del m�dul</a> sigui incorrecta.
+index_edir=No s'ha trobat al sistema el directori $1 de configuraci� de Shorewall. Pot ser que no estigui instal�lat, o b� que la <a href='$2'>configuraci� del m�dul</a> sigui incorrecta.
+index_version=Shorewall versi� $1
+index_return=a la llista de taules
+index_restart=Aplica la Configuraci�
+index_restartdesc=Fes clic sobre aquest bot� per activar la configuraci� actual de Shorewall amb l'ordre <tt>shorewall6 restart</tt>.
+index_refresh=Refresca la Configuraci�
+index_refreshdesc=Fes clic sobre aquest bot� per activar nom�s les taules de Llista negra i Formatat de Tr�nsit amb l'ordre <tt>shorewall6 refresh</tt>.
+index_start=Inicia el Tallfocs
+index_startdesc=Fes clic sobre aquest bot� per iniciar Shorewall amb la configuraci� actual amb l'ordre <tt>shorewall6 start</tt>.
+index_clear=Neteja el Tallafocs
+index_cleardesc=Fes clic sobre aquest bot� per netejar el tallafocs Shorewall amb l'ordre <tt>shorewall6 clear</tt>. Aix� permetr� l'acc�s des de tots els hosts sense restricci�.
+index_stop=Atura el Tallafocs
+index_stopdesc=Fes clic sobre aquest bot� per tancar Shorewall amb l'ordre <tt>shorewall6 stop</tt>. Aix� bloquejar� l'acc�s des de tots els hosts excepte els que hi ha a la taula En Aturar-se.
+index_status=Mostra l'Estat
+index_statusdesc=Fes clic sobre aquest bot� per veure les taules i regles de Shorewall a partir de l'ordre <tt>shorewall6 status</tt>.
+index_dump=Mostra l'Abocament
+index_dumpdesc=Fes clic sobre aquest bot� per veure la informaci� de rastrig de Shorewall a partir de l'ordre <tt>shorewall6 dump</tt>.
+index_check=Comprova el Tallafocs
+index_checkdesc=Fes clic sobre aquest bot� per fer que Shorewall validi la configuraci� amb l'ordre <tt>shorewall6 check</tt>.
+
+list_move=Despla�a
+list_add=Afegeix
+list_auto=Autom�tic
+list_none=Cap
+list_any=Qualsevol
+list_fw=Tallafocs
+list_other=Altres
+list_manual=Edita el Fitxer Manualment
+list_manualdesc=fes clic sobre aquest bot� per editar manualment el fitxer $1 de Shorewall, en el qual hi ha emmagatzemades les entrades de sobre.
+list_ecannot=No tens perm�s per editar aquesta taula de Shorewall.
+list_delete=Suprimeix els Seleccionats
+
+restart_err=No s'ha pogut aplicar la configuraci�
+refresh_err=No s'ha pogut refrescar la configuraci�
+start_err=No s'ha pogut iniciar el tallafocs
+clear_err=No s'ha pogut netejar el tallafocs
+stop_err=No s'ha pogut tancar el tallafocs
+status_title=Estat del Tallafocs
+dump_title=Abocament del Tallafocs
+check_title=Comprovaci� del Tallafocs
+check_ok=...la configuraci� del tallafocs sembla correcta.
+check_failed=...s'ha trobat un error a la configuraci� del tallafocs!
+check_cmd=S'est� comprovant la configuraci�...
+
+zones_title=Zones de Xarxa
+zones_desc=Les zones llistades en aquesta p�gina representen diferents xarxes abastables des del teu sistema. No obstant, les entrades d'aqu� no tenen cap efecte sobre el tallafocs - defineixen noms i descripcions de zona.
+zones_add=Afegeix una nova zona de xarxa.
+zones_none=Encara no s'ha definit cap zona de xarxa.
+zones_0=ID de zona
+zones_1=Nom mostrat
+zones_2=Descripci�
+zones_1new=Zona mare
+zones_2new=Tipus de zona
+zones_3new=Opcions de la zona
+zones_4new=Opcions d'entrada
+zones_5new=Opcions de sortida
+zones_6new=Comentari
+zones_return=a la llista de zones
+zones_edit=Edici� de Zona de Xarxa
+zones_create=Creaci� de Zona de Xarxa
+zones_header=Detalls de la zona de xarxa
+zones_err=No s'ha pogut desar la zona de xarxa
+zones_eid=Hi falta l'ID de zona o b� �s inv�lid
+zones_efwid=Els IDs $FW i fw de la zona estan reservats per al tallafocs
+zones_ename=Hi falta el nom mostrat o b� �s inv�lid
+zones_edesc=Hi falta la descripci� de la zona o b� �s inv�lida
+zones_ipv6=IPv6
+zones_ipsec=IPsec
+zones_firewall=Sistema tallafocs
+zones_eopts=Opcions de zona inv�lides
+zones_eopts_in=Opcions d'entrada de zona inv�lides
+zones_eopts_out=Opcions de sortida de zona inv�lides
+
+policy_title=Pol�tiques per Defecte
+policy_desc=Aquesta p�gina permet configurar les accions per defecte per al tr�nsit entre zones diferents del tallafocs. Poden ser obviades per a hosts particulars o tipus de tr�nsit de la p�gina de Regles del Tallafocs.
+policy_add=Afegeix una nova pol�tica per defecte.
+policy_none=Encara no s'ha definit cap pol�tica.
+policy_0=Zona origen
+policy_1=Zona dest�
+policy_2=Pol�tica
+policy_3=Nivell de syslog
+policy_4=L�mit de tr�nsit
+policy_limit=L�mit $1, Pic $2
+policy_return=a la llista de pol�tiques
+policy_edit=Edici� de Pol�tica per Defecte
+policy_create=Creaci� de Pol�tica per Defecte
+policy_header=Detalls de la pol�tica per defecte
+policy_err=No s'ha pogut desar la pol�tica per defecte
+policy_nolog=Enregistrament desactivat
+policy_ulog=Enregistra a ULOG
+policy_efw=&lt;Tallafocs&gt; es pot seleccionar tant per la zona origen com la dest�
+policy_elimit=Hi falta el nombre del tr�nsit l�mit o b� �s inv�lid
+policy_eburst=Hi falta el nombre del tr�nsit pic o b� �s inv�lid
+
+rules_title=Regles del Tallafocs
+rules_desc=Aquesta taula llista les excepcions de les pol�tiques per defecte per a certs tipus de tr�nsit, origen, o dest�. L'acci� triada s'aplicar� als paquets que coincideixin amb els criteris triats enlloc de la pol�tica per defecte.
+rules_add=Afegeix una nova regla del tallafocs.
+rules_none=Encara no s'ha definit cap regla del tallafocs.
+rules_0=Acci�
+rules_1=Origen
+rules_1z=Zona origen
+rules_2=Dest�
+rules_2z=Zona o port de dest�
+rules_3=Protocol
+rules_4=Ports origen
+rules_5=Ports dest�
+rules_6=L�mit de freq��ncia
+rules_7=Conjunt d'usuaris
+rules_hosts=Host <tt>$2</tt> de la zona <tt>$1</tt>
+rules_zone=Zona <tt>$1</tt>
+rules_rport=Port <tt>$1</tt>
+rules_related=Relacionat
+rules_return=a la llista de regles del tallafocs
+rules_edit=Edici� de Regla del Tallafocs
+rules_create=Creaci� de Regla del Tallafocs
+rules_header=Detalls de la regla del tallafocs
+rules_err=No s'ha pogut desar la regla del tallafocs
+rules_log=i enregistra al nivell syslog
+rules_nolog=No enregistris
+rules_addr=Nom�s els hosts de la zona amb adreces
+rules_ranges=Ports o rangs
+rules_dnat=Adre�a de dest� original per a DNAT o REDIRECT
+rules_dnat_dest=Per a DNAT o REDIRECT, emplena aqu� la nova adre�a o port de destinaci�.
+rules_dnat_port=Per a DNAT o REDIRECT, emplena aqu� l'adre�a o port de destinaci� original.
+rules_esother=Hi falta la zona origen o b� �s inv�lida
+rules_edother=Hi falta la zona dest� o b� �s inv�lida
+rules_esinzone=No has introdu�t cap adre�a de host origen
+rules_edinzone=No has introdu�t cap adre�a de host dest�
+rules_esport=No has introdu�t cap nom de port origen, n�mero ni rang
+rules_edport=No has introdu�t cap nom de port dest�, n�mero ni rang
+rules_ednat=L'adre�a NAT original de dest� ha de ser una sola adre�a IP, dues adreces separades per ':' o una llista d'exclusi� comen�ant per !
+rules_ednat2=Nom�s es pot introduir una adre�a NAT original per a les accions DNAT i REDIRECT
+rules_rate=Expressi� de l�mit de freq��ncia
+rules_norate=Sense l�mit
+rules_set=La regla s'aplica al conjunt d'usuaris
+rules_noset=Tots els usuaris
+rules_eaction=No has seleccionat cap acci�
+rules_macro=Par�metre d'acci� de la macro
+rules_none2=Cap
+rules_emacro=Hi falta par�metre de la macro o b� �s inv�lid
+
+tos_title=Tipus de Serveis
+tos_desc=Aquesta p�gina defineix tipus de serveis IP per a tipus particulars de tr�nsit, que es poden utilitzar per augmentar o disminuir-ne les prioritats.
+tos_add=Afegeix un nou tipus de servei.
+tos_none=Encara no s'ha definit cap tipus de servei.
+tos_0=Origen
+tos_0z=Zona origen
+tos_1=Dest�
+tos_1z=Zona dest�
+tos_2=Protocol
+tos_3=Ports origen
+tos_4=Ports dest�
+tos_5=Tipus de servei
+tos_6=Prova
+tos_return=a la llista de tipus de serveis
+tos_edit=Edici� de Tipus de Servei
+tos_create=Creaci� de Tipus de Servei
+tos_header=Detalls del tipus de servei
+tos_err=No s'ha pogut desar el tipus de servei
+
+interfaces_title=Interf�cies de Xarxa
+interfaces_desc=EN aquesta p�gina, hi hauria d'haver totes i cadascuna de les interf�cies de xarxa del sistema que vols que Shorewall gestioni, associades amb la zona a la qual estan connectades. La interf�cie de loopback interface <tt>lo</tt> no ha d'apar�ixer llistada mai.
+interfaces_add=Afegeix una nova interf�cie de xarxa
+interfaces_none=Encara no s'ha definit cap interf�cie de xarxa.
+interfaces_0=Interf�cie
+interfaces_1=Nom de zona
+interfaces_2=Adre�a de retransmissi�
+interfaces_3=Opcions
+interfaces_detect=Autom�tica
+interfaces_return=a la llista d'interf�cies
+interfaces_edit=Edici� d'Interf�cie de Xarxa
+interfaces_create=Creaci� d'Interf�cie de Xarxa
+interfaces_header=Detalls de la interf�cie de xarxa
+interfaces_err=No s'ha pogut desar la interf�cie de xarxa
+interfaces_eiface=Hi falta el nom de la interf�cie o b� �s inv�lid
+interfaces_ebroad=Hi falta l'adre�a de retransmissi� o b� �s inv�lida
+
+masq_title=Emmascarament
+masq_desc=Les entrades d'aquesta p�gina configuren la traducci� d'adreces de xarxa per al tr�nsit encaminat entre alguna xarxa i una interf�cie particular.
+masq_add=Afegeix una nova regla d'emmascarament.
+masq_none=Encara no s'ha definit cap regla d'emmascarament.
+masq_0=Interf�cie de sortida
+masq_1=Xarxa a emmascarar
+masq_2=Adre�a SNAT
+masq_3=Restringeig al protocol
+masq_4=Restringeig als ports
+masq_5=Opcions IPsec
+masq_any=Qualsevol protocol
+masq_all=Tots els ports
+masq_in=<tt>$2</tt> a <tt>$1</tt>
+masq_ex=Xarxa a <tt>$1</tt> excepte <tt>$2</tt>
+masq_iface=Xarxa a <tt>$1</tt>
+masq_return=a la llista d'emmascarament
+masq_edit=Edici� de Regla d'emmascarament
+masq_create=Creaci� de Regla d'emmascarament
+masq_header=Detalls de la regla d'emmascarament
+masq_err=No s'ha pogut desar la regla d'emmascarament
+masq_net=Nom�s per a la destinaci�
+masq_mode0=Adre�a de subxarxa
+masq_mode1=Subxarxa a la interf�cie
+masq_except=Excepte les xarxes
+masq_enet=Hi falta la destinaci� de la interf�cie de sortida o b� �s inv�lida
+masq_emnet=Hi falta l'adre�a d'emmascarament de subxarxa o b� �s inv�lida
+masq_emnete=La llista de xarxes d'excepci� buida
+masq_esnat=Adre�a SNAT IP inv�lida
+masq_eports=Hi falta la llista de ports separats per comes o b� �s inv�lida
+masq_eipsec=Hi falten les opcions IPsec
+
+nat_title=NAT est�tica
+nat_desc=Les entrades de traducci� d'adreces de xarxa origen d'aquesta taula es poden utilitzar per configurar una correspond�ncia 1 a 1 entre una adre�a externa del tallafocs i una adre�a RFC1918 d'una m�quina darrere el tallafocs. La NAT  est�tica s'utilitza sovint per permetre connexions a un servidor intern des de fora de la teva xarxa.
+nat_add=Afegeix una nova entrada NAT est�tica.
+nat_none=Encara no s'ha definit cap entrada NAT est�tica
+nat_0=Adre�a externa
+nat_1=Interf�cie externa
+nat_2=Adre�a interna
+nat_virt=virtual
+nat_return=a la llista de NATs est�tiques
+nat_edit=Edici� de NAT est�tica
+nat_create=Creaci� de NAT est�tica
+nat_header=Detalls de l'entrada NAT est�tica
+nat_err=No s'ha pogut desar l'entrada NAT est�tica
+nat_all=Activa per a tots els hosts
+nat_local=Activa per al sistema de tallafocs
+nat_eext=Adre�a IP externa inv�lida
+nat_eint=Adre�a IP interna inv�lida
+nat_evirt=N�mero d'interf�cie virtual inv�lid
+
+proxyndp_title=Proxy NDP
+proxyndp_desc=Aquesta p�gina permet configurar el sistema per tal que respongui les peticions NDP d'altres adreces diferents de la pr�pia, de manera que pugui reenviar paquets a aquelles adreces a la seva destinaci� real.
+proxyndp_add=Afegeix una nova adre�a de proxy NDP.
+proxyndp_none=Encara no s'ha definit cap adre�a de proxy NDP
+proxyndp_0=Adre�a a NDP
+proxyndp_1=Connectada a la interf�cie
+proxyndp_2=Interf�cie externa
+proxyndp_3=Persistent
+proxyndp_return=a la llista d'adreces de proxy NDP
+proxyndp_edit=Edici� d'Adre�a Proxy NDP
+proxyndp_create=Creaci� d'Adre�a Proxy NDP
+proxyndp_header=Detalls de la proxy NDP
+proxyndp_err=No s'ha pogut desar la proxy NDP
+proxyndp_have=Existeix la ruta al host
+proxyndp_eaddr=Hi falta l'adre�a a NDP o b� �s inv�lida
+proxyndp_pers=Deixa la ruta encara que el tallafocs estigui aturat
+
+routestopped_title=En Aturar-se
+routestopped_desc=Per defecte, quan el tallafocs Shorewall s'aturi, denegar� l'acc�s des de tots els hosts. Aquesta p�gina permet definir hosts o xarxes que encara seran accessibles.
+routestopped_add=Afegeix una nova adre�a aturada.
+routestopped_none=Encara no s'ha definit cap adre�a accessible en aturar-se.
+routestopped_0=Interf�cie
+routestopped_1=Adreces accessibles
+routestopped_2=Opcions de ruta
+routestopped_return=a la llista d'adreces aturades
+routestopped_edit=Edici� d'Adreces Aturades
+routestopped_create=Creaci� d'Adreces Aturades
+routestopped_header=Detalls de l'adre�a aturada
+routestopped_err=No s'ha pogut desar l'adre�a aturada
+routestopped_eaddr=No has introdu�t cap adre�a
+routestopped_all=Totes les adreces
+routestopped_list=Les adreces i xarxes llistades...
+
+tunnels_title=T�nels VPN
+tunnels_desc=Aquesta p�gina llista els t�nels VPN que passen a trav�s del teu tallafocs, i per tant han de ser permesos per la configuraci� de Shorewall
+tunnels_add=Afegeix un nou t�nel VPN.
+tunnels_none=Encara no s'ha definit cap t�nel VPN per autoritzar
+tunnels_0=Tipus de VPN
+tunnels_1=Zona per interf�cie
+tunnels_2=Portal remot
+tunnels_3=Zones del portal
+tunnels_gnone=Cap
+tunnels_return=a la llista de t�nels VPN
+tunnels_edit=Edita el T�nel VPN
+tunnels_create=Crea un T�nel VPN 
+tunnels_header=Detalls del t�nel VPN
+tunnels_err=No s'ha pogut desar el t�nel VPN
+tunnels_sel=IP del Portal
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (sense AH)
+tunnels_ipsecnat=IPsec amb NAT
+tunnels_ipsecnat:noah=IPsec amb NAT (sense AH)
+tunnels_ip=IP
+tunnels_gre=GRE
+tunnels_pptpclient=Client PPTP
+tunnels_pptpserver=Servidor PPTP
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, al port...
+tunnels_generic=Gen�ric
+tunnels_generic_l=Gen�ric, per al protocol...
+tunnels_gsel=Zones llistades
+tunnels_eopenvpn=N�mero de port inv�lid del t�nel OpenVPN
+tunnels_egeneric=Hi falta el protocol o el protocol i el port del t�nel gen�ric
+
+hosts_title=Hosts de Zona
+hosts_desc=Aquesta p�gina llista els hosts i les xarxes que s�n part de zones particulars. Per regla general, no cal que facis canvis en aquesta llista.
+hosts_add=Afegeix un nou host de zona.
+hosts_none=Encara no s'ha definit cap host de zona
+hosts_0=Zona
+hosts_1=Interf�cie
+hosts_2=Adre�a IP o xarxa
+hosts_opts=Opcions del host
+hosts_return=Llista de hosts de zona
+hosts_edit=Edita el Host de Zona
+hosts_create=Crea un Host de Zona
+hosts_err=No s'ha pogut desar el host de zona
+hosts_enet=Hi falta l'adre�a del host o b� �s inv�lida
+hosts_header=Detalls del host de zona
+hosts_routestopped=Encamina encara que el tallafocs estigui aturat
+hosts_ip=Adre�a o xarxa $1
+hosts_mac=Adre�a MAC $1
+hosts_ipset=Conjunt IP $1
+hosts_any=Qualsevol host
+
+edit_before=Abans de l'entrada $1
+edit_after=Despr�s de l'entrada $1
+
+blacklist_title=Blacklist Hosts
+blacklist_desc=Aquesta p�gina llista els hosts i els serveis que es bloquejaran si el tr�nsit des dels mateixos arriba en una interf�cie amb l'opci� <b>blacklist</b> establerta. 
+blacklist_add=Afegeix un nou host de llista negra.
+blacklist_none=Encara no s'ha decidit cap host de llista negra.
+blacklist_0=Host o xarxa
+blacklist_1=Protocol
+blacklist_2=Ports
+blacklist_any=Qualsevol
+blacklist_header=Detalls del host de llista negra
+blacklist_host=Host o xarxa
+blacklist_proto=Protocol
+blacklist_ports=Port or llista de ports
+blacklist_err=No s'ha pogut desar el host de llista negra
+blacklist_ehost=Hi falta l'adre�a IP del host o l'adre�a de la xarxa, o b� �s inv�lida
+blacklist_emac=Hi falta l'adre�a MAC o b� �s inv�lida
+blacklist_eipset=Hi falta el nom del conjunt IP
+blacklist_edit=Edita el Host de Llista Negra
+blacklist_create=Crea un Host de Llista Negra
+blacklist_eproto=Hi falta el protocol o b� �s inv�lid
+blacklist_eports=N�mero de port inv�lid o llista de ports separats per comes inv�lida
+blacklist_eports2=Els ports nom�s es poden especificar per als protocols TCP i UDP
+blacklist_return=als hosts de llista negra
+ 
+providers_title=Proveidors d'Encaminament Addicionals
+providers_desc=Aquesta p�gina defineix taules d'encaminament addicionals. Aquestes s�n necess�ries si tens connexions a m�s d'un ISP o m�ltiples connexions al mateix ISP, o est�s executant Squid com una proxy transparent en un altre host diferent del tallafocs.
+providers_add=Afegeix un nou prove�dor d'encaminament.
+providers_none=Encara no s'ha definit cap prove�dor d'encaminament.
+providers_0=Nom
+providers_1=N�mero
+providers_2=Marca
+providers_3=Interf�cie
+providers_4=Portal
+providers_name=Nom del prove�dor
+providers_number=N�mero del prove�dor
+providers_mark=N�mero de la marca
+providers_dup=Duplica el prove�dor
+providers_main=Taula principal
+providers_iface=Interf�cie de xarxa
+providers_gateway=Encaminador del portal
+providers_auto=Detecta autom�ticament
+providers_opts=Opcions addicionals
+providers_track=Tra�a les connexions
+providers_balance=Equilibra la c�rrega de tr�nsit
+providers_loose=Permet el tr�nsit des del tallafocs
+providers_edit=Edita el Prove�dor d'Encaminament
+providers_create=Crea un Prove�dor d'Encaminament
+providers_header=Detalls addicionals del prove�dor d'encaminament
+providers_copy=Copia les rutes a trav�s de les interf�cies
+providers_err=No s'ha pogut desar el prove�dor d'encaminament
+providers_ename=Hi falta el nom del prove�dor o b� �s inv�lid
+providers_enumber=Hi falta el n�mero del prove�dor o b� �s inv�lid
+providers_emark=Hi falta el n�mero de la marca del prove�dor o b� �s inv�lid
+providers_edup=Hi falta el prove�dor per duplicar
+providers_egateway=Hi falta el portal o b� �s inv�lid
+
+manual_desc=Aquest formulari es pot utilitzar per editar manualment el fitxer $1 de Shorewall. Ves amb compte, perqu� no es far� cap comprovaci� de sintaxi dels els canvis.
+manual_reset=Desf�s
+manual_err=No s'ha pogut desar el fitxer de taules
+manual_efile=Nom de taula inv�lid!
+manual_edata=No has introdu�t cap contingut de fitxer de taules.
+
+acl_nochange=Pot aplicar, aturar i iniciar la configuraci� de Shorewall
+acl_files=Taules de Shorewall disponibles
+acl_all=Totes
+acl_sel=Les seleccionades a sota...
+
+delete_err=No s'han pogut suprimir les files
+delete_enone=No has seleccionat cap fila
+
+opts_routeback=Accepta el tr�nsit de tornada al host
+opts_source=Permet des del host a qualsevol destinaci�
+opts_dest=Permet cap al host des de qualsevol origen
+opts_critical=Mostra sempre el tr�nsit entre el tallafocs
+opts_maclist=Compara amb la llista de MACs
+opts_norfc1918=Rebutja els paquets privats IP
+opts_blacklist=Rebutja els paquets  de la llista negra
+opts_tcpflags=Comprova les banderes TCP il�legals
+opts_nosmurfs=Comprova els paquets retransmesos d'origen
+opts_ipsec=Zona IPsec
+opts_dhcp=La interf�cie utilitza DHCP
+opts_routefilter=Activa el filtratge de rutes anti-spoof
+opts_logmartians=Registra els paquets amb origen impossible
+opts_proxyndp=Activa la proxy NDP
+opts_ndp_filter=Respon a les peticions NDP nom�s per l'IP de la interf�cie
+opts_detectnets=Adequa la zona per incloure nom�s els hosts encaminats
+opts_upnp=Remapeja els paquets via UPNP
+
+comment_add=Afegeix un nou comentari.
+comment_edit=Edita el comentari
+comment_create=Crea un Comentari
+comment_header=Detalls del comentari de la taula
+comment_msg=Missatge
+comment_err=No s'ha pogut desar el comentari
+comment_enone=No has introdu�t cap missatge
+
+log_create_table=S'ha afegit l'entrada a la taula $1
+log_modify_table=S'ha modificat l'entrada de la taula $1
+log_delete_table=S'ha suprimit l'entrada de la taula $1
+log_deletes_table=S'han suprimit les entrades de la taula $1
+log_up_table=S'ha despla�at l'entrada amunt a la taula $1
+log_down_table=S'ha despla�at avall l'entrada a la taula $1
+log_manual_table=S'ha editat manualment el fitxer de la taula $1
+log_create_comment=S'ha afegit un comentari a la taula $1
+log_modify_comment=S'ha modificat el comentari de la taula $1
+log_delete_comment=S'ha suprimit el comentari de la taula $1
+log_stop=S'ha aturat el tallafocs
+log_start=S'ha iniciat el tallafocs
+log_refresh=S'ha refrescat el tallafocs
+log_restart=S'ha reiniciat el tallafocs
+log_clear=S'ha netejat el tallafocs
+
+shorewall_conf_title=Fitxer Mestre de Configuraci�
+shorewall_conf_desc=Aquesta p�gina permet configurar les variables de configuraci� globals. NOTA: No �s recomanable canviar aqu� l'ordre de les variables si vols conservar la posici� relativa dels comentaris al fitxer de configuraci�.
+shorewall_conf_add=Afegeix una nova variable de configuraci�.
+shorewall_conf_none=No s'ha trobat cap configuraci� de shorewall.
+shorewall_conf_0=Variable
+shorewall_conf_1=Valor
+shorewall_conf_2=Comentari
+shorewall_conf_return=a la llista de variables de configuraci�
+shorewall_conf_edit=Edici� de variable de configuraci�
+shorewall_conf_create=Creaci� de variable de configuraci�
+shorewall_conf_header=Detalls de la variable de configuraci�
+shorewall_conf_err=No s'ha pogut desar la variable de configuraci�
+shorewall_conf_varname=Nom de variable inv�lid (ha de ser un nom de variable shell v�lid)
+
+params_title=Par�metres Personalitzats
+params_desc=Aquesta p�gina permet configurar els par�metres personalitzats de Shorewall. NOTA: No �s recomanable canviar aqu� l'ordre de les variables si vols conservar la posici� relativa dels comentaris al fitxer de configuraci�.
+params_add=Afegeix un nou par�metre personalitzat
+params_none=No s'ha trobat cap par�metre personalitzat.
+params_0=Par�metre
+params_2=Comentari
+params_1=Valor
+params_return=a la llista de par�metres personalitzats
+params_edit=Edici� de par�metre personalitzat
+params_create=Creaci� de par�metre personalitzat
+params_header=Detalls del par�metre personalitzat
+params_err=No s'ha pogut desar el par�metre personalitzat
+params_varname=Nom de par�metre inv�lid (ha de ser un nom de variable shell v�lid)
+__norefs=1
diff --git a/shorewall6/lang/de b/shorewall6/lang/de
new file mode 100644
index 000000000..8a0e0f80f
--- /dev/null
+++ b/shorewall6/lang/de
@@ -0,0 +1,212 @@
+__norefs=1
+acl_all=Alle
+acl_files=Verf&#252;gbare Shorewall Tabellen
+acl_nochange=Kann Shorewall Konfiguration anwenden, stoppen und starten?
+acl_sel=Ausgew&#228;hlte unten ..
+blacklist_0=Host oder Netzwerk
+blacklist_1=Protokoll
+blacklist_2=Ports
+blacklist_add=F&#252;gt einen neuen Blacklist-Host hinzu.
+blacklist_any=jede
+blacklist_create=Erstelle Blacklist-Host
+blacklist_edit=Editiere Blacklist-Host
+blacklist_ehost=Fehlende oder ung&#252;ltige IP-Adresse oder Netzwerk Adresse
+blacklist_emac=Fehlende oder ung&#252;ltige MAC-Adresse
+blacklist_eports=Ung&#252;ltige Portnummer oder kommagetrennte Liste aller Ports
+blacklist_eports2=Ports k&#246;nnen nur f&#252;r die Protokolle TCP und UDP angegeben werden
+blacklist_eproto=Fehlendes oder ung&#252;ltiges Protokoll
+blacklist_header=Blacklist-Host Details
+blacklist_host=Host oder Netzwerk
+blacklist_none=Keine Blacklist Hosts wurden bisher definiert.
+blacklist_ports=Port oder Port Liste
+blacklist_proto=Protokoll
+blacklist_return=Blacklist-Hosts
+blacklist_title=Blacklist-Hosts
+check_cmd=Pr&#252;fe Konfiguration ..
+check_failed=.. es wurde ein Fehler in Ihrer Firewall-Konfiguration gefunden!
+check_ok=.. Ihre Firewall Konfiguration schaut OK aus.
+check_title=Pr&#252;fe Firewall
+comment_add=F&#252;ge einen neuen Kommentar hinzu.
+comment_create=Erstelle Kommentar
+comment_edit=Editiere Kommentar
+comment_enone=Keine Nachricht eingegeben
+comment_err=Fehlgeschlagen Kommentar zu speichern
+comment_msg=Nachricht
+delete_enone=Keine Zeilen ausgew&#228;hlt
+dump_title=Firewall Dump
+edit_after=Nach Eintrag $1
+edit_before=Vor Eintrag $1
+hosts_0=Zone
+hosts_1=Schnittstelle
+hosts_2=IP-Adresse oder Netzwerk
+hosts_any=Jeder Host
+hosts_ip=Adresse oder Netzwerk $1
+hosts_ipset=IP gesetzt $1
+hosts_mac=MAC Adresse $1
+hosts_opts=Host Optionen
+index_check=Pr&#252;fe Firewall
+index_dump=Zeige Dump
+index_ecmd=Der Befehl $1 wurde auf Ihrem System nicht gefunden. Vielleicht ist es nicht installiert ist oder die <a href='$2'>Modulkonfiguration</a> ist falsch.
+index_edir=Das Shorewall Konfigurationsverzeichnis $1 wurde auf Ihrem System nicht gefunden. Vielleicht ist es nicht installiert ist oder die <a href='$2'>Modulkonfiguration </a> ist falsch.
+index_refresh=Konfiguration aktualisieren
+index_restart=Konfiguration anwenden
+index_return=Liste der Tabellen
+index_start=Starte Firewall
+index_status=Zeige Status
+index_stop=Stoppe Firewall
+index_title=Shorewall6 Firewall
+index_version=Shorewall6 Version $1
+interfaces_0=Schnittstelle
+interfaces_2=Broadcast-Adresse
+interfaces_3=Optionen
+interfaces_add=F&#252;r eine neue Netzwerk-Schnittstelle hinzu.
+interfaces_detect=Automatisch
+interfaces_ebroad=Fehlende oder ung&#252;ltige Broadcast-Adresse
+interfaces_edit=Editiere Netzwerk Schnittstelle
+interfaces_eiface=Fehlender oder ung&#252;ltiger Schnittstellenname
+interfaces_err=Fehlgeschlagen Netzwerk-Schnittstelle zu speichern
+interfaces_header=Netzwerk Schnittstelle Details
+interfaces_none=Keine Netzwerk-Schnittstellen wurden bisher definiert.
+interfaces_return=Schnittstellen Liste
+interfaces_title=Netzwerkschnittstellen
+list_add=Hinzuf&#252;gen
+list_any=Jede
+list_auto=Automatisch
+list_delete=L&#246;sche ausgew&#228;hltes
+list_fw=Firewall
+list_manual=Datei manuell editieren
+list_other=Andere..
+log_start=Firewall gestartet
+log_stop=Firewall gestoppt
+manual_efile=Ung&#252;ltige Tabellenname!
+manual_reset=R&#252;ckg&#228;ngig
+masq_0=Ausgehendes Interface
+masq_2=SNAT Adresse
+masq_3=Einschr&#228;nken auf Protokoll
+masq_4=Einschr&#228;nken auf Ports
+masq_5=IPsec Optionen
+masq_add=F&#252;ge eine neue Masquerading Regel hinzu.
+masq_all=Alle Ports
+masq_any=Jedes Protokoll
+masq_create=Erstelle Masquerading Regel
+masq_eipsec=Fehlende IPsec Optionen
+masq_esnat=Ung&#252;ltige SNAT IP-Adresse
+masq_except=Ausgenommen f&#252;r Netzwerke
+masq_iface=Netzwerk auf <tt>$1</tt>
+masq_in=<tt>$2</tt> auf <tt>$1</tt>
+masq_mode0=Subnetzadresse
+masq_mode1=Subnetz auf Interface
+masq_net=Nur f&#252;r das Ziel
+masq_return=Masquerading Liste
+masq_title=Masquerading
+nat_0=Externe Adresse
+nat_1=Externe Schnittstelle
+nat_2=Interne Adresse
+nat_all=Aktiv f&#252;r alle Hosts?
+nat_create=Erstelle statisches NAT
+nat_edit=Editiere statisches NAT
+nat_eext=Ung&#252;ltige externe IP-Adresse
+nat_eint=Ung&#252;ltige interne IP-Adresse
+nat_title=Statisches NAT
+nat_virt=virtuell
+opts_dhcp=Interface, welches DHCP benutzt
+opts_ipsec=IPsec Zone
+opts_proxyndp=Aktiviere Proxy NDP
+opts_source=Erlaube von Host zu jedem Ziel
+params_0=Parameter
+params_1=Wert
+params_2=Kommentar
+policy_3=Syslog Level
+policy_4=Traffic Limit
+policy_ulog=Auf ULOG loggen
+providers_0=Name
+providers_1=Nummer
+providers_3=Interface
+providers_4=Gateway
+providers_auto=Automatisch erkennen
+providers_dup=Dupliziere Provider
+providers_egateway=Fehlender oder ung&#252;ltiger Gateway
+providers_gateway=Gateway Router
+providers_iface=Netzwerk Interface
+providers_loose=Erlaube Traffic von Firewall
+providers_main=Haupttabelle
+providers_name=Providername
+providers_number=Providernummer
+providers_opts=Zus&#228;tzliche Optionen
+proxyndp_1=Verbunden mit Schnittstelle
+proxyndp_2=Externe Schnittstelle
+proxyndp_3=Anhaltend?
+proxyndp_edit=Editiere Proxy NDP Adresse
+proxyndp_err=Fehlgeschlagen Proxy NDP zu speichern
+proxyndp_header=Proxy NDP Details
+proxyndp_title=Proxy NDP
+routestopped_0=Interface
+routestopped_2=Route Optionen
+routestopped_all=Alle Adressen
+rules_0=Aktion
+rules_1=Quelle
+rules_2=Ziel
+rules_3=Protokoll
+rules_4=Quellports
+rules_5=Zielports
+rules_add=F&#252;r eine neue Firewall Regel hinzu.
+rules_create=Erstelle Firewall Regel
+rules_edit=Editiere Firewall Regel
+rules_header=Details der Firewall-Regel
+rules_hosts=Host <tt>$2</tt> in Zone <tt>$1</tt>
+rules_nolog=Logge nicht
+rules_norate=Kein Limit
+rules_noset=Alle Benutzer
+rules_ranges=Ports und Bereiche
+rules_rport=Port <tt>$1</tt>
+rules_title=Firewall Regeln
+rules_zone=Zone <tt>$1</tt>
+shorewall_conf_0=Variable
+shorewall_conf_1=Wert
+shorewall_conf_2=Kommentar
+shorewall_conf_add=F&#252;ge neue Konfigurationsvariable hinzu
+shorewall_conf_create=Errstelle Konfigurationsvariable
+shorewall_conf_edit=Editiere Konfigurationsvariable
+status_title=Firewall Status
+tos_0=Quelle
+tos_0z=Quell Zone
+tos_1=Ziel
+tos_1z=Ziel Zone
+tos_2=Protokoll
+tos_3=Quell Ports
+tos_4=Ziel Ports
+tos_5=Typ des Dienstes
+tos_6=Test
+tos_edit=Editiere Typ des Dienstes
+tunnels_0=VPN Typ
+tunnels_add=F&#252;ge neuen VPN Tunnel hinzu
+tunnels_create=Erstelle VPN Tunnel
+tunnels_edit=Editiere VPN Tunnel
+tunnels_eopenvpn=Ung&#252;ltige Portnummer f&#252;r OpenVPN Tunnel
+tunnels_err=Fehlgeschlagen VPN Tunnel zu speichern
+tunnels_generic=Generic
+tunnels_generic_l=Generic, f&#252;r Protokoll..
+tunnels_gre=GRE
+tunnels_header=VPN Tunnel Details
+tunnels_ip=IP
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (kein AH)
+tunnels_ipsecnat=IPsec mit NAT
+tunnels_ipsecnat:noah=IPsec mit NAT (kein AH)
+tunnels_none=Keine VPN Tunnel zum Erlauben wurden bisher definiert.
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, auf Port..
+tunnels_pptpclient=PPTP Client
+tunnels_pptpserver=PPTP Server
+tunnels_return=VPN Tunnel Liste
+tunnels_sel=Gateway IP
+tunnels_title=VPN Tunnel
+zones_0=Zone ID
+zones_1=Anzeigename
+zones_2=Beschreibung
+zones_2new=Zonentyp
+zones_3new=Zonenoptionen
+zones_6new=Kommentar
+zones_firewall=Firewallsystem
+zones_ipsec=IPsec
+zones_ipv6=IPv6
diff --git a/shorewall6/lang/en b/shorewall6/lang/en
new file mode 100644
index 000000000..2850fa15f
--- /dev/null
+++ b/shorewall6/lang/en
@@ -0,0 +1,455 @@
+index_title=Shorewall6 Firewall
+index_ecmd=The command $1 was not found on your system. Maybe it is not installed, or the <a href='$2'>module configuration</a> is incorrect.
+index_edir=The Shorewall configuration directory $1 was not found on your system. Maybe it is not installed, or the <a href='$2'>module configuration</a> is incorrect.
+index_version=Shorewall6 version $1
+index_return=list of tables
+index_restart=Apply Configuration
+index_restartdesc=Click this button to activate the current Shorewall configuration with the <tt>shorewall6 restart</tt> command.
+index_refresh=Refresh Configuration
+index_refreshdesc=Click this button to activate just the Blacklist and Traffic Shaping tables with the <tt>shorewall6 refresh</tt> command.
+index_start=Start Firewall
+index_startdesc=Click this button to start Shorewall with the current configuration with the <tt>shorewall6 start</tt> command.
+index_clear=Clear Firewall
+index_cleardesc=Click this button to clear the Shorewall firewall with the <tt>shorewall6 clear</tt> command. This will allow access from all hosts without restriction.
+index_stop=Stop Firewall
+index_stopdesc=Click this button to shut down Shorewall with the <tt>shorewall6 stop</tt> command. This will block access from all hosts except those in the When Stopped table.
+index_status=Show Status
+index_statusdesc=Click this button to view Shorewall's tables and rules from the <tt>shorewall6 status</tt> command.
+index_dump=Show Dump
+index_dumpdesc=Click this button to view Shorewall tracing information from the <tt>shorewall6 dump</tt> command.
+index_check=Check Firewall
+index_checkdesc=Click this button to have Shorewall validate your firewall configuration with the <tt>shorewall6 check</tt> command.
+
+list_move=Move
+list_add=Add
+list_auto=Automatic
+list_none=None
+list_any=Any
+list_fw=Firewall
+list_other=Other..
+list_manual=Manually Edit File
+list_manualdesc=Click this button to manually edit the Shorewall file $1, in which the entries above are stored.
+list_ecannot=You are not allowed to edit this Shorewall table.
+list_delete=Delete Selected
+
+restart_err=Failed to apply configuration
+refresh_err=Failed to refresh configuration
+start_err=Failed to start firewall
+clear_err=Failed to clear firewall
+stop_err=Failed to shut down firewall
+status_title=Firewall Status
+dump_title=Firewall Dump
+check_title=Check Firewall
+check_ok=.. your firewall configuration looks OK.
+check_failed=.. an error was found in your firewall configuration!
+check_cmd=Checking configuration ..
+
+zones_title=Network Zones
+zones_desc=The zones listed on this page represent different networks reachable from your system. However, the entries here do no actually have any effect on the firewall - instead, they just define zone names and descriptions.
+zones_add=Add a new network zone.
+zones_none=No network zones have been defined yet.
+zones_0=Zone ID
+zones_1=Displayed name
+zones_2=Description
+zones_1new=Parent zone
+zones_2new=Zone type
+zones_3new=Zone options
+zones_4new=Incoming options
+zones_5new=Outgoing options
+zones_6new=Comment
+zones_return=zones list
+zones_edit=Edit Network Zone
+zones_create=Create Network Zone
+zones_header=Network zone details
+zones_err=Failed to save network zone
+zones_eid=Missing or invalid zone ID
+zones_efwid=The zone IDs $FW and fw are reserved for the firewall
+zones_ename=Missing or invalid displayed name
+zones_edesc=Missing zone description
+zones_ipv6=IPv6
+zones_ipsec=IPsec
+zones_firewall=Firewall system
+zones_eopts=Invalid zone options
+zones_eopts_in=Invalid zone incoming options
+zones_eopts_out=Invalid zone outgoing options
+
+policy_title=Default Policies
+policy_desc=This page allows you to configure the default actions for traffic between different firewall zones. They can be overridden for particular hosts or types of traffic on the Firewall Rules page.
+policy_add=Add a new default policy.
+policy_none=No default policies have been defined yet.
+policy_0=Source zone
+policy_1=Destination zone
+policy_2=Policy
+policy_3=Syslog level
+policy_4=Traffic limit
+policy_limit=Limit $1, Burst $2
+policy_return=policies list
+policy_edit=Edit Default Policy
+policy_create=Create Default Policy
+policy_header=Default policy details
+policy_err=Failed to save default policy
+policy_nolog=Logging disabled
+policy_ulog=Log to ULOG
+policy_efw=&lt;Firewall&gt; cann be selected for both the source and destination zones
+policy_elimit=Missing or invalid traffic limit number
+policy_eburst=Missing or invalid traffic burst number
+
+rules_title=Firewall Rules
+rules_desc=This table lists exceptions to the default policies for certain types of traffic, sources or destinations. The chosen action will be applied to packets matching the chosen criteria instead of the default.
+rules_add=Add a new firewall rule.
+rules_none=No firewall rules have been defined yet.
+rules_0=Action
+rules_1=Source
+rules_1z=Source zone
+rules_2=Destination
+rules_2z=Destination zone or port
+rules_3=Protocol
+rules_4=Source ports
+rules_5=Destination ports
+rules_6=Rate limit
+rules_7=User set
+rules_hosts=Host <tt>$2</tt> in zone <tt>$1</tt>
+rules_zone=Zone <tt>$1</tt>
+rules_rport=Port <tt>$1</tt>
+rules_related=Related
+rules_return=firewall rules list
+rules_edit=Edit Firewall Rule
+rules_create=Create Firewall Rule
+rules_header=Firewall rule details
+rules_err=Failed to save firewall rule
+rules_log=and log to syslog level
+rules_nolog=Don't log
+rules_addr=Only hosts in zone with addresses
+rules_ranges=Ports or ranges
+rules_dnat=Original destination address for DNAT or REDIRECT
+rules_dnat_dest=For DNAT or REDIRECT, fill in the new destination address or port here.
+rules_dnat_port=For DNAT or REDIRECT, fill in the original destination port here.
+rules_esother=Missing or invalid source zone
+rules_edother=Missing or invalid destination zone
+rules_esinzone=No host addresses entered for source
+rules_edinzone=No host addresses entered for destination
+rules_esport=No source port names, numbers or ranges entered
+rules_edport=No destination port names, numbers or ranges entered
+rules_ednat=Original destination address must be a single IP address, two addresses separated by a :, or an exclusion list starting with !
+rules_ednat2=An original destination address can only be entered for the DNAT and REDIRECT actions
+rules_rate=Rate limit expression
+rules_norate=No limit
+rules_set=Rule applies to user set
+rules_noset=All users
+rules_eaction=No action selected
+rules_macro=Macro action parameter
+rules_none2=None
+rules_emacro=Missing or invalid macro parameter
+
+tos_title=Types of Service
+tos_desc=This page defines IP service types for particular types of traffic, which can be used to raise or lower their priorities.
+tos_add=Add a new type of service.
+tos_none=No types of service have been defined yet.
+tos_0=Source
+tos_0z=Source zone
+tos_1=Destination
+tos_1z=Destination zone
+tos_2=Protocol
+tos_3=Source ports
+tos_4=Destination ports
+tos_5=Type of service
+tos_6=Test
+tos_return=types of service list
+tos_edit=Edit Type of Service
+tos_create=Create Type of Service
+tos_header=Type of service details
+tos_err=Failed to save type of service
+
+interfaces_title=Network Interfaces
+interfaces_desc=Each of the network interfaces on your system that you want Shorewall to manage should be listed on this page, and associated with the zone that it is connected to. The loopback interface <tt>lo</tt> must never be listed.
+interfaces_add=Add a new network interface.
+interfaces_none=No network interfaces have been defined yet.
+interfaces_0=Interface
+interfaces_1=Zone name
+interfaces_2=Broadcast address
+interfaces_3=Options
+interfaces_detect=Automatic
+interfaces_return=interfaces list
+interfaces_edit=Edit Network Interface
+interfaces_create=Create Network Interface
+interfaces_header=Network interface details
+interfaces_err=Failed to save network interface
+interfaces_eiface=Missing or invalid interface name
+interfaces_ebroad=Missing or invalid broadcast address
+
+masq_title=Masquerading
+masq_desc=Entries on this page set up network address translation for traffic routed between some network and a particular interface.
+masq_add=Add a new masquerading rule.
+masq_none=No masquerading rules have been defined yet.
+masq_0=Outgoing interface
+masq_1=Network to masquerade
+masq_2=SNAT address
+masq_3=Restrict to protocol
+masq_4=Restrict to ports
+masq_5=IPsec options
+masq_any=Any protocol
+masq_all=All ports
+masq_in=<tt>$2</tt> on <tt>$1</tt>
+masq_ex=Network on <tt>$1</tt> except <tt>$2</tt>
+masq_iface=Network on <tt>$1</tt>
+masq_return=masquerading list
+masq_edit=Edit Masquerading Rule
+masq_create=Create Masquerading Rule
+masq_header=Masquerading rule details
+masq_err=Failed to save masquerading rule
+masq_net=Only for destination
+masq_mode0=Subnet address
+masq_mode1=Subnet on interface
+masq_except=Except for networks
+masq_enet=Missing or invalid outgoing interface destination
+masq_emnet=Missing or invalid masquerading subnet address
+masq_emnete=Empty exception networks list
+masq_esnat=Invalid SNAT IP address
+masq_eports=Missing or invalid comma-separate list of ports
+masq_eipsec=Missing IPsec options
+
+nat_title=Static NAT
+nat_desc=The static network address translation entries in this table can be used to set up a 1-1 correspondence between an external address on your firewall and an RFC1918 address of a machine behind your firewall. Static NAT is often used to allow connections to an internal server from outside your network.
+nat_add=Add a new static NAT entry.
+nat_none=No static NAT entries have been defined yet.
+nat_0=External address
+nat_1=External interface
+nat_2=Internal address
+nat_virt=virtual
+nat_return=static NAT list
+nat_edit=Edit Static NAT
+nat_create=Create Static NAT
+nat_header=Static NAT entry details
+nat_err=Failed to save static NAT entry
+nat_all=Active for all hosts?
+nat_local=Active for firewall system?
+nat_eext=Invalid external IP address
+nat_eint=Invalid internal IP address
+nat_evirt=Invalid virtual interface number
+
+proxyndp_title=Proxy NDP
+proxyndp_desc=This page allows you to configure your system to answer NDP requests for IP addresses other than its own, so that it can forward packets to those addresses to their real destinations.
+proxyndp_add=Add a new proxy NDP address.
+proxyndp_none=No proxy NDP addresses have been defined yet.
+proxyndp_0=Address to NDP
+proxyndp_1=Connected to interface
+proxyndp_2=External interface
+proxyndp_3=Persistent?
+proxyndp_return=proxy NDP address list
+proxyndp_edit=Edit Proxy NDP Address
+proxyndp_create=Create Proxy NDP Address
+proxyndp_header=Proxy NDP details
+proxyndp_err=Failed to save proxy NDP
+proxyndp_have=Route to host exists?
+proxyndp_eaddr=Missing or invalid address to NDP
+proxyndp_pers=Leave route even when firewall stopped?
+
+routestopped_title=When Stopped
+routestopped_desc=By default, when the Shorewall firewall is stopped it will deny access from all hosts. This page allows you to define hosts or networks that will still be accessible.
+routestopped_add=Add a new stopped address.
+routestopped_none=No addresses to be accessible when stopped have been defined yet.
+routestopped_0=Interface
+routestopped_1=Accessible addresses
+routestopped_2=Route options
+routestopped_return=stopped address list
+routestopped_edit=Edit Stopped Address
+routestopped_create=Create Stopped Address
+routestopped_header=Stopped address details
+routestopped_err=Failed to save stopped address
+routestopped_eaddr=No addresses entered
+routestopped_all=All addresses
+routestopped_list=Listed addresses and networks ..
+
+tunnels_title=VPN Tunnels
+tunnels_desc=This page lists VPN tunnels that pass through your firewall, and so must be allowed by the Shorewall configuration.
+tunnels_add=Add a new VPN tunnel.
+tunnels_none=No VPN tunnels to allow have been defined yet.
+tunnels_0=VPN Type
+tunnels_1=Zone for interface
+tunnels_2=Remote gateway
+tunnels_3=Gateway zones
+tunnels_gnone=None
+tunnels_return=VPN tunnels list
+tunnels_edit=Edit VPN Tunnel
+tunnels_create=Create VPN Tunnel
+tunnels_header=VPN tunnel details
+tunnels_err=Failed to save VPN tunnel
+tunnels_sel=Gateway IP
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (no AH)
+tunnels_ipsecnat=IPsec with NAT
+tunnels_ipsecnat:noah=IPsec with NAT (no AH)
+tunnels_ip=IP
+tunnels_gre=GRE
+tunnels_pptpclient=PPTP client
+tunnels_pptpserver=PPTP server
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, on port..
+tunnels_generic=Generic
+tunnels_generic_l=Generic, for protocol..
+tunnels_gsel=Listed zones
+tunnels_eopenvpn=Invalid port number for OpenVPN tunnel
+tunnels_egeneric=Missing protocol or protocol:port for generic tunnel
+
+hosts_title=Zone Hosts
+hosts_desc=This page lists hosts and networks that are part of particular zones. You generally do not need to make any changes to this list.
+hosts_add=Add a new zone host.
+hosts_none=No zone hosts have been defined yet.
+hosts_0=Zone
+hosts_1=Interface
+hosts_2=IP address or network
+hosts_opts=Host options
+hosts_return=zone hosts list
+hosts_edit=Edit Zone Host
+hosts_create=Create Zone Host
+hosts_err=Failed to save zone host
+hosts_enet=Missing or invalid host address
+hosts_header=Zone host details
+hosts_routestopped=Route even when firewall is stopped?
+hosts_ip=Address or network $1
+hosts_mac=MAC address $1
+hosts_ipset=IP set $1
+hosts_any=Any host
+
+edit_before=Before entry $1
+edit_after=After entry $1
+
+blacklist_title=Blacklist Hosts
+blacklist_desc=This page lists hosts and services that will be blocked if traffic from them arrives on an interface with the <b>blacklist</b> option set.
+blacklist_add=Add a new blacklist host.
+blacklist_none=No blacklist hosts have been defined yet.
+blacklist_0=Host or network
+blacklist_1=Protocol
+blacklist_2=Ports
+blacklist_any=Any
+blacklist_header=Blacklist host details
+blacklist_host=Host or network
+blacklist_proto=Protocol
+blacklist_ports=Port or port list
+blacklist_err=Failed to save blacklist host
+blacklist_ehost=Missing or invalid host IP address or network address
+blacklist_emac=Missing or invalid MAC address
+blacklist_eipset=Missing IP set name
+blacklist_edit=Edit Blacklist Host
+blacklist_create=Create Blacklist Host
+blacklist_eproto=Missing or invalid protocol
+blacklist_eports=Invalid port number or comma-separated list of ports
+blacklist_eports2=Ports can only be specified for the TCP and UDP protocols
+blacklist_return=blacklist hosts
+
+providers_title=Additional Routing Providers
+providers_desc=This page defines additional routing tables. These are needed if you have connections to more than one ISP or multiple connections to the same ISP, or run Squid as a transparent proxy on a host other than the firewall.
+providers_add=Add a new routing provider.
+providers_none=No routing providers have been defined yet.
+providers_0=Name
+providers_1=Number
+providers_2=Mark
+providers_3=Interface
+providers_4=Gateway
+providers_name=Provider name
+providers_number=Provider number
+providers_mark=Mark number
+providers_dup=Duplicate provider
+providers_main=Main table
+providers_iface=Network interface
+providers_gateway=Gateway router
+providers_auto=Detect automatically
+providers_opts=Additional options
+providers_track=Track connections
+providers_balance=Load-balance traffic
+providers_loose=Allow traffic from firewall
+providers_edit=Edit Routing Provider
+providers_create=Create Routing Provider
+providers_header=Additional routing provider details
+providers_copy=Copy routes through interfaces
+providers_err=Failed to save routing provider
+providers_ename=Missing or invalid provider name
+providers_enumber=Missing or invalid provider number
+providers_emark=Missing or invalid provider mark number
+providers_edup=Missing provider to duplicate
+providers_egateway=Missing or invalid gateway
+
+manual_desc=This form can be used to manually edit the Shorewall file $1. Be careful, as no syntax checking will be done on the changes.
+manual_reset=Undo
+manual_err=Failed to save table file
+manual_efile=Invalid table name!
+manual_edata=No table file contents entered.
+
+acl_nochange=Can apply, stop and start Shorewall configuration?
+acl_files=Available Shorewall tables
+acl_all=All
+acl_sel=Selected below ..
+
+delete_err=Failed to delete rows
+delete_enone=No rows selected
+
+opts_routeback=Accept traffic back to host
+opts_source=Allow from host to any destination
+opts_dest=Allow to host from any source
+opts_critical=Always allow traffic between firewall
+opts_maclist=Compare against MAC list?
+opts_norfc1918=Reject private IP packets
+opts_blacklist=Reject packets on blacklist
+opts_tcpflags=Check for illegal TCP flags
+opts_nosmurfs=Check for broadcast source packets
+opts_ipsec=IPsec zone
+opts_dhcp=Interface uses DHCP
+opts_routefilter=Enable anti-spoofing route filtering
+opts_logmartians=Log packets with impossible sources
+opts_proxyndp=Enable proxy NDP
+opts_ndp_filter=Only respond to NDP requests for interface IP
+opts_detectnets=Taylor zone to include only routed hosts
+opts_upnp=Remap packets via UPNP
+
+comment_add=Add a new comment.
+comment_edit=Edit Comment
+comment_create=Create Comment
+comment_header=Table comment details
+comment_msg=Message
+comment_err=Failed to save comment
+comment_enone=No message entered
+
+log_create_table=Added entry to the $1 table
+log_modify_table=Modified entry in the $1 table
+log_delete_table=Deleted entry from the $1 table
+log_deletes_table=Deleted entries from the $1 table
+log_up_table=Moved up entry in the $1 table
+log_down_table=Moved down entry in the $1 table
+log_manual_table=Manually edited the $1 table file
+log_create_comment=Added comment to the $1 table
+log_modify_comment=Modified comment in the $1 table
+log_delete_comment=Deleted comment from the $1 table
+log_stop=Stopped firewall
+log_start=Started firewall
+log_refresh=Refreshed firewall
+log_restart=Restarted firewall
+log_clear=Cleared firewall
+
+shorewall_conf_title=Master configuration file
+shorewall_conf_desc=This page allows you to configure the global configuration variables.  NOTE: Changing the order of variables here is not recommended if you wish to preserve the relative position of comments in the configuration file.
+shorewall_conf_add=Add a new configuration variable.
+shorewall_conf_none=No shorewall6 configuration found.
+shorewall_conf_0=Variable
+shorewall_conf_1=Value
+shorewall_conf_2=Comment
+shorewall_conf_return=configuration variables list
+shorewall_conf_edit=Edit configuration variable
+shorewall_conf_create=Create configuration variable
+shorewall_conf_header=Configuration variable details
+shorewall_conf_err=Failed to save configuration variable
+shorewall_conf_varname=Invalid variable name (must be a valid shell variable name)
+
+params_title=Custom parameters
+params_desc=This page allows you to configure Shorewall's custom parameters.  NOTE: Changing the order of parameters here is not recommended if you wish to preserve the relative position of comments in the configuration file.
+params_add=Add a new custom parameter.
+params_none=No custom parameters found.
+params_0=Parameter
+params_1=Value
+params_2=Comment
+params_return=custom parameters list
+params_edit=Edit custom parameter
+params_create=Create custom parameter
+params_header=Custom parameter details
+params_err=Failed to save custom parameter
+params_varname=Invalid parameter name (must be a valid shell variable name)
+__norefs=1
diff --git a/shorewall6/lang/es b/shorewall6/lang/es
new file mode 100644
index 000000000..cec44d738
--- /dev/null
+++ b/shorewall6/lang/es
@@ -0,0 +1,298 @@
+acl_all=Todas
+acl_files=Tablas de Shorewall disponibles
+acl_nochange=&#191;Puede aplicar, detener e iniciar la configuraci&#243;n de Shorewall?
+acl_sel=Las seleccionadas abajo...
+blacklist_0=Host o Red
+blacklist_1=Protocolo
+blacklist_2=Puertos
+blacklist_add=Agregar un nuevo host a la lista negra
+blacklist_any=Cualquiera
+blacklist_create=Crea un Host de la lista negra
+blacklist_desc=Esta p&#225;gina enumera ordenadores principales y los servicios que se bloquear&#225;n si el tr&#225;fico de ellos llega en una interfaz con la opci&#243;n de <b>blacklist</b> activada.
+blacklist_edit=Edita el Host de la lista negra
+blacklist_ehost=Falta la direcci&#243;n IP del host, direcci&#243;n MAC o direcci&#243;n de red, o bien es inv&#225;lida
+blacklist_eports=N&#250;mero de puerto inv&#225;lido o lista de puertos separados por comas inv&#225;lidos
+blacklist_eports2=Los puertos solo se pueden especificar para los protocolos TCP y UDP
+blacklist_eproto=Falta el protocolo o bien es inv&#225;lido
+blacklist_err=No he podido salvar la lista negra
+blacklist_header=Detalles de la lista negra
+blacklist_host=Host o Red
+blacklist_none=Todav&#237;a no se ha definido ninguna lista negra.
+blacklist_ports=Puerto or lista de puertos
+blacklist_proto=Protocolo
+blacklist_return=los Hosts de lista negra
+blacklist_title=Hosts de de lista negra
+check_cmd=Comprobando la configuraci&#243;n...
+check_failed=...&#161;se ha encontrado un error en la configuraci&#243;n del cortafuegos!
+check_ok=...la configuraci&#243;n del cortafuegos parece correcta.
+check_title=Comprobaci&#243;n del Cortafuegos
+clear_err=No he podido limpiar el cortafuegos
+edit_after=Despu&#233;s de la entrada $1
+edit_before=Antes de la entrada $1
+hosts_0=Zona
+hosts_1=Interfaz
+hosts_2=Direcci&#243;n IP o red
+hosts_add=Agregar un nuevo host de zona
+hosts_create=Crea un Host de Zona
+hosts_desc=Esta p&#225;gina lista los hosts y las redes que son parte de zonas particulares. Por regla general, no hace falta que haga cambios en esta lista.
+hosts_edit=Editar el Host de Zona
+hosts_err=No he podido salvar el host de zona
+hosts_header=Detalles del host de zona
+hosts_maclist=&#191;Comparar con la lista MAC?
+hosts_none=Todav&#237;a no se ha definido ning&#250;n host de zona
+hosts_opts=Opciones del host
+hosts_return=Lista de hosts de zona
+hosts_routestopped=&#191;Encaminar aunque el cortafuegos est&#233; detenido?
+hosts_title=Hosts de Zona
+index_check=Comprueba el Cortafuegos
+index_checkdesc=Presione este bot&#243;n para hacer que Shorewall valide la configuraci&#243;n con la orden <tt>shorewall6 check</tt>.
+index_clear=Limpiar el Cortafuegos
+index_cleardesc=Presione este bot&#243;n para limpiar el cortafuegos Shorewall con la orden <tt>shorewall6 clear</tt>. Esto permitir&#225; el acceso desde todos los hosts sin ning&#250;n tipo de restricci&#243;n.
+index_ecmd=No se ha encontrado en el sistema la orden $1. Puede que no est&#233; instalada, o bien que la <a href='$2'>configuraci&#243;n del m&#243;dulo</a> sea incorrecta.
+index_edir=No se ha encontrado en el sistema el directorio $1 de configuraci&#243;n de Shorewall. Puede que no est&#233; instalado, o bien que la <a href='$2'>configuraci&#243;n del m&#243;dulo</a> sea incorrecta.
+index_refresh=Refrescar la Configuraci&#243;n
+index_refreshdesc=Presione este bot&#243;n para activar solo las tablas de Lista Negra y Formateado de Tr&#225;fico con la orden <tt>shorewall6 refresh</tt>.
+index_restart=Aplicar la Configuraci&#243;n
+index_restartdesc=Presione este bot&#243;n para activar la configuraci&#243;n actual de Shorewall con la orden <tt>shorewall6 restart</tt>.
+index_return=lista de tablas
+index_start=Iniciar el Cortafuegos
+index_startdesc=Presione este bot&#243;n para iniciar Shorewall con la configuraci&#243;n actual con la orden <tt>shorewall6 start</tt>.
+index_status=Mostrar Estado
+index_statusdesc=Presione sobre este bot&#243;n para ver las tablas y reglas de Shorewall a partir de la orden <tt>shorewall6 status</tt>.
+index_stop=Detener el Cortafuegos
+index_stopdesc=Presione este bot&#243;n para parar Shorewall con la orden <tt>shorewall6 stop</tt>. Esto bloquear&#225; el acceso desde todos los hosts excepto los que hay en la tabla Cuando Est&#225; Detenido.
+index_title=Cortafuegos Shorewall6
+index_version=Shorewall versi&#243;n $1
+interfaces_0=Interfaz
+interfaces_1=Nombre de zona
+interfaces_2=Direcci&#243;n de broadcast
+interfaces_3=Opciones
+interfaces_add=Agregar una nueva interfaz de red
+interfaces_create=Crear Interfaz de Red
+interfaces_desc=En esta p&#225;gina, deben estar todas y cada una de las interfaces de red del sistema que quieres que Shorewall gestione, asociadas con la zona en la que estan conectadas. La interfaz de loopback <tt>lo</tt> no ha de aparecer.
+interfaces_detect=Autom&#225;tica
+interfaces_ebroad=Falta la direcci&#243;n de broadcast o bien es inv&#225;lida
+interfaces_edit=Editar Interfaz de Red
+interfaces_eiface=Falta el nombre de la interfaz o bien es inv&#225;lido
+interfaces_err=No he podido salvar la interfaz
+interfaces_header=Detalles de la interfaz de red
+interfaces_none=No se ha definido ninguna interfaz de red.
+interfaces_return=lista de interfaces
+interfaces_title=Interfaces de Red
+list_add=A&#241;adir
+list_any=Cualquiera
+list_auto=Autom&#225;tico
+list_ecannot=No tiene permiso para editar esta tabla de Shorewall.
+list_fw=Cortafuegos
+list_manual=Editar el Fichero Manualmente
+list_manualdesc=Presione este bot&#243;n para editar manualmente el fichero $1 de Shorewall, donde est&#225;n guardadas las entradas de arriba.
+list_move=Desplazar
+list_none=Ninguno
+list_other=Otros
+manual_desc=Este formulario se puede utilizar para editar manualmente el fichero $1 de Shorewall. Vaya con cuidado, porque no se har&#225; ninguna comprobaci&#243;n de sintaxis de los los cambios.
+manual_edata=No ha introducido ning&#250;n contenido de fichero de tablas.
+manual_efile=&#161;Nombre de tabla no v&#225;lido!
+manual_err=No he podido salvar el fichero de tablas
+manual_reset=Deshacer
+masq_0=Interfaz de salida
+masq_1=Red a enmascarar
+masq_2=Direcci&#243;n SNAT
+masq_add=Agregar una nueva regla de enmascaramiento
+masq_create=Crear de Regla de Enmascaramiento
+masq_desc=Las entradas de esta p&#225;gina configuran la traducci&#243;n de direcciones de red para el tr&#225;fico encaminado entre alguna red y una interfaz particular.
+masq_edit=Edici&#243;n de Regla de Enmascaramiento
+masq_emnet=Falta la direcci&#243;n de enmascaramiento de subred o bien es inv&#225;lida
+masq_emnete=Lista de redes de excepci&#243;n vac&#237;a
+masq_enet=Falta el destino de la interfaz de salida o bien no es v&#225;lido
+masq_err=No he podido salvar la regla de enmascaramiento
+masq_esnat=Direcci&#243;n IP SNAT no v&#225;lida
+masq_ex=Red en <tt>$1</tt> excepto <tt>$2</tt>
+masq_except=Excepto las redes
+masq_header=Detalles de la regla de enmascaramiento
+masq_iface=Red en <tt>$1</tt>
+masq_in=<tt>$2</tt> en <tt>$1</tt>
+masq_mode0=Direcci&#243;n de subred
+masq_mode1=Subred en la interfaz
+masq_net=Solo para el destino
+masq_none=Todav&#237;a no se ha definido ninguna regla de enmascaramiento.
+masq_return=lista de enmascaramiento
+masq_title=Enmascaramiento
+nat_0=Direcci&#243;n externa
+nat_1=Interfaz externa
+nat_2=Direcci&#243;n interna
+nat_add=Agregar una nueva zona de entrada NAT est&#225;tica
+nat_all=&#191;Activa para todos los hosts?
+nat_create=Crear NAT est&#225;tica
+nat_desc=Las entradas de traducci&#243;n de direcciones de red origen de esta tabla se pueden utilizar para configurar una correspondencia 1 en 1 entre una direcci&#243;n externa del cortafuegos y una direcci&#243;n RFC1918 de una m&#225;quina detr&#225;s el cortafuegos. La NAT est&#225;tica se utiliza a menudo para permitir conexiones a un servidor interno desde fuera de su red.
+nat_edit=Edici&#243;n de NAT est&#225;tica
+nat_eext=Direcci&#243;n IP externa inv&#225;lida
+nat_eint=Direcci&#243;n IP interna inv&#225;lida
+nat_err=No he podido salvar la entrada NAT est&#225;tica
+nat_evirt=N&#250;mero de interfaz virtual inv&#225;lida
+nat_header=Detalles de la entrada NAT est&#225;tica
+nat_local=&#191;Activa para el sistema de cortafuegos?
+nat_none=Todav&#237;a no se ha definido ninguna entrada NAT est&#225;tica
+nat_return=lista de NATs est&#225;ticas
+nat_title=NAT est&#225;tica
+nat_virt=virtual
+policy_0=Zona origen
+policy_1=Zona destino
+policy_2=Pol&#237;tica
+policy_3=Nivel de syslog
+policy_4=L&#237;mite de tr&#225;fico
+policy_add=Agregar una nueva pol&#237;tica por defecto
+policy_create=Creaci&#243;n de Pol&#237;tica por Defecto
+policy_desc=Esta p&#225;gina permite configurar las acciones por defecto para el tr&#225;fico entre zonas diferentes del cortafuegos. Pueden ser particularizadas para ciertos hosts o tipo de tr&#225;fico en la p&#225;gina de reglas del Cortafuegos.
+policy_eburst=Falta el n&#250;mero de explosi&#243;n de tr&#225;fico o bien es inv&#225;lido
+policy_edit=Edici&#243;n de Pol&#237;tica por Defecto
+policy_efw=&lt;Cortafuegos&gt; se puede seleccionar tanto para la zona origen como la destino
+policy_elimit=Falta el nombre del tr&#225;fico l&#237;mite o bien es inv&#225;lido
+policy_err=No he podido guardar la pol&#237;tica por defecto
+policy_header=Detalles de la pol&#237;tica por defecto
+policy_limit=L&#237;mite $1, Burst(Explosi&#243;n) $2
+policy_nolog=Hist&#243;ricos desactivados
+policy_none=Todav&#237;a no se ha definido ninguna pol&#237;tica por defecto.
+policy_return=lista de pol&#237;ticas
+policy_title=Pol&#237;ticas por Defecto
+policy_ulog=Grabar a ULOG
+proxyndp_0=Direcci&#243;n a NDP
+proxyndp_1=Conectada a la interfaz
+proxyndp_2=Interfaz externa
+proxyndp_3=&#191;Persistente?
+proxyndp_add=Agregar una nueva direcci&#243;n de proxy NDP
+proxyndp_create=Creaci&#243;n de Direcci&#243;n Proxy NDP
+proxyndp_desc=Esta p&#225;gina permite configurar el sistema a fin de que responda las peticiones NDP de otras direcciones diferentes de la propia, de manera que pueda reenviar paquetes a aquellas direcciones a su destino real.
+proxyndp_eaddr=Falta la direcci&#243;n a NDP o bien es inv&#225;lida
+proxyndp_edit=Edici&#243;n de Direcci&#243;n Proxy NDP
+proxyndp_err=No he podido salvar proxy NDP
+proxyndp_have=&#191;Existe la ruta al host?
+proxyndp_header=Detalles proxy NDP
+proxyndp_none=Todav&#237;a no se ha definido ninguna direcci&#243;n de proxy NDP
+proxyndp_pers=&#191;Deja la ruta aunque el cortafuegos est&#233; detenido?
+proxyndp_return=la lista de direcciones de proxy NDP
+proxyndp_title=Proxy NDP
+refresh_err=No he podido refrescar la configuraci&#243;n
+restart_err=No he podido aplicar la configuraci&#243;n
+routestopped_0=Interfaz
+routestopped_1=Direcciones accesibles
+routestopped_add=Agregar una nueva direcci&#243;n detenida
+routestopped_all=Todas las direcciones
+routestopped_create=Creaci&#243;n de Direcciones Detenidas
+routestopped_desc=Por defecto, cuando el cortafuegos Shorewall se detenga, denegar&#225; el acceso desde todos los hosts. Esta p&#225;gina permite definir hosts o redes que todav&#237;a ser&#225;n accesibles.
+routestopped_eaddr=No has introducido ninguna direcci&#243;n
+routestopped_edit=Edici&#243;n de Direcciones Detenidas
+routestopped_err=No he podido salvar la direcci&#243;n detenida
+routestopped_header=Detalles de la direcci&#243;n detenida
+routestopped_list=Las direcciones y redes listadas...
+routestopped_none=Todav&#237;a no se ha definido ninguna direcci&#243;n accesible al detenerse.
+routestopped_return=la lista de direcciones detenidas
+routestopped_title=Cuando Est&#225; Detenido
+rules_0=Acci&#243;n
+rules_1=Origen
+rules_1z=Zona origen
+rules_2=Destino
+rules_2z=Zona o puerto de destino
+rules_3=Protocolo
+rules_4=Puertos de origen
+rules_5=Puertos destino
+rules_6=L&#237;mite de frecuencia
+rules_7=Conjunto de usuarios
+rules_add=Agregar una nueva regla del cortafuegos
+rules_addr=Solo los hosts de la zona con direcciones
+rules_create=Creaci&#243;n de Regla del Cortafuegos
+rules_desc=Esta tabla lista las excepciones de las pol&#237;ticas por defecto para cierto tipo de tr&#225;fico, origen, o destino. La acci&#243;n seleccionada se aplicar&#225; a los paquetes que coincidan con los criterios seleccionados en contra de la pol&#237;tica por defecto.
+rules_dnat=Direcci&#243;n de destino original para DNAT o REDIRECT
+rules_dnat_dest=Para DNAT o REDIRECT, rellene la nueva direcci&#243;n o puerto de destino.
+rules_dnat_port=Per a DNAT o REDIRECT, introduzca aqu&#237; el puerto del destino original.
+rules_eaction=No se seleccionaron acciones
+rules_edinzone=No has introducido ninguna direcci&#243;n de host destino
+rules_edit=Edici&#243;n de Regla del Cortafuegos
+rules_ednat=La direcci&#243;n NAT original de destino tiene que ser una sola direcci&#243;n IP o dos direcciones separadas por ':'
+rules_ednat2=S&#243;lo se puede introducir una direcci&#243;n NAT original para las acciones DNAT y REDIRECT
+rules_edother=Falta la zona destino o bien es inv&#225;lida
+rules_edport=No has introducido ning&#250;n nombre de puerto destino, n&#250;mero ni rango
+rules_err=No he podido guardar la regla del cortafuegos
+rules_esinzone=No has introducido ninguna direcci&#243;n de host origen
+rules_esother=Falta la zona origen o bien es inv&#225;lida
+rules_esport=No has introducido ning&#250;n nombre de puerto origen, n&#250;mero ni rango
+rules_header=Detalles de la regla del cortafuegos
+rules_hosts=Host <tt>$2</tt> de la zona <tt>$1</tt>
+rules_log=y graba a nivel syslog
+rules_nolog=No grabes
+rules_none=A&#250;n no se ha seleccionado ninguna regla del cortafuegos.
+rules_norate=Sin l&#237;mites
+rules_noset=Todos los usuarios
+rules_ranges=Puertos o rangos
+rules_rate=Expresi&#243;n de l&#237;mite de frecuencia
+rules_related=Relacionada
+rules_return=la lista de reglas del cortafuegos
+rules_rport=Puerto <tt>$1</tt>
+rules_set=La regla se aplica al conjunto de usuarios
+rules_title=Reglas del Cortafuegos
+rules_zone=Zona <tt>$1</tt>
+start_err=No he podido iniciar el cortafuegos
+status_title=Estado del Cortafuegos
+stop_err=No he podido cerrar el cortafuegos
+tos_0=Origen
+tos_0z=Zona origen
+tos_1=Destino
+tos_1z=Zona destino
+tos_2=Protocolo
+tos_3=Puertos origen
+tos_4=Puertos destino
+tos_5=Tipo de servicio
+tos_add=Agregar un nuevo tipo de servicio
+tos_create=Creaci&#243;n de Tipo de Servicio
+tos_desc=Esta p&#225;gina define tipos de servicio IP para casos particulares de tr&#225;fico, que se pueden utilizar para aumentar o disminuir las prioridades.
+tos_edit=Edici&#243;n de Tipo de Servicio
+tos_err=No he podido guardar el tipo de servicio
+tos_header=Detalles del tipo de servicio
+tos_none=Todav&#237;a no se ha definido ning&#250;n tipo de servicio.
+tos_return=la lista de tipos de servicios
+tos_title=Tipos de Servicios
+tunnels_0=Tipo de VPN
+tunnels_1=Zona por interfaz
+tunnels_2=Gateway remoto
+tunnels_3=Zonas del Gateway
+tunnels_add=Agregar un nuevo t&#250;nel VPN
+tunnels_create=Crea un T&#250;nel VPN
+tunnels_desc=Esta p&#225;gina lista los t&#250;neles VPN que pasan a trav&#233;s de su cortafuegos, y por lo tanto tienen que ser permitidos por la configuraci&#243;n de Shorewall.
+tunnels_edit=Editar el T&#250;nel VPN
+tunnels_egeneric=Falta el protocolo o el protocolo y el puerto del t&#250;nel gen&#233;rico
+tunnels_eopenvpn=N&#250;mero de puerto inv&#225;lido del t&#250;nel OpenVPN
+tunnels_err=No he podido salvar el t&#250;nel VPN
+tunnels_generic=Gen&#233;rico
+tunnels_generic_l=Gen&#233;rico, para el protocolo...
+tunnels_gnone=Ninguno
+tunnels_gre=GRE
+tunnels_gsel=Zonas listadas
+tunnels_header=Detalles del t&#250;nel VPN
+tunnels_ip=IP
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (sin AH)
+tunnels_ipsecnat=IPsec con NAT
+tunnels_ipsecnat:noah=IPsec con NAT (sin AH)
+tunnels_none=Todav&#237;a no se ha definido ning&#250;n t&#250;nel VPN por autorizar
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, al puerto...
+tunnels_pptpclient=Cliente PPTP
+tunnels_pptpserver=Servidor PPTP
+tunnels_return=la lista de t&#250;neles VPN
+tunnels_sel=IP del Gateway
+tunnels_title=T&#250;neles VPN
+zones_0=ID de zona
+zones_1=Nombre mostrado
+zones_2=Descripci&#243;n
+zones_add=Agregar una nueva zona de red.
+zones_create=Creaci&#243;n de Zona de Red
+zones_desc=Las zonas listadas en esta p&#225;gina representan diferentes redes accesibles desde tu sistema. No obstante, &#233;stas entradas no tienen ning&#250;n efecto sobre el cortafuegos - simplemente definen nombres y descripciones de zona.
+zones_edesc=Falta la descripci&#243;n de la zona o bien es inv&#225;lida
+zones_edit=Edici&#243;n de Zona de Red
+zones_efwid=Los IDs $FW y fw de la zona estan reservados para los cortafuegos
+zones_eid=Falta el ID de zona o bien es inv&#225;lido
+zones_ename=Falta el nombre mostrado o bien es inv&#225;lido
+zones_err=No he podido guardar la zona de red
+zones_header=Detalles de la zona de red
+zones_none=Todav&#237;a no se ha definido ninguna zona de red.
+zones_return=la lista de zonas
+zones_title=Zonas de Red
diff --git a/shorewall6/lang/fr b/shorewall6/lang/fr
new file mode 100644
index 000000000..088074f0d
--- /dev/null
+++ b/shorewall6/lang/fr
@@ -0,0 +1,304 @@
+acl_nochange=Peut appliquer, arr&#234;ter et d&#233;marrer la configuration Shorewall ?
+blacklist_0=H&#244;te ou r&#233;seau
+blacklist_1=Protocole
+blacklist_2=Portes
+blacklist_add=Ajouter un nouveau h&#244;te &#224; blacklister.
+blacklist_host=H&#244;te ou r&#233;seau
+blacklist_proto=Protocole
+check_cmd=V&#233;rification de la configuration...
+check_failed=..une erreur a &#233;t&#233; trouv&#233; dans la configuration de votre firewall !
+check_ok=..la configuration de votre firewall semble correcte.
+check_title=V&#233;rification du Firewall
+clear_err=La remise &#224; z&#233;ro du firewall a &#233;chou&#233;
+comment_add=Ajouter un nouveau commentaire.
+comment_create=Cr&#233;er un commentaire
+comment_edit=&#201;diter un commentaire
+comment_enone=Aucun message n'a &#233;t&#233; saisi
+comment_err=&#201;chec de sauvegarde du commentaire
+comment_msg=Message
+edit_after=Apr&#232;s l'entr&#233;e $1
+edit_before=Avant l'entr&#233;e $1
+hosts_0=Zone
+hosts_1=Interface
+hosts_2=Adresse IP ou r&#233;seau
+hosts_any=N'importe quel h&#244;te
+hosts_ip=Adresse ou r&#233;seau $1
+hosts_mac=Adresse MAC $1
+hosts_opts=Options du h&#244;te
+index_check=V&#233;rifier le Firewall
+index_checkdesc=Cliquez ce bouton pour tester les r&#232;gles shorewall6 avant de les appliquer avec la commande "<tt>shorewall6 check</tt>".
+index_clear=Remettre &#224; z&#233;ro le Firewall
+index_cleardesc=Cliquez ce bouton pour remettre &#224; z&#233;ro Shorewall avec la commande "<tt>shorewall6 clear</tt>". Ceci donnera acc&#232;s &#224; toutes les machines sur le syst&#232;me.
+index_dump=Afficher le dump
+index_ecmd=The command $1 was not found on your system. Maybe it is not installed, or the <a href='$2'>module configuration</a> is incorrect.
+index_edir=The Shorewall configuration directory $1 was not found on your system. Maybe it is not installed, or the <a href='$2'>module configuration</a> is incorrect.
+index_refresh=Recharger la Configuration
+index_refreshdesc=Cliquez ce bouton pour seulement activer les tables Blacklist et Traffic Shaping avec la commande "<tt>shorewall6 refresh</tt>".
+index_restart=Appliquer la Configuration
+index_restartdesc=Cliquez ce bouton pour activer la configuration actuelle de Shorewall avec la commande "<tt>shorewall6 restart</tt>".
+index_return=liste des tables
+index_start=D&#233;marrer le Firewall
+index_startdesc=Cliquez ce bouton pour d&#233;marrer Shorewall avec la configuration actuelle avec la commande "<tt>shorewall6 start</tt>".
+index_status=Afficher le Status
+index_statusdesc=Cliquez ce bouton pour visualiser les tables et r&#232;gles Shorewall avec la commande "<tt>shorewall6 status</tt>".
+index_stop=Arr&#234;ter le Firewall
+index_stopdesc=Cliquez ce bouton pour arr&#234;ter Shorewall avec la commande "<tt>shorewall6 stop</tt>", ceci bloquera TOUS les acc&#232;s except&#233; pour les machines d&#233;finies dans la zone "Quand Arr&#234;t&#233;".
+index_title=Shorewall6 Firewall
+index_version=Shorewall6 version $1
+interfaces_0=Interface
+interfaces_1=Zone name
+interfaces_2=Adresse de Broadcast
+interfaces_3=Options
+interfaces_add=Ajouter une nouvelle interface r&#233;seau
+interfaces_create=Cr&#233;er une Interface R&#233;seau
+interfaces_desc=Toutes les interfaces r&#233;seau que vous voulez g&#233;rer avec Shorewall doivent &#234;tre list&#233;es ici et associ&#233;e avec la zone &#224; connecter. L'interface de loopback <tt>lo</tt> ne doit jamais &#234;tre list&#233;e ici.
+interfaces_detect=Automatique
+interfaces_ebroad=Adresse de broadcast manquante ou invalide
+interfaces_edit=Editer une Interface R&#233;seau
+interfaces_eiface=Nom d'interface manquante ou invalide
+interfaces_err=Enregistrement des interface r&#233;seau impossible
+interfaces_header=D&#233;tails de l'Interface R&#233;seau
+interfaces_none=Aucune interface r&#233;seau n'ont encore &#233;t&#233; d&#233;fini.
+interfaces_return=liste des interfaces
+interfaces_title=Interfaces R&#233;seau
+list_any=Tous
+list_auto=Automatique
+list_delete=Supprimer la s&#233;lection
+list_ecannot=Vous n'&#234;tes pas autoris&#233; &#224; &#233;dition cette table de Shorewall
+list_fw=Firewall
+list_manual=&#201;diter le fichier manuellement
+list_manualdesc=Cliquez sur ce bouton pour pouvoir &#233;diter manuellement le fichier $1 de Shorewall dans lequel sont enregistr&#233;es les entr&#233;es ci-dessus.
+list_move=D&#233;placer
+list_none=Aucun
+list_other=Autres..
+log_restart=Pare-feu red&#233;marr&#233;
+log_start=Pare-feu d&#233;marr&#233;
+log_stop=Pare-feu arr&#234;t&#233;
+masq_0=Interface de sortie
+masq_1=R&#233;seau &#224; masquerader
+masq_2=SNAT address
+masq_5=Option IPsec
+masq_add=Ajouter une nouvelle r&#232;gle de masquerading
+masq_all=Tous les ports
+masq_any=N'importe quel protocol
+masq_create=Cr&#233;er une R&#232;gle de Masquerading
+masq_desc=Les entr&#233;es list&#233;es sur cette page d&#233;finissent les translation d'adresses r&#233;seau en masquerade rout&#233;s entre certains r&#233;seaux et une interface particuli&#232;re.<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+masq_edit=Editer une R&#232;gle de Masquerading
+masq_eipsec=Option IPsec manquants
+masq_emnet=Adresse de sous-r&#233;seau manquante ou invalide
+masq_emnete=Liste d'exception r&#233;seau vide
+masq_enet=Interface de destination manquante ou invalide
+masq_err=Enregistrement des r&#232;gles de masquerading impossible
+masq_esnat=Invalide adresse SNAT IP
+masq_ex=R&#233;seau sur <tt>$1</tt> sauf <tt>$2</tt>
+masq_except=Sauf pour les r&#233;seaux
+masq_header=D&#233;tails de la R&#232;gle de Masquerading
+masq_iface=R&#233;seau sur on <tt>$1</tt>
+masq_in=<tt>$2</tt> sur <tt>$1</tt>
+masq_mode0=Adresse de sous-r&#233;seau
+masq_mode1=Sous-r&#233;seau ou interface
+masq_net=Seulement en destination
+masq_none=Aucune r&#232;gle de masquerading n'ont encore &#233;t&#233; d&#233;fini.
+masq_return=liste des masquerading
+masq_title=Masquerading
+nat_0=Adresse externe
+nat_1=Adresse interne
+nat_2=Adresse interne
+nat_add=Ajouter une nouvelle entr&#233;e NAT Statique
+nat_all=Actif pour toutes les machines ?
+nat_create=Cr&#233;er un NAT Statique
+nat_desc=La liste de translation statique d'adresse dans cette table est utilis&#233;e pour d&#233;finir une correspondance exacte entre une adresse IP externe et l'adresse RFC1918 d'une machine derri&#232;re le firewall. Le NAT Statique est souvent utilis&#233; pour permettre une connection sur un serveur interne depuis l'ext&#233;rieur.<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+nat_edit=Editer un NAT Statique
+nat_eext=Invalide adresse IP externe
+nat_eint=Invalide adresse IP interne
+nat_err=Enregistrement des NAT Statiques impossible
+nat_evirt=Invalide num&#233;ro d'interface virtuelle
+nat_header=D&#233;tails du NAT Statique
+nat_local=Actif pour le firewall ?
+nat_none=Aucune entr&#233; NAT Statique n'a encore &#233;t&#233; d&#233;fini.
+nat_return=liste des NAT Statiques
+nat_title=NAT Statique
+nat_virt=virtuel
+opts_dhcp=L'interface utilise DHCP
+opts_ipsec=Zone IPsec
+opts_proxyndp=Activer Proxy NDP
+params_0=Param&#232;tre
+params_1=Valeure
+params_2=Commentaire
+params_add=Ajouter un nouveau param&#232;tre personnalis&#233;.
+params_create=Cr&#233;er un param&#232;tre personnalis&#233;
+policy_0=Source zone
+policy_1=Destination zone
+policy_2=R&#232;gle
+policy_3=Niveau Syslog
+policy_4=Limite de Trafic
+policy_add=Ajouter une nouvelle r&#232;gle par d&#233;faut
+policy_create=Cr&#233;er une R&#232;gle par D&#233;faut
+policy_desc=Cette page vous permet de d&#233;finir les r&#232;gles par d&#233;faut &#224; appliquer sur le trafic entre les diff&#233;rentes zones du firewall. Elles pourront &#234;tre modifi&#233; pour certaines machines ou certains type de trafic sur la page "R&#232;gles Firewall".<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+policy_eburst=Burst Trafic manquant ou invalide
+policy_edit=Editer la R&#232;gle par D&#233;faut
+policy_efw=&lt;Firewall&gt; ne peut &#234;tre selectionn&#233; en source ET en destination
+policy_elimit=Trafic Limite manquant ou invalide
+policy_err=L'enregistrement de la r&#232;gle par d&#233;faut a &#233;chou&#233;
+policy_header=D&#233;tails de la R&#232;gle par D&#233;faut
+policy_limit=Limit $1, Burst $2
+policy_nolog=Logging desactiv&#233;
+policy_none=Acune r&#232;gle par d&#233;faut n'a encore &#233;t&#233; d&#233;fini.
+policy_return=liste des r&#232;gles
+policy_title=R&#232;gles par D&#233;faut
+policy_ulog=Logue dans ULOG
+providers_0=Nom
+providers_1=Num&#233;ro
+providers_3=Interface
+providers_4=Passerelle
+providers_auto=D&#233;tecter automatiquement
+providers_egateway=Passerelle manquante ou invalide
+providers_ename=Nom du fournisseur manquant ou invalide
+providers_enumber=Num&#233;ro du fournisseur manquant ou invalide
+providers_err=&#201;chec lors de la sauvegarde du fournisseur de routage
+providers_iface=Interface r&#233;seau
+providers_name=Nom du fournisseur d'acc&#232;s
+providers_number=Num&#233;ro du fournisseur d'acc&#232;s
+providers_opts=Option additionnelles
+proxyndp_0=Adresse &#224; NDPer
+proxyndp_1=Connecter sur l'interface
+proxyndp_2=Interface externe
+proxyndp_add=Ajouter une nouvelle adresse Proxy NDP
+proxyndp_create=Cr&#233;er une nouvelle adresse Proxy NDP
+proxyndp_desc=Cette page vous permet de configurer votre syst&#232;me pour r&#233;pondre aux requ&#234;tes sur des adresses IP autres que les siennes, ainsi il pourra faire suivre les paquets de ces adresses vers leur destinations r&#233;elles.<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+proxyndp_eaddr=Adresse Proxy NDP manquante ou invalide
+proxyndp_edit=Editer une adresse Proxy NDP
+proxyndp_err=Enregistrement des adresses Proxy NDP impossible
+proxyndp_have=La route vers la machine existe ?
+proxyndp_header=D&#233;tails de l'adresse Proxy NDP
+proxyndp_none=Aucune adresse Proxy NDP n'a encore &#233;t&#233; d&#233;fini.
+proxyndp_return=liste des adresses Proxy NDP
+proxyndp_title=Proxy NDP
+refresh_err=Le raffraichissement de la configuration a &#233;chou&#233;
+restart_err=L'application de la configuration a &#233;chou&#233;
+routestopped_0=Interface
+routestopped_1=Adresse accessible
+routestopped_add=Ajouter une nouvelle adresse
+routestopped_all=Toutes les adresses
+routestopped_create=Cr&#233;er une nouvelle adresse d'acc&#232;s
+routestopped_desc=Par d&#233;faut lorsque Shorewall est stopp&#233; il bloque l'acc&#232;s &#224; TOUTES les machines sur le syst&#232;me. Cette page permet de d&#233;finir les machines ou r&#233;seaux pouvant avoir acc&#232;s apr&#232;s l'arr&#234;t.
+routestopped_eaddr=Pas d'adresse saisie
+routestopped_edit=Editer une adresse d'acc&#232;s
+routestopped_err=Enregistrement des adresse d'acc&#232;s impossible
+routestopped_header=D&#233;tails de l'adresse d'acc&#232;s
+routestopped_list=Adresses et r&#233;seaux list&#233;s...
+routestopped_none=Aucune adresse d'acc&#232;s n'a encore &#233;t&#233; d&#233;fini.
+routestopped_return=liste des adresse d'acc&#232;s
+routestopped_title=Quand Arr&#234;t&#233;
+rules_0=Action
+rules_1=Source
+rules_1z=Source zone
+rules_2=Destination
+rules_2z=Destination zone ou port
+rules_3=Protocole
+rules_4=Source ports
+rules_5=Destination ports
+rules_add=Ajouter une nouvelle r&#232;gle firewall
+rules_addr=Seulement les machines avec les adresses
+rules_create=Cr&#233;er une r&#232;gle Firewall
+rules_desc=Cette table liste les exceptions apport&#233;es aux r&#232;gles par d&#233;faut pour certains types de trafic, sources ou destinations. Les actions choisies seront appliqu&#233;es aux paquets IP correspondant aux crit&#232;res choisis &#224; la place de ceux d&#233;finis par d&#233;faut.<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+rules_dnat=Adresses de destination pour DNAT ou REDIRECT
+rules_eaction=Aucune action n'est s&#233;lectionn&#233;e
+rules_edinzone=Pas d'adresse machine donn&#233; pour la destination
+rules_edit=Editer une r&#232;gle Firewall
+rules_ednat=L'adresse NAT de destination doit &#234;tre une simple IP ou deux adresses s&#233;par&#233;es par un ":"
+rules_ednat2=Une adresse de destination NAT ne peut seulement &#234;tre donn&#233; pour du DNAT ou du REDIRECT.
+rules_edother=Zone destination manquante ou invalide Missing
+rules_edport=Pas de port destination donn&#233;, nom num&#233;ro ou plage de ports
+rules_err=Enregistrement des r&#232;gles firewall impossible
+rules_esinzone=Pas d'adresse machine donn&#233; pour la source
+rules_esother=Zone source manquante ou invalide
+rules_esport=Pas de port source donn&#233;, nom, num&#233;ro ou plage de ports
+rules_header=D&#233;tails de la r&#232;gle Firewall
+rules_hosts=Machine(s): <br><tt>$2</tt><br>de la zone $1
+rules_log=et logue dans le niveau syslog
+rules_nolog=Ne pas loguer
+rules_none=Aucune r&#232;gle de firewall n'ont encore &#233;t&#233; d&#233;fini.
+rules_none2=Aucun
+rules_norate=Aucune limite
+rules_noset=Tous les utilisateurs
+rules_ranges=Ports ou plage de Ports
+rules_related=Related
+rules_return=liste des r&#232;gles firewall
+rules_rport=Port <tt>$1</tt>
+rules_title=R&#232;gles Firewall
+rules_zone=Zone $1
+shorewall_conf_0=Variable
+shorewall_conf_1=Valeure
+shorewall_conf_2=Commentaire
+start_err=Le d&#233;marrage du firewall a &#233;chou&#233;
+status_title=Status du Firewall
+stop_err=L'arr&#234;t du firewall a &#233;chou&#233;
+tos_0=Source
+tos_0z=Source zone
+tos_1=Destination
+tos_1z=Destination zone
+tos_2=Protocole
+tos_3=Source ports
+tos_4=Destination ports
+tos_5=Type of service
+tos_6=test
+tos_add=Ajouter un nouveau type de service
+tos_create=Cr&#233;er un nouveau Type de Service
+tos_desc=Cette page d&#233;fini les types de service IP (ToS) par type de trafic pouvant &#234;tre utilis&#233; pour augmenter ou diminuer la priorit&#233; des paquets.<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+tos_edit=Editer un Type de Service
+tos_err=Enregistrement du type de service impossible
+tos_header=D&#233;tails du Type de Service
+tos_none=Aucun type de service n'ont encore &#233;t&#233; d&#233;fini.
+tos_return=liste des type de service
+tos_title=Types de Services
+tunnels_0=Type de VPN
+tunnels_1=Zone pour l'interface
+tunnels_2=Passerelle distante
+tunnels_3=Zones de passerelles
+tunnels_add=Ajouter un nouveau tunnel VPN
+tunnels_create=Cr&#233;er un tunnel VPN
+tunnels_desc=Cette page liste les tunnels VPN passant au travers du firewall et devant &#234;tre autoris&#233;s dans la configuration de Shorewall.<br><br>Pour plus de d&#233;tails voir <A HREF="http://www.shorewall.net/">le site Web Shorewall</A>
+tunnels_edit=Editer un tunnel VPN
+tunnels_eopenvpn=Le num&#233;ro de port du tunnel OpenVPN est invalide
+tunnels_err=Enregistrement des tunnels VPN impossible
+tunnels_generic=G&#233;n&#233;rique
+tunnels_generic_l=G&#233;n&#233;rique, pour le protocole ...
+tunnels_gnone=Aucune
+tunnels_gre=GRE
+tunnels_gsel=Zones list&#233;es
+tunnels_header=D&#233;tails du tunnel VPN VPN
+tunnels_ip=IP
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (pas de AH)
+tunnels_ipsecnat=IPsec avec NAT
+tunnels_ipsecnat:noah=IPsec avec NAT (pas de AH)
+tunnels_none=Aucun tunnel VPN &#224; autoriser n'a encore &#233;t&#233; d&#233;fini.
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, sur le port ...
+tunnels_pptpclient=Client PPTP
+tunnels_pptpserver=Serveur PPTP
+tunnels_return=Liste des tunnels VPN
+tunnels_sel=Passerelle IP
+tunnels_title=Tunnels VPN
+zones_0=Zone ID
+zones_1=Nom affich&#233;
+zones_2=Description
+zones_2new=Type de zone
+zones_3new=Options de la zone
+zones_6new=Commentaire
+zones_add=Ajouter une nouvelle zone r&#233;seau.
+zones_create=Cr&#233;er une Zone R&#233;seau
+zones_desc=Les zones list&#233;es sur cette page repr&#233;sentent les diff&#233;rents r&#233;seaux connectables depuis votre syst&#232;me. N&#233;anmoins, ces entr&#233;es n'ont aucun effet sur le firewall - elles d&#233;finissent juste leurs noms et leurs descriptions.
+zones_edesc=Description de zone manquante
+zones_edit=Editer une Zone R&#233;seau
+zones_eid=Invalide ou Zone ID manquante
+zones_ename=Nom affich&#233; manquant ou invalide
+zones_eopts=Les options de la zone sont invalides
+zones_err=L'enregistrement de la zone r&#233;seau a &#233;chou&#233;
+zones_header=D&#233;tails de la Zone R&#233;seau
+zones_ipsec=IPsec
+zones_ipv6=IPv6
+zones_none=Aucune zone r&#233;seau n'a encore &#233;t&#233; d&#233;finie.
+zones_return=liste des zones
+zones_title=Zones R&#233;seau
diff --git a/shorewall6/lang/nl b/shorewall6/lang/nl
new file mode 100644
index 000000000..d9812b8b3
--- /dev/null
+++ b/shorewall6/lang/nl
@@ -0,0 +1,431 @@
+__norefs=1
+acl_all=Alles
+acl_files=Beschikbare Shorewall tabellen
+acl_nochange=Mag Shorewall configuratie toevoegen, stoppen en starten?
+acl_sel=Hieronder geselecteerd ..
+blacklist_0=Host of netwerk
+blacklist_1=Protocol
+blacklist_2=Poorten
+blacklist_add=Voeg een nieuwe host toe aan de zwarte lijst.
+blacklist_any=Iedere
+blacklist_create=Maak een Zwarte-lijst Host
+blacklist_desc=Op deze pagina staat een lijst met host en services die worden geblokkeerd indien er data verkeer vanaf komt op via interface waarbij de <b>zwarte-lijst</b> optie gezet is.
+blacklist_edit=Bewerk Zwarte-lijst Host
+blacklist_ehost=Ontbrekende of ongeldige host IP adres of netwerk adres
+blacklist_eipset=Ontbrekende IP set naam
+blacklist_emac=Ontbrekende of ongeldig MAC adres
+blacklist_eports=Ongeldig poort nummer of komma gescheiden lijst met poorten
+blacklist_eports2=Poorten kunnen alleen worden gespecificeerd voor de TCP en UDP protocollen
+blacklist_eproto=Ontbrekend of ongeldig protocol
+blacklist_err=Mislukt om host zwarte lijst op te slaan
+blacklist_header=Zwarte-lijst host details
+blacklist_host=Host of netwerk
+blacklist_none=Er is nog geen zwarte lijst host gedefinieerd.
+blacklist_ports=Poort of poort-lijst
+blacklist_proto=Protocol
+blacklist_return=zwarte-lijst hosts
+blacklist_title=Zwarte-lijst Hosts
+check_cmd=Controleren van configuratie ..
+check_failed=.. er is een fout gevonden in uw firewall configuratie!
+check_ok=.. uw firewall configuratie lijkt in orde.
+check_title=Controleer Firewall
+clear_err=Mislukt om firewall op te schonen.
+comment_add=Nieuw commentaar toe voegen.
+comment_create=Maak Commentaar
+comment_edit=Bewerk Commentaar
+comment_enone=Geen bericht ingevuld
+comment_err=Mislukt om commentaar op te slaan
+comment_header=Tabel commentaar details
+comment_msg=Bericht
+delete_enone=Geen rijen geselecteerd
+delete_err=Mislukt om rijen te verwijderen
+dump_title=Firewall Dump
+edit_after=Na ingang $1
+edit_before=Voor ingang $1
+hosts_0=Zone
+hosts_1=Interface
+hosts_2=IP adres of netwerk
+hosts_add=Toevoegen van een nieuwe zone host
+hosts_any=Elke host
+hosts_create=Maak Zone Host
+hosts_desc=Deze pagina geeft een lijst met hosts en netwerken die een onderdeel zijn van bepaalde zones. U hoeft normaal gesproken geen veranderingen te maken aan deze lijst.
+hosts_edit=Bewerk Zone Host
+hosts_enet=Ontbrekende of ongeldige host adres
+hosts_err=Mislukt om zone host op te slaan
+hosts_header=Zone host details
+hosts_ip=Adres of netwerk $1
+hosts_ipset=IP set $1
+hosts_mac=MAC adres $1
+hosts_none=Er zijn nog geen zone hosts gedefinieerd.
+hosts_opts=Host opties
+hosts_return=zone hosts lijst
+hosts_routestopped=Route zelfs wanneer de firewall is gestopt?
+hosts_title=Zone Hosts
+index_check=Controleer Firewall
+index_checkdesc=Klik op deze knop om Shorewall uw firewall configuratie te laten valideren met de <tt>shorewall6 check</tt> opdracht.
+index_clear=Opschonen Firewall
+index_cleardesc=Klik op deze knop om de Shorewall firewall op te schonen met de <tt>shorewall6 clear</tt> opdracht. Hiermee krijg je toegang van alle hosts zonder beperkingen.
+index_dump=Laat Dump Zien
+index_dumpdesc=Klik op deze knop om een overzicht te krijgen van de Shorewall opsporings informatie die verkregen is met de <tt>shorewall6 dump</tt> opdracht.
+index_ecmd=De opdracht $1 is niet gevonden op uw systeem. Misschien is het niet geinstalleerd, of de <a href='$2'>module configuratie</a> is niet correct.
+index_edir=De Shorewall configuratie directory $1 is niet gevonden op uw systeem. Misschien is het niet geinstalleerd, of de <a href='$2'>module configuratie</a> is niet correct.
+index_refresh=Ververs Configuratie
+index_refreshdesc=Klik op deze knop om de zwarte-lijst en Verkeer Vorming tabellen te activeren met de <tt>shorewall6 ververs</tt> opdracht.
+index_restart=Configuratie Toevoegen
+index_restartdesc=Klik op deze knop om de huidige Shorewall configuratie te activeren met de <tt>shorewall6 herstart</tt> opdracht.
+index_return=Lijst met tabellen
+index_start=Start Firewall
+index_startdesc=Klik op deze knop om Shorewall te starten met de huidige configuratie met de <tt>shorewall6 start</tt> opdracht.
+index_status=Laat Status Zien
+index_statusdesc=Klik op deze knop om Shorewall's tabellen en regels te bekijken met de <tt>shorewall6 status</tt> opdracht.
+index_stop=Stop Firewall
+index_stopdesc=Klik op deze knop om Shorewall uit te schakelen met de <tt>shorewall6 stop</tt> opdracht. Dit zal de toegang van alle host blokkeren, behalve van die in de -Wanneer Gestopt Tabel.
+index_title=Shorewall6 Firewall
+index_version=Shorewall6 versie $1
+interfaces_0=Interface
+interfaces_1=Zone naam
+interfaces_2=Broadcast adres
+interfaces_3=Opties
+interfaces_add=Nieuwe netwerk interface toevoegen.
+interfaces_create=Maak Netwerk Interface
+interfaces_desc=Alle netwerk interfaces op uw systeem waarvan u wilt dat die beheert worden door Shorewall moeten in de lijst staan op deze pagina, en zijn geassocieerd met de zone waarmee die verbonden is. De loopback interface <tt>lo</tt> mag nooit in deze lijst staan.
+interfaces_detect=Automatisch
+interfaces_ebroad=Ontbrekend of ongeldig broadcast adres
+interfaces_edit=Bewerk Netwerk Interface
+interfaces_eiface=Ontbrekende of ongeldige interface naam
+interfaces_err=Mislukt om netwerk interface op te slaan
+interfaces_header=Netwerk interface details
+interfaces_none=Er zijn nog geen netwerk interfaces gedefinieerd.
+interfaces_return=interfaces lijst
+interfaces_title=Netwerk Interfaces
+list_add=Toevoegen
+list_any=Iedere
+list_auto=Automatisch
+list_delete=Verwijder Geselecteerde
+list_ecannot=U bent niet bevoegd deze Shorewall tabel te bewerken.
+list_fw=Firewall
+list_manual=Bewerk Handmatig File
+list_manualdesc=Klik op deze knop om handmatig de Shorewall file $1 te bewerken, waarin de ingang hierboven zijn opgeslagen.
+list_move=Verplaats
+list_none=Geen
+list_other=Andere ..
+log_clear=Opgeschoonde firewall
+log_create_comment=Toegevoegd commentaar aan de $1 tabel
+log_create_table=Toegevoegde ingang aan de $1 tabel
+log_delete_comment=Verwijdert commentaar van tabel $1
+log_delete_table=Verwijderde ingang van tabel $1
+log_deletes_table=Verwijderde ingangen van tabel $1
+log_down_table=Neerwaarts verplaatste ingang in tabel $1
+log_manual_table=Handmatig bewerkte tabellen file $1
+log_modify_comment=Gemodificeerd commentaar in de tabel $1
+log_modify_table=Gemodificeerde ingang in de tabel $1
+log_refresh=Ververste firewall
+log_restart=Opnieuw gestarte firewall
+log_start=Gestarten firewall
+log_stop=Gestopten firewall
+log_up_table=Naar boven verplaatsten ingang in tabel $1
+manual_desc=Dit formulier kan gebruikt worden om handmatig de Shorewall file $1 te bewerken. Wees voorzichtig omdat er geen syntax controle zal worden uitgevoerd.
+manual_edata=Geen tabellen file inhoud ingevuld.
+manual_efile=Ongeldige tabel naam!
+manual_err=Mislukt om tabel file op te slaan
+manual_reset=Ongedaan maken
+masq_0=Uitgaande interface
+masq_1=Netwerk naar maskerade
+masq_2=SNAT adres
+masq_3=Beperk tot protocol
+masq_4=Beperk tot poorten
+masq_5=IPsec opties
+masq_add=Toevoegen van een nieuwe maskerade regel.
+masq_all=Alle poorten
+masq_any=Elk protocol
+masq_create=Maak maskerade regel
+masq_desc=Ingangen op deze pagina bepalen netwerk adres vertalingen voor verkeer wat gerouteerd word tussen netwerk en bepaalde interfaces.
+masq_edit=Bewerk Maskerade Regel
+masq_eipsec=Ontbrekende IPsec opties
+masq_emnet=Ontbrekende of ongeldige maskerade subnet adres
+masq_emnete=Leeg maken van de uitzonderingen netwerken lijst
+masq_enet=Ontbrekende of ongeldige uitgaande interface bestemming
+masq_eports=Ontbrekende of ongeldige komma-gescheiden lijst met poorten
+masq_err=Mislukt om maskerade regel op te slaan
+masq_esnat=Ongeldig SNAT IP adres
+masq_ex=Netwerk op <tt>$1</tt> behalve <tt>$2</tt>
+masq_except=Behalve voor netwerken
+masq_header=Maskerade regel details
+masq_iface=Netwerk op <tt>$1</tt>
+masq_in=<tt>$2</tt> op <tt>$1</tt>
+masq_mode0=Subnet adres
+masq_mode1=Subnet op interface
+masq_net=Alleen voor bestemming
+masq_none=Er zijn nog geen maskerade regels gedefinieerd.
+masq_return=maskerade lijst
+masq_title=Maskerade
+nat_0=Extern adres
+nat_1=Externe interface
+nat_2=Intern adres
+nat_add=Voeg een nieuwe statische NAT ingang toe.
+nat_all=Actief voor alle hosts?
+nat_create=Maak Statische NAT
+nat_desc=De statische netwerk adres vertaal ingangen in deze tabel kunnen worden gebruikt om een 1-op-1 setup te maken tussen een extern adres op uw firewall en een RFC1918 adres van een machine achter uw firewall. Statische NAT word vaak gebruikt om verbindingen toe te staan naar een interne server van buiten uw netwerk.
+nat_edit=Bewerk Statische NAT
+nat_eext=Ongeldig extern IP adres
+nat_eint=Ongeldig intern IP adres
+nat_err=Mislukt om statische NAT ingang op te slaan
+nat_evirt=Ongeldig virtueel interface getal
+nat_header=Statische NAT ingang details
+nat_local=Actief voor firewall systeem?
+nat_none=Er zijn nog geen statische NAT ingangen gedefinieerd.
+nat_return=statische NAT lijst
+nat_title=Statische NAT
+nat_virt=virtueel
+opts_ndp_filter=Alleen reageren op NDP aanvragen voor interface IP
+opts_blacklist=Pakketten van de zwarte lijst weigeren
+opts_critical=Altijd verkeer toestaan tussen de firewall
+opts_dest=Verkeer naar host van iedere bron toestaan
+opts_detectnets=Taylor zone om in te voegen bij de routed hosts
+opts_dhcp=Interface gebruikt DHCP
+opts_ipsec=IPsec zone
+opts_logmartians=Log pakketten met onmogelijke bronnen
+opts_maclist=Vergelijken met de MAC lijst?
+opts_norfc1918=Weiger prive IP pakketten
+opts_nosmurfs=Controleer op broadcast bron pakketten
+opts_proxyndp=Proxy NDP aanzetten
+opts_routeback=Accepteer verkeer terug naar de host
+opts_routefilter=Aanzetten van anti-spoofing route filteren
+opts_source=Van host naar iedere bestemming toestaan
+opts_tcpflags=Controleer op illegale TCP flags
+opts_upnp=Her-mappen van pakketten via UPNP
+params_0=Parameter
+params_1=Waarde
+params_2=Commentaar
+params_add=Nieuwe handmatige parameter toevoegen.
+params_create=Maak handmatige parameter
+params_desc=Op deze pagina kunt u Shorewall's handmatige parameters configureren. LET OP: De volgorde van de parameters op deze plek veranderen word niet aanbevolen indien u de relatieve positie van de commentaren in de configuratie file wilt behouden.
+params_edit=Bewerk handmatige parameter
+params_err=Mislukt om handmatige parameter op te slaan
+params_header=Handmatige parameter details
+params_none=Geen handmatige parameter gevonden.
+params_return=Handmatige parameter lijst
+params_title=Handmatige parameter
+params_varname=Ongeldige parameter naam (moet een geldige shell variabele naam zijn)
+policy_0=Bron zone
+policy_1=Bestemming zone
+policy_2=Beleid
+policy_3=Systeem log niveau
+policy_4=Verkeer limiet
+policy_add=Nieuw standaard beleid toevoegen.
+policy_create=Maak Standaard Beleid
+policy_desc=Op deze pagina kunt u de standaard acties voor verkeer tussen verschillende firewall zones configureren.
+policy_eburst=Ontbrekend of ongeldig boost getal
+policy_edit=Bewerk Standaard Beleid
+policy_efw=&lt;Firewall&gt; kan worden geselecteerd voor en de bron en de bestemmings zones
+policy_elimit=Ontbrekende of ongeldig limiet getal voor dataverkeer
+policy_err=Mislukt om standaard beleid op te slaan
+policy_header=Standaard beleid details
+policy_limit=Limiet $1, Boost $2
+policy_nolog=Loggen is uitgeschakeld
+policy_none=Er is nog geen standaard beleid gedefinieerd.
+policy_return=beleid's lijst
+policy_title=Standaard Beleid
+policy_ulog=Log naar ULOG
+providers_0=Naam
+providers_1=Nummer
+providers_2=Markeer
+providers_3=Interface
+providers_4=Gateway
+providers_add=Een nieuwe provider route toevoegen
+providers_auto=Automatisch detecteren
+providers_balance=Load-balance verkeer
+providers_copy=Kopieer routes door interfaces
+providers_create=Maak Router Provider
+providers_desc=Op deze pagina zijn extra routing tabellen gedefinieerd. Deze zijn nodig indien u verbindingen heeft naar meerdere ISP of meerdere verbindingen naar dezelfde ISP, of u Suid laat werken als een transparante proxy op een host anders dan de firewall.
+providers_dup=Dupliceer provider
+providers_edit=Bewerk Router Provider
+providers_edup=Ontbrekende provider om te dupliceren
+providers_egateway=Ontbrekende of ongeldige gateway
+providers_emark=Ontbrekende of ongeldige provider markeer nummer
+providers_ename=Ontbrekende of ongeldige provider naam
+providers_enumber=Ontbrekende of ongeldige provider nummer
+providers_err=Mislukt om router provider op te slaan
+providers_gateway=Gateway router
+providers_header=Extra router provider details
+providers_iface=Netwerk interface
+providers_loose=Verkeer van firewall toestaan
+providers_main=Hoofd tabel
+providers_mark=Markeer nummer
+providers_name=Provider naam
+providers_none=Er zijn nog geen router providers gedefinieerd.
+providers_number=Provider nummer
+providers_opts=Extra opties
+providers_title=Extra Router Providers
+providers_track=Opsporen verbindingen
+proxyndp_0=Adres naar NDP
+proxyndp_1=Verbonden met interface
+proxyndp_2=Externe interface
+proxyndp_3=Blijvend?
+proxyndp_add=Toevoegen van een nieuwe proxy NDP adres
+proxyndp_create=Maak Proxy NDP Adres
+proxyndp_desc=Met deze pagina kunt u uw systeem configureren dat deze antwoord geeft op NDP aanvragen voor IP adressen anders dan voor zichzelf, zodat het de pakketten kan doorsturen naar hun echte bestemming.
+proxyndp_eaddr=Ontbrekend of ongeldig adres naar NDP
+proxyndp_edit=Bewerk Proxy NDP Adres
+proxyndp_err=Mislukt om proxy NDP op te slaan
+proxyndp_have=Route naar host bestaat?
+proxyndp_header=Proxy NDP details
+proxyndp_none=Er zijn nog geen NDP adressen gedefinieerd.
+proxyndp_pers=Behoud de route zelfs als de firewall gestopt is?
+proxyndp_return=proxy NDP adressen lijst
+proxyndp_title=Proxy NDP
+refresh_err=Mislukt om de configuratie op te slaan
+restart_err=Mislukt om de configuratie toe te voegen
+routestopped_0=Interface
+routestopped_1=Toegankelijke adressen
+routestopped_2=Route opties
+routestopped_add=Nieuw gestopt adres toevoegen.
+routestopped_all=Alle adressen
+routestopped_create=Maak Gestopt Adres
+routestopped_desc=Standaard zal de Shorewall firewall wanneer die is gestopt de toegang weigeren van alle hosts. Met deze pagina kunt u configureren welke hosts of netwerken toegankelijk blijven.
+routestopped_eaddr=Geen adressen ingevuld
+routestopped_edit=Bewerk Gestopt Adres
+routestopped_err=Mislukt om gestopt adres toe te voegen
+routestopped_header=Gestopte adres details
+routestopped_list=Lijst met adressen en netwerken ..
+routestopped_none=Er zijn nog geen adressen die toegankelijk zijn wanneer er is gestopt gedefinieerd.
+routestopped_return=gestopte adres lijst
+routestopped_title=Wanneer Gestopt
+rules_0=Actie
+rules_1=Bron
+rules_1z=Bron zone
+rules_2=Bestemming
+rules_2z=Bestemming zone of poort
+rules_3=Protocol
+rules_4=Bron poorten
+rules_5=Bestemming poorten
+rules_6=Geef limiet
+rules_7=Gebruiker zet
+rules_add=Toevoegen van een nieuwe firewall regel.
+rules_addr=Alleen hosts in zone met de adressen
+rules_create=Maak Firewall Regel
+rules_desc=Deze tabel is een lijst met uitzonderingen voor het standaard beleid voor bepaalde soorten verkeer, bronnen of bestemmingen. De gekozen actie zal worden toegevoegd aan de overeenkomende pakketten met deze bepalingen in plaats van de standaarden.
+rules_dnat=Originele bestemming adres voor DNAT of REDIRECT
+rules_dnat_dest=Voor DNAT of REDIRECT, vult u hier de nieuwe bestemming adres of poort in.
+rules_dnat_port=Voor DNAT of REDIRECT, vult u hier de originele bestemmings in.
+rules_eaction=Geen actie geselecteerd
+rules_edinzone=Geen host adressen ingevuld voor bestemming
+rules_edit=Bewerk Firewall Regel
+rules_ednat=Originele bestemming adres moet een enkel IP adres zijn, twee adressen moeten gescheiden worden met een :  ,en een uitsluiting lijst start met een !
+rules_ednat2=Een origineel bestemmings adres kan alleen worden ingevuld voor de DNAT en REDIRECT acties
+rules_edother=Ontbrekende of ongeldige bestemming zone
+rules_edport=Geen bestemmings poort namen, nummers of ranges ingevuld
+rules_emacro=Ontbrekende of ongeldige macro parameter
+rules_err=Mislukt om firewall regel op te slaan
+rules_esinzone=Geen host adressen ingevuld voor bron
+rules_esother=Ontbrekende of ongeldige bron zone
+rules_esport=Geen bron poort namen, nummers of ranges ingevuld
+rules_header=Firewall regel details
+rules_hosts=Host <tt>$2</tt> in zone <tt>$1</tt>
+rules_log=en loggen naar systeem log niveau
+rules_macro=Macro actie parameter
+rules_nolog=Niet loggen
+rules_none=Er zijn nog geen firewall regels gedefinieerd.
+rules_none2=Geen
+rules_norate=Geen limiet
+rules_noset=Alle gebruikers
+rules_ranges=Poorten of ranges
+rules_rate=Waarde limiet expressie
+rules_related=Gerelateerd
+rules_return=firewall regel lijst
+rules_rport=Poort <tt>$1</tt>
+rules_set=Regel toevoegen aan gebruiker set
+rules_title=Firewall Regels
+rules_zone=Zone <tt>$1</tt>
+shorewall_conf_0=Variabel
+shorewall_conf_1=Waarde
+shorewall_conf_2=Commentaar
+shorewall_conf_add=Toevoegen van een nieuwe configuratie variabel.
+shorewall_conf_create=Maak configuratie variabel.
+shorewall_conf_desc=Met deze pagina kunt u de globale configuratie variabelen configureren. LET OP: De volgorde van de variabelen hier veranderen is niet aanbevolen indien u de relatieve positie van de commentaren in de configuratie file hetzelfde wilt houden.
+shorewall_conf_edit=Bewerk configuratie variabel
+shorewall_conf_err=Mislukt om configuratie variabel op te slaan
+shorewall_conf_header=Configuratie variabel details
+shorewall_conf_none=Geen Shorewall configuratie gevonden.
+shorewall_conf_return=Configuratie variabel lijst
+shorewall_conf_title=Hoofd configuratie file
+shorewall_conf_varname=Ongeldige variabele naam (moet een geldige shell variabele naam zijn)
+start_err=Mislukt om firewall te starten
+status_title=Firewall Status
+stop_err=Mislukt om firewall te stoppen
+tos_0=Bron
+tos_0z=Bron zone
+tos_1=Bestemming
+tos_1z=Bestemming zone
+tos_2=Protocol
+tos_3=Bron poorten
+tos_4=Bestemming poorten
+tos_5=Soort service
+tos_6=Test
+tos_add=Toevoegen van een nieuw soort service
+tos_create=Maak Soort Service
+tos_desc=Deze pagina definieert IP service soorten voor specifieke soorten verkeer, waarmee u de prioriteit kan verhogen of verlagen.
+tos_edit=Bewerk Soort Service
+tos_err=Mislukt om soort service op te slaan
+tos_header=Soort service details
+tos_none=Er is nog geen soort service gedefinieerd.
+tos_return=soort service lijst
+tos_title=Soorten Service
+tunnels_0=VPN Type
+tunnels_1=Zone voor interface
+tunnels_2=Remote gateway
+tunnels_3=Gateway zones
+tunnels_add=Nieuwe VPN Tunnel toevoegen.
+tunnels_create=Maak VPN Tunnel
+tunnels_desc=Deze pagina is een lijst met VPN tunnels die door de firewall gaan, en moeten dus worden toegestaan door Shorewall.
+tunnels_edit=Bewerk VPN Tunnel
+tunnels_egeneric=Ontbrekend protocol of protocol:poort voor generieke tunnel
+tunnels_eopenvpn=Ongeldig poort nummer voor OpenVPN tunnel
+tunnels_err=Mislukt om VPN tunnel op te slaan
+tunnels_generic=Generiek
+tunnels_generic_l=Generiek, voor protocol
+tunnels_gnone=Geen
+tunnels_gre=GRE
+tunnels_gsel=Zones in lijst
+tunnels_header=VPN tunnel details
+tunnels_ip=IP
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (geen AH)
+tunnels_ipsecnat=IPsec met NAT
+tunnels_ipsecnat:noah=IPsec met NAT (geen AH)
+tunnels_none=Er zijn nog geen toegestane VPN tunnels gedefinieerd.
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, op poort..
+tunnels_pptpclient=PPTP client
+tunnels_pptpserver=PPTP server
+tunnels_return=VPN tunnel lijst
+tunnels_sel=Gateway IP
+tunnels_title=VPN Tunnels
+zones_0=Zone ID
+zones_1=Getoonde naam
+zones_1new=Hoofd zone
+zones_2=Omschrijving
+zones_2new=Zone type
+zones_3new=Zone opties
+zones_4new=Inkomende opties
+zones_5new=Uitgaande opties
+zones_6new=Commentaar
+zones_add=Toevoegen van een nieuwe netwerk zone
+zones_create=Maak Netwerk Zone
+zones_desc=De zones in de lijst op deze pagina zijn presenteren verschillende netwerken die bereikbaar zijn van uw systeem. Echter de ingangen hier hebben geen enkel effect op de firewall - inplaats hiervan definieren zij juist de zone namen en omschrijvingen.
+zones_edesc=Ontbrekende zone omschrijving
+zones_edit=Bewerk Netwerk Zone
+zones_efwid=De zone IDs $FW en fw zijn gereserveerd voor de firewall
+zones_eid=Ontbrekende of ongeldige zone ID
+zones_ename=Ontbrekende of ongeldige naam om te tonen
+zones_eopts=Ongeldige zone opties
+zones_eopts_in=Ongeldige zone inkomende opties
+zones_eopts_out=Ongeldige zone uitgaande opties
+zones_err=Mislukt om netwerk zone op te slaan
+zones_firewall=Firewall systeem
+zones_header=Netwerk zone details
+zones_ipsec=IPsec
+zones_ipv6=IPv6
+zones_none=Er zijn nog geen netwerk zones gedefinieerd.
+zones_return=zones lijst
+zones_title=Netwerk Zones
diff --git a/shorewall6/lang/tr b/shorewall6/lang/tr
new file mode 100644
index 000000000..dab6f5236
--- /dev/null
+++ b/shorewall6/lang/tr
@@ -0,0 +1,316 @@
+index_title=Shorewall Firewall
+index_ecmd=$1 komutu sistemde bulunamad�. Bu komut sistemde y�kl� olmayabilir ya da <a href='$2'>mod�l konfigurasyonu</a> hatal� olabilir.
+index_edir=Shorewall konfigurasyon dizini olan $1 dizini sistemde bulunamad�. Bu dizin sistemde y�kl� olmayabilir ya da <a href='$2'>mod�l konfigurasyonu</a> hatal� olabilir.
+index_version=Shorewall Versiyon $1
+index_return=Dosya Listesi
+index_restart=De�i�iklikleri Uygula
+index_restartdesc=Bu butona t�klayarak yapt���n�z de�i�iklikleri aktif hale getirebilirsiniz. Sistem otomatik olarak <tt>shorewall6 restart</tt> komutunu i�letecektir.
+index_refresh=De�i�iklikleri Uygula
+index_refreshdesc=Bu butona t�klayarak sadece Kara Liste ve Trafik S�n�fland�rma dosyalar�nda yapt���n�z de�i�iklikleri aktif hale getirebilirsiniz. Sistem otomatik olarak <tt>shorewall6 refresh</tt> komutunu i�letecektir .
+index_start=Firewallu Ba�lat
+index_startdesc=Bu butona t�klayarak Shorewall'� ba�latabilirsiniz. Sistem otomatik olarak <tt>shorewall6 start</tt> komutunu i�letecektir.
+index_clear=Kurallar� Sil
+index_cleardesc=Bu butona t�klayarak Firewall �zerinde tan�mlam�� oldu�unuz b�t�n kurallar� silebilirsiniz.Sistem otomatik olarak <tt>shorewall6 clear</tt> komutunu i�letecektir. Uyar�! Bu komut verildikten sonra yapm�� oldu�unuz b�t�n k�s�tlamalar ortadan kalkacakt�r.
+index_stop=Firewallu Durdur
+index_stopdesc=Bu butona t�klayarak Shorewall'� stop edebilirsiniz. Sistem otomatik olarak <tt>shorewall6 stop</tt> komutunu i�letecektir. Uyar�! bu komut verildikten sonra b�t�n eri�imler iptal edilecektir. Sadece "Stop Durumu" dosyas�nda izin verdi�iniz adreslere eri�im devam edecektir.
+index_status=Firewall Durumu
+index_statusdesc=Bu butona t�klayarak Shorewall dosyalar�n� ve uygulam�� oldu�unuz kurallar� g�rebilirsiniz. Sistem otomatik olarak  <tt>shorewall6 status</tt> komutunu i�letecektir.
+index_check=Firewall Kontrol�
+index_checkdesc=Bu butona t�klayarak yapm�� oldu�unuz konfigurasyonun hatal� olup olmad���n� g�rebilirsiniz. Sistem otomatik olarak <tt>shorewall6 check</tt> komutunu i�letecektir.
+
+list_move=Ta��
+list_add=Ekle
+list_auto=Otomatik
+list_none=Yok
+list_any=b�t�n
+list_fw=Firewall
+list_other=Di�er..
+list_manual=Dosyay� manual olarak g�r�nt�le
+list_manualdesc=Bu butona t�klayarak yukarad�ki verileri i�eren $1 dosyas�n� g�r�nt�leyebilirsiniz.
+list_ecannot=Bu Shorewall dosyas�n� g�r�nt�lemeye iznininiz yoktur.
+
+restart_err=Kongigurasyon Uygulanamad�
+refresh_err=Konfigurasyon Uygulanamad�
+start_err=Firewall Ba�lat�lamad�
+clear_err=Kurallar Silinemedi
+stop_err=Firewall Kapat�lamad�
+status_title=Firewall Durumu
+check_title=Firewall Kontrol�
+check_ok=.. firewall konfigurasyonunda herhangi bir hata yoktur.
+check_failed=.. firewall konfigurasyonunda bir hata bulunmu�tur. 
+check_cmd=Firewall kontrol ediliyor ..
+
+zones_title=A� B�lgeleri
+zones_desc=Bu listede farkl� a� b�lgeleri olu�turabilirsiniz. Olu�turaca��n�z b�lgelerin firewall kurallar� �zerinde bir etkisi olmayacakt�r.
+zones_add=Yeni B�lge Ekle
+zones_none=Tan�ml� herhangi bir b�lge bulunmamaktad�r.
+zones_0=B�lge Kimli�i
+zones_1=B�lge �smi
+zones_2=A��klama
+zones_return=B�lge Listesi
+zones_edit=B�lgeyi G�r�nt�le/De�i�tir
+zones_create=Yeni B�lge Olu�tur
+zones_header=A� B�lge Detaylar�
+zones_err=A� b�lgesi kaydedilemedi
+zones_eid=Hatal� ya da eksik b�lge kimli�i
+zones_efwid=$FW ve fw  b�lge kimlikleri firewall i�in rezerve edilmi�tir,kullan�lamaz.
+zones_ename=Hatal� ya da eksik b�lge ismi
+zones_edesc=Hatal� ya da eksik b�lge a��klamas�
+
+policy_title=Standart Denetimler
+policy_desc=Standart Denetimler sayfas�nda farkl� firewall b�lgelerinin kendi aralar�ndaki kurallar� belirliyebilirsiniz. �rnek olarak DMZ b�lgesinden net b�lgesine b�t�n portlar�n a��lmas�n� istiyorsunuz. Bu durumda bu kurallar� "Firewall Kurallar�" sayfas�nda belirtmek yerine, bu b�lgeler i�in standart denetimler uygulayabilirsiniz.
+policy_add=Yeni Standart Denetim Ekle
+policy_none=Tan�ml� herhangi bir standart denetim bulunmamaktad�r.
+policy_0=Kaynak B�lge
+policy_1=Hedef B�lge
+policy_2=Denetim
+policy_3=Syslog Seviyesi
+policy_4=Trafik Limiti
+policy_limit=Limit $1, Burst $2
+policy_return=Denetim Listesi
+policy_edit=Standart Denetimi G�r�nt�le/De�i�tir
+policy_create=Yeni Standart Denetim Olu�tur
+policy_header=Standart Denetim Detaylar�
+policy_err=Standart Denetim kaydedilemedi
+policy_nolog=Logging devre d��� b�rak�ld�
+policy_ulog=ULOG 'a loglar g�nderiliyor
+policy_efw=Hem kaynak hem de hedef b�lgeleri i�in &lt;Firewall&gt; se�ilebilir.
+policy_elimit=Hatal� ya da eksik Trafik Limiti Numaras�
+policy_eburst=Hatal� ya da eksik Trafik Burst Numaras�
+
+rules_title=Firewall Kurallar�
+rules_desc=Bu sayfada a��n�z i�in belirlemi� oldu�unuz Firewall kurallar�n� uyugulayabilirsiniz. Firewall kurallar� yap�land�r�rken  Standart Denetimlerde uygulam�� oldu�unuz kurallar�n aksi bir kural belirtirseniz Standart Denetimlerde tan�ml� olan kural kullan�lacakt�r. 
+rules_add=Yeni Firewall Kural� Ekle
+rules_none=Tan�ml� herhangi bir firewall kural� bulunmamaktad�r.
+rules_0=Eylem
+rules_1=Kaynak
+rules_1z=Kaynak B�lge
+rules_2=Hedef
+rules_2z=Hedef B�lge veya Port
+rules_3=Protokol
+rules_4=Kaynak Portlar
+rules_5=Hedef Portlar
+rules_6=Rate Limiti
+rules_7=Kullan�c� Ayarlar�
+rules_hosts=<tt>$1</tt> b�lgesindeki <tt>$2</tt> host
+rules_zone=<tt>$1</tt> B�lgesi
+rules_rport=<tt>$1</tt> Portu
+rules_related=�lgili
+rules_return=Firewall Kural Listesi
+rules_edit=Firewall Kural�n� G�r�nt�le/De�i�tir
+rules_create=Yeni Firewall Kural� Olu�tur
+rules_header=Firewall Kural Detaylar�
+rules_err=Firewall kural� kaydedilemedi
+rules_log=log seviyesi
+rules_nolog=pasif
+rules_addr=Sadece b�lgede adresi tan�mlanan hostlar
+rules_ranges=Port veya port aral���
+rules_dnat=DNAT veya REDIRECT i�in orjinal hedef adresi
+rules_dnat_dest=DNAT veya REDIRECT i�in, yeni hedef adresini veya port numaras�n� giriniz.
+rules_dnat_port=DNAT veya REDIRECT i�in, ofjinal hedef port numaras�n� giriniz.
+rules_esother=Hatal� ya da eksik kaynak b�lgesi
+rules_edother=Hatal� ya da eksik hedef b�lgesi
+rules_esinzone=Kaynak i�in herhangi bir host adresi tan�mlanmad�
+rules_edinzone=Hedef i�in herhangi bir host adresi tan�mlanmad�
+rules_esport=Kaynak  port ad�, numaras� ya da port aral��� tan�mlanmad�
+rules_edport=Hedef  port ad�, numaras� ya da port aral��� tan�mlanmad�
+rules_ednat=Orjinal hedef adresi tek bir IP addresi olmak zorunda. �ki farkl� adres tan�m� i�in ip adreslerini " : " i�areti ile ay�rman�z gerekiyor.
+rules_ednat2=Orjinal hedef adresi sadece DNAT ve REDIRECT eylemleri i�in tan�mlanabilir.
+rules_rate=Rate Limit
+rules_norate=Limit yok
+rules_set=Kullan�c�lar ��in Kurallar� Ekle
+rules_noset=B�t�n Kullan�c�lar
+
+tos_title=Servis T�r� (ToS)
+tos_desc=Bu sayfada a� trafi�iniz i�in gecikme, sa�laml�k vb. gibi �e�itli servis t�rleri tan�tabilirsiniz. 
+tos_add=Yeni Servis T�r� Ekle
+tos_none=Tan�ml� herhangi bir servis t�r� bulunmamaktad�r.
+tos_0=Kaynak
+tos_0z=Kaynak B�lge
+tos_1=Hedef
+tos_1z=Hedef B�lge 
+tos_2=Protokol
+tos_3=Kaynak Portlar
+tos_4=Hedef Portlar
+tos_5=Servis T�r�
+tos_return=Servis T�r� Listesi
+tos_edit=Servis T�r�n� G�r�nt�le/De�i�tir
+tos_create=Yeni Servis T�r� Olu�tur
+tos_header=Servis T�r� Detaylar�
+tos_err=Servis t�r� kaydedilemedi.
+
+interfaces_title=A� Aray�zleri
+interfaces_desc=Sisteminizde konfigure etmek istedi�iniz b�t�n aray�zleri bu b�lgede tan�tman�z gerekmektedir. Her tan�t�lan yeni aray�z " A� B�lgeleri" sayfas�nda tan�tm�� oldu�unuz b�lgelerle ili�kilendirilmek zorundad�r. loopback aray�z� olan  <tt>lo</tt> aray�z�n�n bu b�lgede kullan�lmamas� gerekmektedir.
+interfaces_add=Yeni Bir Aray�z Ekle
+interfaces_none=Tan�ml� herhangi bir a� aray�z� bulunmamaktad�r.
+interfaces_0=Aray�z�
+interfaces_1=B�lge �smi
+interfaces_2=Broadcast Adresi
+interfaces_3=Se�enekler
+interfaces_detect=Otomatik
+interfaces_return=Aray�z Listesi
+interfaces_edit=A� Aray�z�n� G�r�nt�le/De�i�tir
+interfaces_create=Yeni Bir Aray�z Olu�tur
+interfaces_header=Aray�z Detaylar�
+interfaces_err=Aray�z kaydedilemedi.
+interfaces_eiface=Hatal� ya da eksik aray�z ismi
+interfaces_ebroad=Hatal� ya da eksik broadcast adresi
+
+masq_title=Maskeleme
+masq_desc=Maskeleme i�leminde bir aray�z� di�er bir aray�z �zerinden, ya da bir a�� di�er bir a� �zerinden maskeleyerek �e�itli NAT se�enekleri olu�turabilirsiniz. �rnek olarak firewall unuzda tan�ml� iki adet ethernet aray�z� var: bunlardan birincisi olan eth0'a 212.156.x.x gibi real bir ip adresi atanm�� durumda, ikinci aray�z olan eth1'e ise 192.168.0.1 gibi bir local ip adresi atanm�� ve kullan�c� bilgisayarlar�n�n a� ge�idi do�al olarak 192.168.0.1 olacakt�r ve kullan�c� bilgisayarlar�n�n internete ��kabilmeleri i�in bir NAT i�lemine ihtiya�lar� olacakt�r. Bu durumda eth1 aray�z�n� eth0 �zerinden maskeleyerek lokal kullan�c�lar� internet ortam�nda tan�ml� duruma getirebilirsiniz. 
+masq_add=Yeni Maskeleme Kural� Ekle
+masq_none=Tan�ml� herhangi bir maskeleme kural� bulunmamaktad�r.
+masq_0=��k�� Aray�z�
+masq_1=Maskelenecek A�
+masq_2=SNAT Adresi
+masq_in=<tt>$2</tt> �zerine <tt>$1</tt>
+masq_ex=A� <tt>$1</tt> hari� <tt>$2</tt>
+masq_iface=A� <tt>$1</tt>
+masq_return=Maskeleme Listesi
+masq_edit=Maskeleme Kural�n� G�r�nt�le/De�i�tir
+masq_create=Yeni Maskeleme Kural� Olu�tur
+masq_header=Maskeleme Kural Detaylar�
+masq_err=Maskeleme Kural� kaydedilemedi
+masq_net=Sadece hedef i�in
+masq_mode0=Subnet Adresi
+masq_mode1=Aray�z Subneti
+masq_except=Hari� A�lar
+masq_enet=Hatal� ya da eksik ��k� aray�z hedefi
+masq_emnet=Hatal� ya da eksik subnet adresi
+masq_emnete=Hari� A�lar Listesi Bo�
+masq_esnat=Hatal� SNAT IP Adresi
+
+nat_title=Statik NAT
+nat_desc=Maskeleme Sayfas�' ndaki NAT i�lemlerinden farkl� olarak, statik nat �zelli�ini birebir uygulamalar i�in kullanabilirsiniz. Bu uygulama genellikle i� a��n�zda yer alan lokal ip adresine sahip bilgisayar veya serverlara internet ortam�ndan  eri�im i�im kullan�labilir.
+nat_add=Yeni Statik NAT Kural� Ekle
+nat_none=Tan�ml� herhangi bir statik nat kural� bulunmamaktad�r.
+nat_0=D�� Adres
+nat_1=D�� Aray�z
+nat_2=�� Adres
+nat_virt=Sanal
+nat_return=Statik NAT Listesi
+nat_edit=Statik NAT kural�n� G�r�nt�le/De�i�tir
+nat_create=Yeni Statik NAT Kural� Olu�tur
+nat_header=Statik NAT Kural Detaylar�
+nat_err=Statik NAT Kural� kaydedilemedi
+nat_all=B�t�n Hostlar ��in Aktif Hale Getir?
+nat_local=Firewall Sistemi ��in Aktif Hale Getir?
+nat_eext=Hatal� D�� IP Adresi
+nat_eint=Hatal� �� IP Adresi
+nat_evirt=Hatal� Sanal Aray�z Numaras�
+
+proxyndp_title=Proxy NDP
+proxyndp_desc=This page allows you to configure your system to answer NDP requests for IP addresses other than its own, so that it can forward packets to those addresses to their real destinations.
+proxyndp_add=Yeni Proxy NDP Adresi Ekle
+proxyndp_none=Tan�ml� herhangi bir proxy NDP adresi bulunmamaktad�r.
+proxyndp_0=NDP adresi
+proxyndp_1=Ba�l� bulunan aray�z
+proxyndp_2=D�� Aray�z
+proxyndp_3=S�rekli
+proxyndp_return=Proxy NDP Adresi Listesi
+proxyndp_edit=Proxy NDP Adresini G�r�nt�le/De�i�tir
+proxyndp_create=Yeni Proxy NDP Adresi Olu�tur
+proxyndp_header=Proxy NDP Detaylar�
+proxyndp_err=Proxy NDP kaydedilemedi
+proxyndp_have=Var olan hosta y�nlendirme yap�ls�n m�?
+proxyndp_eaddr=Hatal� ya da eksik NDP Adresi
+proxyndp_pers=Firewall kapat�l�rsa y�nlendirme i�lemi durdurulsun mu?
+
+routestopped_title=Stop Durumu
+routestopped_desc=Standart olarak Firewall i�lemi durduruldu�unda Shorewall b�t�n eri�imleri kapat�r. Bu sayfada firewall kapal� iken aktif etmek istedi�iniz eri�imleri konfigure edebilirsiniz. Bu konfigurasyon kritk uygulamalar�n�z�n herhangi bir nedenden dolay� firewall kapansa bile �al��mas�n� sa�layacakt�r.
+routestopped_add=Yeni Stop Durumu Kural� Ekle
+routestopped_none=Tan�ml� herhangi bir stop durumu kural� bulunmamaktad�r.
+routestopped_0=Aray�z
+routestopped_1=Eri�imine Devam Edilecek Adresler
+routestopped_return=Adresler
+routestopped_edit=Adresleri G�r�nt�le/De�i�tir
+routestopped_create=Yeni Stop Durumu Kural� Olu�tur
+routestopped_header=Adres Detaylar�
+routestopped_err=Adres kaydedilemedi
+routestopped_eaddr=Adres girilmedi
+routestopped_all=B�t�n Adresler
+routestopped_list=Listelenen Adresler ve A�lar ..
+
+tunnels_title=VPN T�nelleri
+tunnels_desc=Bu sayfada VPN t�nelleri olu�turup, firewall a olu�turulan VPN t�nelleri i�in kural tan�mlayabilirsiniz.
+tunnels_add=Yeni VPN t�neli ekle
+tunnels_none=Tan�ml� herhangi bir VPN t�neli bulunmamaktad�r.
+tunnels_0=VPN T�r�
+tunnels_1=Aray�z b�lgesi
+tunnels_2=Uzak Gateway
+tunnels_3=Gateway b�lgeleri
+tunnels_gnone=yok
+tunnels_return=VPN T�nel Listesi
+tunnels_edit=T�neli G�r�nt�le/De�i�tir
+tunnels_create=Yeni VPN t�neli Olu�tur
+tunnels_header=VPN T�nel Detaylar� 
+tunnels_err=VPN t�nel kaydedilemedi
+tunnels_sel=Gateway IP Adresi
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (no AH)
+tunnels_ipsecnat=NAT �zelli�i aktif hale getirilmi� IPsec
+tunnels_ipsecnat:noah=NAT �zelli�i aktif hale getirilmi� IPsec(no AH)
+tunnels_ip=IP
+tunnels_gre=GRE
+tunnels_pptpclient=PPTP client
+tunnels_pptpserver=PPTP server
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, port..
+tunnels_generic=Standart
+tunnels_generic_l=Standart, protokol..
+tunnels_gsel=Listelenen b�lgeler
+tunnels_eopenvpn=VPN t�nel i�in Hatal� port numaras�  
+tunnels_egeneric=Eksik  protokol veya protokol:standart t�nel portu
+
+hosts_title=B�lge Hostlar�
+hosts_desc=Bu sayfada tan�ml� b�lgelere ait host ve a� gruplar�n� konfigure edebilirsiniz. Normal ko�ullarda bu sayfada herhangi bir i�lem yapman�zda gerek bulunmamaktad�r. 
+hosts_add=Yeni B�lge Hostu Ekle
+hosts_none=Tan�ml� herhangi bir b�lge hostu bulunmamaktad�r.
+hosts_0=B�lge
+hosts_1=Aray�z
+hosts_2=IP adresi veya A��
+hosts_opts=Host Se�enekleri
+hosts_return=B�lge Host Listesi
+hosts_edit=Host Listesini G�r�nt�le/De�i�tir
+hosts_create=Yeni B�lge Hostu Ekle
+hosts_err=B�lge Hostu Kaydedilemedi
+hosts_header=B�lge Host Detaylar�
+hosts_routestopped=Firewall kapat�lsa bile y�nlendirmeye devam et
+hosts_maclist=MAC Listesine G�re Kar��la�t�rma Yap
+
+edit_before=$1 numaral� girdi �ncesi
+edit_after=$1 numaral� girdi sonras�
+
+blacklist_title=Kara Liste hostlar�
+blacklist_desc= Bu sayfada a��n�za zararl� i�erik g�ndermek isteyen veya a��n�za zarar vermek isteyen host ve/veya a�lar� Kara Liste'ye ekleyerek, bu host ve/veya a�lar�n a��n�za eri�imini engelleyebilirsiniz.
+blacklist_add=Yeni Kara Liste Hostu Ekle
+blacklist_none=Tan�ml� herhangi bir kara liste hostu bulunmamaktad�r.
+blacklist_0=Host veya A�
+blacklist_1=Protokol
+blacklist_2=Portlar
+blacklist_any=B�t�n
+blacklist_header=Kara Liste Host Detaylar�
+blacklist_host=Host veya A�
+blacklist_proto=Protokol
+blacklist_ports=Port veya port listesi
+blacklist_err=Kara Liste hostu Kaydedilemedi
+blacklist_ehost=Hatal� ya da eksik host IP adresi, MAC adresi veya A� adresi
+blacklist_edit=Kara Liste hostunu G�r�nt�le/De�i�tir
+blacklist_create=Yeni Kara Liste hostu Ekle
+blacklist_eproto=Hatal� ya da eksik protokol
+blacklist_eports=Hatal� port numaras� ya da virg�llerin yanl�� kullan�lmas�ndan dolay� olu�an hatal� port listesi
+blacklist_eports2=Sadece TCP ve UDP protokolleri i�in host tan�mlanabilir.
+blacklist_return=Kara Liste Hostlar�
+
+manual_desc=Bo formu kullanarak manual olarak $1 shorewall6 konfigurasyon dosyas�n� g�r�nt�leyebilir ya da i�eri�ini de�i�tirebilirsiniz. 
+manual_reset=Undo
+manual_err=Tablo dosyas� kaydedilemedi
+manual_efile=Hatal� tablo ismi
+manual_edata=Tablo dosyas� i�eri�i bulunamad�
+
+acl_nochange=Shorewall konfigurasyonunu uygulayabilsin/durdurabilsin/ba�latabilsin.
+acl_files=Shorewall Tablolar�
+acl_all=Hepsi
+acl_sel=Se�ili Olan ..
+
+###turkish transation by Mehmet Ali Basalp mbasalp@gmail.com 
diff --git a/shorewall6/lang/zh_CN b/shorewall6/lang/zh_CN
new file mode 100644
index 000000000..583ce5b02
--- /dev/null
+++ b/shorewall6/lang/zh_CN
@@ -0,0 +1,349 @@
+index_title=Shorewall��ҵ������ǽ
+index_ecmd=���� $1 ������ϵͳ���Ҳ���. ����û�б���װ, ���� <a href='$2'>ģ������</a> �Ǵ����.
+index_edir=Shorewall����ǽ����Ŀ¼ $1 ������ϵͳ���Ҳ���. ����û�б���װ, ���� <a href='$2'>ģ������</a> �Ǵ����.
+index_version=Shorewall����ǽ�汾QL $1
+index_return=�б�
+index_restart=Ӧ������
+index_restartdesc=��������ť����������Shorewall����ǽʹ�¹�����Ч.
+index_refresh=ˢ������
+index_refreshdesc=��������ť��ֻˢ�º��������������Ʊ�.
+index_start=��������ǽ
+index_startdesc=��������ť������Shorewall����ǽ.
+index_clear=�������ǽ
+index_cleardesc=��������ť�������ǽ���������������������Ƶط��ʷ�����.
+index_stop=ֹͣ����ǽ
+index_stopdesc=��������ť���رշ���ǽ����������<tt>�رչ���</tt>����Ĺ���֮������ӽ�����ֹ.
+index_status=��ʾ״̬
+index_statusdesc=��������ť��ʾShorewall�Ѷ���Ĺ����.
+index_check=������ǽ
+index_checkdesc=��������ť������������Ƿ���ȷ.
+
+list_move=�ƶ�
+list_add=����
+list_auto=�Զ�
+list_none=û��
+list_any=�κ�
+list_fw=����ǽ����
+list_other=����..
+list_manual=�ֹ��޸������ļ�
+list_manualdesc=��������ť�ֹ��޸������ļ� $1.
+list_ecannot=�������޸�Shorewall�����.
+
+restart_err=Ӧ������ʧ��
+refresh_err=ˢ������ʧ��
+start_err=��������ǽʧ��
+clear_err=�������ǽʧ��
+stop_err=�رշ���ǽʧ��
+status_title=����ǽ״̬
+check_title=������ǽ
+check_ok=.. �����ڵ����ÿ���ȥû������.
+check_failed=.. ����ǰ��������һЩ����!
+check_cmd=���ڼ�� ..
+
+zones_title=��������
+zones_desc=���������������ϵͳ�������ӵ��IJ�ͬ������. ��Ȼ����ֻ�Ǹ����ƣ��Է���ǽû���κ�Ч��������ֻ�Ƕ���Ĭ���������ƺ�ϸ������.
+zones_add=����һ����������.
+zones_none=û����������Ԥ����.
+zones_0=����ID
+zones_1=��ʾ����
+zones_2=����
+zones_return=�����б�
+zones_edit=�༭��������
+zones_create=������������
+zones_header=����������ϸ����
+zones_err=����������������ʧ��
+zones_eid=��ʧ��������������ID
+zones_efwid=��������ID $FW �� fw �DZ�����������
+zones_ename=��ʧ��������ʾ����
+zones_edesc=��ʧ������������
+
+policy_title=Ĭ�ϲ���
+policy_desc=�������������ò�ͬ����ǽ����֮���Ĭ��ͨ�Ŷ���."����ǽ����"���Դ�Ϊ����.
+policy_add=����һ��Ĭ�ϲ���
+policy_none=û��Ĭ�ϲ��Ա�Ԥ����.
+policy_0=��Դ����
+policy_1=Ŀ������
+policy_2=����
+policy_3=��־�ȼ�
+policy_4=��������
+policy_limit=���� $1, ͻ�� $2
+policy_return=�����б�
+policy_edit=�༭Ĭ�ϲ���
+policy_create=����Ĭ�ϲ���
+policy_header=Ĭ�ϲ�����ϸ����
+policy_err=����Ĭ�ϲ���ʧ��
+policy_nolog=��־��¼�ѹر�
+policy_ulog=��¼��־��ULOG
+policy_efw=&lt;����ǽ&gt; �޷�ѡ����Դ����Ŀ������
+policy_elimit=��ʧ�������������Ʊ��
+policy_eburst=ʧ������ͻ���������Ʊ��
+
+rules_title=����ǽ����
+rules_desc=������г���"Ĭ�ϲ���"�����ض��Ĵ������͡���Դ��Ŀ���ַ���������ӵĿ��ƶ����������ƥ���Ĭ�ϲ���.
+rules_add=����һ������ǽ����
+rules_none=û�з���ǽ����Ԥ����.
+rules_0=����
+rules_1=��Դ
+rules_1z=��Դ����
+rules_2=Ŀ��
+rules_2z=Ŀ�������˿ں�
+rules_3=��
+rules_4=��Դ�˿�
+rules_5=Ŀ��˿�
+rules_6=��������
+rules_7=�û�����
+rules_hosts=���� <tt>$2</tt> ������ <tt>$1</tt>��
+rules_zone=���� <tt>$1</tt>
+rules_rport=�˿� <tt>$1</tt>
+rules_related=���
+rules_return=����ǽ�����б�
+rules_edit=�༭����ǽ����
+rules_create=�½�����ǽ����
+rules_header=����ǽ������ϸ����
+rules_err=�������ǽ����ʧ��
+rules_log=��¼��ϵͳ��־
+rules_nolog=����¼��־
+rules_addr=�������е�������ַ
+rules_ranges=�˿ڼ���Χ
+rules_dnat=DNAT��REDIRECT������ԭʼĿ���ַ
+rules_dnat_dest=����DNAT��REDIRECT, �����������µ�Ŀ���ַ���߶˿�.
+rules_dnat_port=����DNAT��REDIRECT, ����������ԭʼ��Ŀ���ַ���߶˿�.
+rules_esother=��ʧ���ߴ������Դ����
+rules_edother=��ʧ���ߴ����Ŀ������
+rules_esinzone=û��������Դ������ַ
+rules_edinzone=û������Ŀ��������ַ
+rules_esport=û��������Դ�˿ںš���Ż��߷�Χ
+rules_edport=û������Ŀ��˿ںš���Ż��߷�Χ
+rules_ednat=ԭʼĿ���ַ����Ϊ����IP���߱�:�ָ�������IP
+rules_ednat2=һ��ԭʼĿ���ַ���ܼ��뵽DNAT����REDIRECT�����ֶ�
+rules_rate=���������﷨
+rules_norate=������
+rules_set=Ӧ���û����ù���
+rules_noset=ȫ���û�
+
+tos_title=��������
+tos_desc=���ҳ�涨�����ض����������е�IP��������,������߻��߽������ǵ�����Ȩ.
+tos_add=����һ���·�������
+tos_none=û��Ԥ����ķ�������.
+tos_0=��Դ
+tos_0z=��Դ����
+tos_1=Ŀ��
+tos_1z=Ŀ������
+tos_2=��
+tos_3=��Դ�˿ڼ�
+tos_4=Ŀ��˿ڼ�
+tos_5=��������
+tos_return=���������б�
+tos_edit=�༭��������
+tos_create=�½���������
+tos_header=��������ϸ��
+tos_err=�����������ʧ��
+
+interfaces_title=��������
+interfaces_desc=Shorewall������ϵͳ�ϵ�ÿ����������Ͷ�Ӧ�����������.���ػ����豸<tt>lo</tt>�����������ܼ����б���.
+interfaces_add=�½�һ����������
+interfaces_none=û��Ԥ�������������.
+interfaces_0=����
+interfaces_1=������
+interfaces_2=�㲥��ַ
+interfaces_3=ѡ��
+interfaces_detect=�Զ�
+interfaces_return=�����б�
+interfaces_edit=�༭��������
+interfaces_create=�½���������
+interfaces_header=��������ϸ��
+interfaces_err=������������ʧ��
+interfaces_eiface=��ʧ������������
+interfaces_ebroad=��ʧ�����Ĺ㲥��ַ
+
+masq_title=Masqת��
+masq_desc=�������ò�ͬ������ͨ��·��.һ����������;������ʵ�־�������������.
+masq_add=�½�Masqת������
+masq_none=û��Ԥ�����Masqת��.
+masq_0=�������
+masq_1=��ҪMasq������
+masq_2=SNAT��ַ
+masq_in=<tt>$2</tt> on <tt>$1</tt>
+masq_ex=Network on <tt>$1</tt> except <tt>$2</tt>
+masq_iface=Network on <tt>$1</tt>
+masq_return=Masqת���б�
+masq_edit=�༭Masqת������
+masq_create=�½�Masqת������
+masq_header=Masqת������ϸ��
+masq_err=����Masqת������ʧ��
+masq_net=����Ŀ��
+masq_mode0=������ַ
+masq_mode1=�����������������
+masq_except=��ֹ������
+masq_enet=��ʧ�������������Ŀ��
+masq_emnet=��ʧ������ת��������ַ
+masq_emnete=�յĽ�ֹ�������б�
+masq_esnat=�����SNAT IP��ַ
+
+nat_title=��̬NAT
+nat_desc=����������þ�̬�����ַ���룬���������ڲ������еĵ�ַ������ⲿ��ַ��ͨ������ʵ�����ڲ������еķ��������ⲿ�ṩ����
+nat_add=�½�һ����̬NAT��Ŀ
+nat_none=û��Ԥ����ľ�̬NAT��Ŀ.
+nat_0=�ⲿ��ַ
+nat_1=�ⲿ��������
+nat_2=�ڲ���ַ
+nat_virt=����
+nat_return=��̬NAT�б�
+nat_edit=�༭��̬NAT
+nat_create=�½���̬NAT
+nat_header=��̬NAT��Ŀϸ��
+nat_err=���澲̬NAT��Ŀʧ��
+nat_all=Ӧ�õ�����������?
+nat_local=Ӧ�õ�����ǽϵͳ?
+nat_eext=������ⲿIP��ַ
+nat_eint=������ڲ�IP��ַ
+nat_evirt=���������������
+
+proxyndp_title=NDP����
+proxyndp_desc=����ϵͳӦ��ϵͳIP��ַ�����NDP����.
+proxyndp_add=�½�һ��NDP������ַ
+proxyndp_none=û��Ԥ�����NDP������ַ.
+proxyndp_0=��ַ��NDP
+proxyndp_1=���ӵ���������
+proxyndp_2=�ⲿ��������
+proxyndp_3=����?
+proxyndp_return=NDP������ַ�б�
+proxyndp_edit=�༭NDP������ַ
+proxyndp_create=�½�NDP������ַ
+proxyndp_header=NDP����ϸ��
+proxyndp_err=����NDP����ʧ��
+proxyndp_have=·�ɵ��������ڵ�������
+proxyndp_eaddr=��ʧ�����ĵ�ַ
+proxyndp_pers=������ǽֹͣʱ��������·����
+
+routestopped_title=�رչ���
+routestopped_desc=ShorewallĬ���ڹر�ʱ�������з���. ���ҳ�涨������Shorewall�ر��Ժ��������ʵ�����������.
+routestopped_add=�½�һ����ַ
+routestopped_none=û��Ԥ����Ĺرպ�������ַ.
+routestopped_0=��������
+routestopped_1=�ɵ����ַ
+routestopped_return=��ַ�б�
+routestopped_edit=�༭��ַ
+routestopped_create=�½���ַ
+routestopped_header=ϸ��
+routestopped_err=�����ַʧ��
+routestopped_eaddr=û����ӵ�ַ
+routestopped_all=���е�ַ
+routestopped_list=��ַ�������б� ..
+
+tunnels_title=VPN ͨ��
+tunnels_desc=���ҳ���г���������������ǽ��VPNͨ��, ���DZ�����Shorewall�����б�����.
+tunnels_add=����һ��VPNͨ��
+tunnels_none=û��Ԥ�����VPNͨ��.
+tunnels_0=VPN ����
+tunnels_1=������������
+tunnels_2=Զ������
+tunnels_3=��������
+tunnels_gnone=û��
+tunnels_return=VPNͨ���б�
+tunnels_edit=�༭VPNͨ��
+tunnels_create=�½�VPNͨ��
+tunnels_header=VPNͨ��ϸ��
+tunnels_err=����VPNͨ��ʧ��
+tunnels_sel=����IP
+tunnels_ipsec=IPsec
+tunnels_ipsec:noah=IPsec (no AH)
+tunnels_ipsecnat=IPsec with NAT
+tunnels_ipsecnat:noah=IPsec with NAT (no AH)
+tunnels_ip=IP
+tunnels_gre=GRE
+tunnels_pptpclient=PPTP�ͻ���
+tunnels_pptpserver=PPTP������
+tunnels_openvpn=OpenVPN
+tunnels_openvpn_l=OpenVPN, �˿�..
+tunnels_generic=һ��
+tunnels_generic_l=һ��, ��Э��..
+tunnels_gsel=�����б�
+tunnels_eopenvpn=�����OpenVPNͨ���˿ں�
+tunnels_egeneric=��ʧһ��ͨ����Э���Э��:�˿�
+
+hosts_title=��������
+hosts_desc=�������򲿷ֵ�����������. ��һ�㲻��Ҫ�޸�����б�.
+hosts_add=����һ���µ���������
+hosts_none=û��Ԥ�������������.
+hosts_0=����
+hosts_1=����
+hosts_2=IP��ַ������
+hosts_opts=����ѡ��
+hosts_return=���������б�
+hosts_edit=�༭��������
+hosts_create=�½���������
+hosts_err=������������ʧ��
+hosts_header=��������ϸ��
+hosts_routestopped=������ǽ�رպ��ṩ·�ɣ�
+hosts_maclist=�Ƚ�����MAC�б�?
+
+edit_before=֮ǰ��Ŀ $1
+edit_after=֮����Ŀ $1
+
+blacklist_title=����������
+blacklist_desc=�������ӵ������ͷ���˿ڽ�������.
+blacklist_add=����һ������������
+blacklist_none=û��Ԥ����ĺ���������.
+blacklist_0=����������
+blacklist_1=��
+blacklist_2=�˿ڼ�
+blacklist_any=�κ�
+blacklist_header=����������ϸ��
+blacklist_host=����������
+blacklist_proto=��
+blacklist_ports=�˿ڻ�˿��б�
+blacklist_err=�������������ʧ��
+blacklist_ehost=��ʧ����������IP��ַ, MAC��ַ�������ַ
+blacklist_edit=�༭����������
+blacklist_create=�½�����������
+blacklist_eproto=��ʧ������Э��
+blacklist_eports=����Ķ˿ںŻ�˿ڼ�ķָ�����
+blacklist_eports2=�˿ڼ�����ָ��ΪTCP��UDPЭ��
+blacklist_return=����������
+
+providers_title=����··������
+providers_desc=���ҳ�涨�����··�ɱ�. �����������ӵ����ISP����·�������ӵ�ͬһ��ISP�Ķ�����·�ſ���ʹ�á�
+providers_add=����һ��·����·.
+providers_none=��ǰû���Ѷ�����Ŀ.
+providers_0=����
+providers_1=���
+providers_2=���
+providers_3=��������
+providers_4=����
+providers_name=��·����
+providers_number=��·���
+providers_mark=��DZ��
+providers_dup=�ϲ���·����
+providers_main=����
+providers_iface=��������
+providers_gateway=����·��
+providers_auto=�Զ����
+providers_opts=����ѡ��
+providers_track=��������
+providers_balance=���⴫��
+providers_loose=��������ǽ����
+providers_edit=�༭·����·
+providers_create=�½�·����·
+providers_header=��·����·��ϸ����
+providers_copy=���������渴��·��
+providers_err=����·����·ʧ��
+providers_ename=��ʧ��������·����
+providers_enumber=��ʧ��������·���Ʊ��
+providers_emark=��ʧ��������·��DZ��
+providers_edup=��ʧ�ϲ����ʵ���·
+providers_egateway=��ʧ����������
+
+
+manual_desc=������������ֹ��༭Shorewall�����ļ� $1. ��С�ģ���������﷨���.
+manual_reset=ȡ��
+manual_err=������ļ�ʧ��
+manual_efile=����ı���!
+manual_edata=û�б��ļ�������.
+
+
+
+acl_nochange=�ܹ�������ֹͣ����Ӧ��Shorewall������?
+acl_files=���õ�Shorewall��
+acl_all=����
+acl_sel=ѡ�������...
diff --git a/shorewall6/list.cgi b/shorewall6/list.cgi
new file mode 100755
index 000000000..9a4200f68
--- /dev/null
+++ b/shorewall6/list.cgi
@@ -0,0 +1,123 @@
+#!/usr/bin/perl
+# list.cgi
+# Display the contents of some table
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+&get_clean_table_name(\%in);
+&ui_print_header(undef, $text{$in{'tableclean'}."_title"}, "");
+
+$desc = $text{$in{'tableclean'}."_desc"};
+print "$desc<p>\n" if ($desc);
+
+$pfunc = &get_parser_func(\%in);
+@table = &read_table_file($in{'table'}, $pfunc);
+$cfunc = $in{'tableclean'}."_columns";
+$cols = &$cfunc() if (defined(&$cfunc));
+$nfunc = $in{'tableclean'}."_colnames";
+#&debug_message("cfunc = $cfunc");
+#&debug_message("nfunc = $nfunc");
+if (defined(&$nfunc)) {
+	@colnames = &$nfunc();
+	}
+else {
+	@colnames = ( );
+	for($j=0; defined($cols) ? ($j<$cols) : ($text{$in{'tableclean'}."_".$j}); $j++) {
+		push(@colnames, $text{$in{'tableclean'}."_".$j});
+		}
+	}
+
+# Work out select/create links
+@links = ( &select_all_link("d"),
+	   &select_invert_link("d"),
+	   "<a href='edit.cgi?table=$in{'table'}&new=1'>".
+	    $text{$in{'tableclean'}."_add"}."</a>" );
+if (&version_atleast(3, 3, 3) && &indexof($in{'table'}, @comment_tables) >= 0) {
+	push(@links, "<a href='editcmt.cgi?table=$in{'table'}&new=1'>".
+		     $text{"comment_add"}."</a>");
+	}
+
+# Show the table
+if (@table) {
+	print &ui_form_start("delete.cgi", "post");
+	print &ui_hidden("table", $in{'table'}),"\n";
+	print &ui_links_row(\@links);
+	print &ui_columns_start([
+		"",
+		@colnames,
+		(@table > 1 ? ( $text{'list_move'} ) : ( )),
+		$text{'list_add'}
+		], undef, 0, [ "width=5" ]);
+
+	$rfunc = $in{'tableclean'}."_row";
+	for($i=0; $i<@table; $i++) {
+		@t = @{$table[$i]};
+		local @cols;
+		local @tds;
+		if ($t[0] eq "COMMENT") {
+			# Special case - a comment line
+			push(@cols, "<a href='editcmt.cgi?table=$in{'table'}&".
+				    "idx=$i'><i>".join(" ", @t[1..$#t]).
+				    "</i></a>" );
+			@tds = ( "width=5", "colspan=".scalar(@colnames) );
+			}
+		else {
+			# Some rule or other object
+			if (defined(&$rfunc)) {
+				@t = &$rfunc(@t);
+				}
+			for($j=0; $j<@colnames; $j++) {
+				if ($j == 0) {
+					$lnk = "<a href='edit.cgi?table=$in{'table'}&idx=$i'>$t[$j]</a>";
+					}
+				else {
+					$lnk = $t[$j];
+					}
+				push(@cols, $lnk);
+				}
+			@tds = ( "width=5" );
+			}
+		if (@table > 1) {
+			$mover = "";
+			if ($i == 0) {
+				$mover .= "<img src=images/gap.gif>";
+				}
+			else {
+				$mover .= "<a href='up.cgi?table=$in{'table'}&idx=$i'><img src=images/up.gif border=0></a>\n";
+				}
+			if ($i == $#table) {
+				$mover .= "<img src=images/gap.gif>";
+				}
+			else {
+				$mover .= "<a href='down.cgi?table=$in{'table'}&idx=$i'><img src=images/down.gif border=0></a>\n";
+				}
+			push(@cols, $mover);
+			}
+		push(@cols, 
+		      "<a href='edit.cgi?table=$in{'table'}&new=1&before=$i'>".
+		      "<img src=images/before.gif border=0></a>\n".
+		      "<a href='edit.cgi?table=$in{'table'}&new=1&after=$i'>".
+		      "<img src=images/after.gif border=0></a>\n");
+		print &ui_checked_columns_row(\@cols, \@tds, "d", $i);
+		}
+	print &ui_columns_end();
+	}
+else {
+	print "<b>",$text{$in{'tableclean'}."_none"},"</b><p>\n";
+	shift(@links); shift(@links);
+	}
+print &ui_links_row(\@links);
+if (@table) {
+	print &ui_form_end([ [ "delete", $text{'list_delete'} ] ]);
+	}
+
+print &ui_hr();
+print &ui_buttons_start();
+print &ui_buttons_row("manual_form.cgi", $text{'list_manual'},
+		      &text('list_manualdesc',
+			"<tt>$config{'config_dir'}/$in{'table'}</tt>"),
+		      &ui_hidden("table", $in{'table'}));
+print &ui_buttons_end();
+
+&ui_print_footer("", $text{'index_return'});
diff --git a/shorewall6/log_parser.pl b/shorewall6/log_parser.pl
new file mode 100755
index 000000000..6a53832e7
--- /dev/null
+++ b/shorewall6/log_parser.pl
@@ -0,0 +1,19 @@
+# log_parser.pl
+# Functions for parsing this module's logs
+
+do 'shorewall6-lib.pl';
+
+# parse_webmin_log(user, script, action, type, object, &params)
+# Converts logged information from this module into human-readable form
+sub parse_webmin_log
+{
+local ($user, $script, $action, $type, $object, $p) = @_;
+if ($type eq 'table' || $type eq 'comment') {
+	return &text('log_'.$action.'_'.$type, $text{$object.'_title'});
+	}
+else {
+	return $text{'log_'.$action};
+	}
+}
+
+
diff --git a/shorewall6/manual_form.cgi b/shorewall6/manual_form.cgi
new file mode 100755
index 000000000..2e5f4b7e5
--- /dev/null
+++ b/shorewall6/manual_form.cgi
@@ -0,0 +1,27 @@
+#!/usr/bin/perl
+# Display the contents of a table file
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&get_clean_table_name(\%in);
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+&ui_print_header(undef, $text{$in{'tableclean'}."_title"}, "");
+
+$file = "$config{'config_dir'}/$in{'table'}";
+$in{'table'} =~ /\.\./ && &error($text{'manual_efile'});
+print &text('manual_desc', "<tt>$file</tt>"),"<p>\n";
+
+print "<form action=manual_save.cgi method=post enctype=multipart/form-data>\n";
+print &ui_hidden("table", $in{'table'});
+print "<textarea name=data rows=20 cols=80>";
+open(FILE, $file);
+while(<FILE>) {
+	print &html_escape($_);
+	}
+close(FILE);
+print "</textarea><br>\n";
+print "<input type=submit value='$text{'save'}'>\n";
+print "<input type=reset value='$text{'manual_reset'}'>\n";
+print "</form>\n";
+
+&ui_print_footer("list.cgi?table=$in{'table'}", $text{$in{'tableclean'}."_return"});
diff --git a/shorewall6/manual_save.cgi b/shorewall6/manual_save.cgi
new file mode 100755
index 000000000..616a45a60
--- /dev/null
+++ b/shorewall6/manual_save.cgi
@@ -0,0 +1,18 @@
+#!/usr/bin/perl
+# Save the contents of a table file
+
+require './shorewall6-lib.pl';
+&ReadParseMime();
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+&error_setup($text{'manual_err'});
+$file = "$config{'config_dir'}/$in{'table'}";
+$in{'table'} =~ /\.\./ && &error($text{'manual_efile'});
+$in{'data'} =~ s/\r//g;
+$in{'data'} || &error($text{'manual_edata'});
+
+&open_lock_tempfile(FILE, ">$file");
+&print_tempfile(FILE, $in{'data'});
+&close_tempfile(FILE);
+&webmin_log('manual', 'table', $in{'table'});
+&redirect("list.cgi?table=$in{'table'}");
+
diff --git a/shorewall6/module.info b/shorewall6/module.info
new file mode 100644
index 000000000..f835fa458
--- /dev/null
+++ b/shorewall6/module.info
@@ -0,0 +1,10 @@
+desc=Shorewall6 Firewall
+category=net
+os_support=*-linux
+depends=syslog
+longdesc=Lets you edit the most useful tables of the Shorewall6 Firewall
+desc_ca=Tallafocs Shorewall6
+desc_es=Cortafuegos Shorewall6
+desc_cz=Shorewall Firewall6
+desc_nl=Shorewall Firewall6
+desc_cz.UTF-8=Shorewall Firewall6
diff --git a/shorewall6/refresh.cgi b/shorewall6/refresh.cgi
new file mode 100755
index 000000000..9a8fc282d
--- /dev/null
+++ b/shorewall6/refresh.cgi
@@ -0,0 +1,21 @@
+#!/usr/bin/perl
+# refresh.cgi
+# Activate the current config
+
+require './shorewall6-lib.pl';
+if ($access{'nochange'}) {
+  redirect("/");
+  exit 0;
+}
+
+&error_setup($text{'refresh_err'});
+$err = &run_before_apply_command();
+&error($err) if ($err);
+$out = &backquote_logged("$config{'shorewall6'} refresh 2>&1");
+if ($?) {
+	&error("<pre>$out</pre>");
+	}
+$err = &run_after_apply_command();
+&webmin_log("refresh");
+&redirect("");
+
diff --git a/shorewall6/restart.cgi b/shorewall6/restart.cgi
new file mode 100755
index 000000000..d136a4ae9
--- /dev/null
+++ b/shorewall6/restart.cgi
@@ -0,0 +1,21 @@
+#!/usr/bin/perl
+# restart.cgi
+# Activate the current config
+
+require './shorewall6-lib.pl';
+if ($access{'nochange'}) {
+  redirect("/");
+  exit 0;
+}
+
+&error_setup($text{'restart_err'});
+$err = &run_before_apply_command();
+&error($err) if ($err);
+$out = &backquote_logged("$config{'shorewall6'} restart 2>&1");
+if ($?) {
+	&error("<pre>$out</pre>");
+	}
+$err = &run_after_apply_command();
+&webmin_log("restart");
+&redirect("");
+
diff --git a/shorewall6/save.cgi b/shorewall6/save.cgi
new file mode 100755
index 000000000..28c1b299e
--- /dev/null
+++ b/shorewall6/save.cgi
@@ -0,0 +1,44 @@
+#!/usr/bin/perl
+# save.cgi
+# Updated, modify or delete a table entry
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&get_clean_table_name(\%in);
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+$pfunc = &get_parser_func(\%in);
+&error_setup($text{$in{'tableclean'}."_err"});
+
+&lock_table($in{'table'});
+if ($in{'delete'}) {
+	# Just delete one row
+	&delete_table_row($in{'table'}, $pfunc, $in{'idx'});
+	}
+else {
+	# Validate inputs
+	$vfunc = $in{'tableclean'}."_validate";
+	@row = &$vfunc();
+	$jfunc = $in{'tableclean'}."_join";
+	if (defined(&$jfunc)) {
+		$line = &$jfunc(@row);
+		}
+	else {
+		$line = join("\t", @row);
+		}
+
+	# Update or add
+	if ($in{'new'}) {
+		local $where = $in{'before'} ne '' ? $in{'before'} :
+			       $in{'after'} ne '' ? $in{'after'}+1 : undef;
+		&create_table_row($in{'table'}, $pfunc, $line, $where);
+		}
+	else {
+		# Updating 
+		&modify_table_row($in{'table'}, $pfunc, $in{'idx'}, $line);
+		}
+	}
+&unlock_table($in{'table'});
+&webmin_log($in{'new'} ? "create" : $in{'delete'} ? "delete" : "modify",
+	    "table", $in{'table'});
+&redirect("list.cgi?table=$in{'table'}");
+
diff --git a/shorewall6/savecmt.cgi b/shorewall6/savecmt.cgi
new file mode 100755
index 000000000..b2134cfa7
--- /dev/null
+++ b/shorewall6/savecmt.cgi
@@ -0,0 +1,33 @@
+#!/usr/bin/perl
+# Updated, modify or delete a comment
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+$pfunc = &get_parser_func(\%in);
+&error_setup($text{"comment_err"});
+
+&lock_table($in{'table'});
+if ($in{'delete'}) {
+	# Just delete one row
+	&delete_table_row($in{'table'}, $pfunc, $in{'idx'});
+	}
+else {
+	# Validate inputs
+	$in{'msg'} =~ /\S/ || &error($text{'comment_enone'});
+	$line = "COMMENT $in{'msg'}";
+
+	# Update or add
+	if ($in{'new'}) {
+		&create_table_row($in{'table'}, $pfunc, $line);
+		}
+	else {
+		# Updating 
+		&modify_table_row($in{'table'}, $pfunc, $in{'idx'}, $line);
+		}
+	}
+&unlock_table($in{'table'});
+&webmin_log($in{'new'} ? "create" : $in{'delete'} ? "delete" : "modify",
+	    "comment", $in{'table'});
+&redirect("list.cgi?table=$in{'table'}");
+
diff --git a/shorewall6/shorewall6-lib.pl b/shorewall6/shorewall6-lib.pl
new file mode 100755
index 000000000..1f6b9c5bd
--- /dev/null
+++ b/shorewall6/shorewall6-lib.pl
@@ -0,0 +1,1724 @@
+# shorewall6-lib.pl
+# Common functions for the shorewall6 configuration files
+# FIXME:
+# - rule sections
+# - read_shorewall6_config & standard_parser do not allow quoted comment characters
+
+BEGIN { push(@INC, ".."); };
+use WebminCore;
+&init_config();
+
+# Get the version
+$shorewall6_version = &get_shorewall6_version(0);
+%shorewall6_config = &read_shorewall6_config();
+#&dump_shorewall6_config();
+
+# get access permissions
+%access = &get_module_acl();
+
+@shorewall6_files = ( 'zones', 'interfaces', 'policy', 'rules', 'tos',
+	   	     'proxyndp', 'routestopped',
+	   	     'tunnels', 'hosts', 'blacklist',
+		     ( &version_atleast(2, 3) ? ( 'providers' ) : ( ) ),
+	   	     'params', 'shorewall6.conf',
+);
+@comment_tables = ( 'rules', 'tcrules' );
+
+sub debug_message
+{
+	print STDERR scalar(localtime).": shorewall6-lib: @_\n";
+}
+
+# version_atleast(v1, v2, v3, ...)
+# - Check if the Shorewall version is greater than or equal to the one supplied.
+sub version_atleast
+{
+local @vsp = split(/\./, $shorewall6_version);
+local $i;
+for($i=0; $i<@vsp || $i<@_; $i++) {
+	return 0 if ($vsp[$i] < $_[$i]);
+	return 1 if ($vsp[$i] > $_[$i]);
+	}
+return 1;	# same!
+}
+
+sub read_shorewall6_config
+{
+	local @ret;
+	open(SHOREWALL_CONF, "$config{'config_dir'}/shorewall6.conf");
+	while (<SHOREWALL_CONF>) {
+		chomp;
+		s/\r//;
+		s/#.*$//;
+		@F = split( /=/, $_, 2 );
+		next if $#F != 1;
+		push @ret, ( $F[0], $F[1] );
+	}
+	close(SHOREWALL_CONF);
+	return @ret;
+}
+
+# dump_shorewall6_config()
+# - Debugging code
+sub dump_shorewall6_config
+{
+	for (sort keys %shorewall6_config) {
+		print STDERR "$_=$shorewall6_config{$_}\n";
+	}
+}
+
+# shorewall6_config(var)
+sub shorewall6_config
+{
+	if (exists $shorewall6_config{$_[0]}  &&  defined $shorewall6_config{$_[0]}) {
+		return $shorewall6_config{$_[0]};
+	}
+	return '';
+}
+
+# return true if new zones format is in use
+sub new_zones_format
+{
+	# Shorewall 3.4.0 - 3.4.4 have a bug that prevents the old format from being used.
+	if (&version_atleast(3, 4)  &&  !&version_atleast(3, 4, 5)) {
+		return 1;
+	}
+	# Zones table is in new format in Shorewall 3, unless shorewall6.conf has IPSECFILE=ipsec
+	if (!&version_atleast(3)  ||  &shorewall6_config('IPSECFILE') eq 'ipsec') {
+		return 0;
+	}
+	return 1;
+}
+
+# read_table_file(table, &parserfunc)
+sub read_table_file
+{
+local @rv;
+local $func = $_[1];
+open(FILE, "$config{'config_dir'}/$_[0]");
+while(<FILE>) {
+	s/\r|\n//g;
+	local $l = &$func($_);
+	push(@rv, $l) if ($l);
+	}
+close(FILE);
+return @rv;
+}
+
+# read_table_struct(table, &parserfunc)
+sub read_table_struct
+{
+if (!defined($read_table_cache{$_[0]})) {
+	local @rv;
+	local $func = $_[1];
+	open(FILE, "$config{'config_dir'}/$_[0]");
+	local $lnum = 0;
+	while(<FILE>) {
+		s/\r|\n//g;
+		local $cmt;
+		if (s/#\s*(.*)$//) {
+			$cmt = $1;
+			}
+		local $l = &$func($_);
+		if ($l) {
+			push(@rv, { 'line' => $lnum,
+				    'file' => "$config{'config_dir'}/$_[0]",
+				    'table' => $_[0],
+				    'index' => scalar(@rv),
+				    'values' => $l,
+				    'comment' => $cmt });
+			}
+		$lnum++;
+		}
+	close(FILE);
+	$read_table_cache{$_[0]} = \@rv;
+	}
+return $read_table_cache{$_[0]};
+}
+
+# find_line_num(&lref, &parserfunc, index)
+sub find_line_num
+{
+local $lref = $_[0];
+local $func = $_[1];
+local $idx = 0;
+for($i=0; $i<@$lref; $i++) {
+	if (&$func($lref->[$i])) {
+		if ($idx++ == $_[2]) {
+			return $i;
+			}
+		}
+	}
+return undef;
+}
+
+# delete_table_row(table, &parserfunc, index)
+sub delete_table_row
+{
+local $lref = &read_file_lines("$config{'config_dir'}/$_[0]");
+local $lnum = &find_line_num($lref, $_[1], $_[2]);
+splice(@$lref, $lnum, 1) if (defined($lnum));
+&flush_file_lines();
+}
+
+# delete_table_struct(&struct)
+sub delete_table_struct
+{
+local $lref = &read_file_lines($_[0]->{'file'});
+splice(@$lref, $_[0]->{'line'}, 1);
+&flush_file_lines();
+local $cache = $read_table_cache{$_[0]->{'table'}};
+local $idx = &indexof($_[0], @$cache);
+if ($idx >= 0) {
+	splice(@$cache, $idx, 1);
+	}
+local $c;
+foreach $c (@$cache) {
+	$c->{'line'}-- if ($c->{'line'} > $_[0]->{'line'});
+	$c->{'index'}-- if ($c->{'index'} > $_[0]->{'index'});
+	}
+}
+
+# create_table_row(table, &parserfunc, line, [insert-index])
+sub create_table_row
+{
+local $lref = &read_file_lines("$config{'config_dir'}/$_[0]");
+local ($i, $idx);
+for($i=0; $i<@$lref; $i++) {
+	if ($lref->[$i] =~ /^#+\s*LAST\s+LINE/) {
+		$idx = $i;
+		last;
+		}
+	elsif ($lref->[$i] =~ /^SECTION\s+NEW/) {
+		$idx = $i+1;
+		last;
+		}
+	}
+if (defined($_[3])) {
+	local $lnum = &find_line_num($lref, $_[1], $_[3]);
+	$lnum = $idx if (!defined($lnum));
+	splice(@$lref, $lnum, 0, &simplify_line($_[2]));
+	}
+else {
+	splice(@$lref, $idx, 0, &simplify_line($_[2]));
+	}
+&flush_file_lines();
+}
+
+# create_table_struct(&struct, parserfunc, [&insert-before])
+sub create_table_struct
+{
+local $lref = &read_file_lines("$config{'config_dir'}/$_[0]->{'table'}");
+local ($i, $idx);
+for($i=0; $i<@$lref; $i++) {
+	if ($lref->[$i] =~ /^#+\s*LAST\s+LINE/) {
+		$idx = $i;
+		last;
+		}
+	}
+if (!defined($idx)) {
+	$idx = @$lref;
+	}
+local $cache = &read_table_struct($_[0]->{'table'}, $_[1]);
+if ($_[2]) {
+	# Insert into file
+	splice(@$lref, $_[2]->{'line'}, 0, &make_struct($_[0]));
+	$_[0]->{'file'} = "$config{'config_dir'}/$_[0]->{'table'}";
+	$_[0]->{'line'} = $_[2]->{'line'};
+	$_[0]->{'index'} = $_[2]->{'index'};
+	local $c;
+	foreach $c (@$cache) {
+		$_[0]->{'line'}++ if ($c->{'line'} >= $_[2]->{'line'});
+		$_[0]->{'index'}++ if ($c->{'index'} >= $_[2]->{'index'});
+		}
+	local $iidx = &indexof($_[2], @$cache);
+	splice(@$cache, $iidx, 0, $_[0]);
+	}
+else {
+	# Append to file
+	splice(@$lref, $idx, 0, &make_struct($_[0]));
+	$_[0]->{'file'} = "$config{'config_dir'}/$_[0]->{'table'}";
+	$_[0]->{'line'} = $idx;
+	$_[0]->{'index'} = @$cache;
+	push(@$cache, $_[0]->{'index'});
+	}
+&flush_file_lines();
+}
+
+# modify_table_row(table, &parserfunc, index, line)
+sub modify_table_row
+{
+local $lref = &read_file_lines("$config{'config_dir'}/$_[0]");
+local $lnum = &find_line_num($lref, $_[1], $_[2]);
+$lref->[$lnum] = &simplify_line($_[3]) if (defined($lnum));
+&flush_file_lines();
+}
+
+# modify_table_struct(&newstruct, &oldstruct)
+sub modify_table_struct
+{
+local $lref = &read_file_lines("$config{'config_dir'}/$_[1]->{'table'}");
+$lref->[$_[1]->{'line'}] = &make_struct($_[0]);
+if ($_[0] ne $_[1]) {
+	$_[0]->{'line'} = $_[1]->{'line'};
+	$_[0]->{'index'} = $_[1]->{'index'};
+	local $cache = $read_table_cache{$_[1]->{'table'}};
+	local $idx = &indexof($_[1], @$cache);
+	$cache->[$idx] = $_[0];
+	}
+&flush_file_lines();
+}
+
+# swap_table_rows(table, &parserfunc, index1, index2)
+sub swap_table_rows
+{
+local $lref = &read_file_lines("$config{'config_dir'}/$_[0]");
+local $lnum1 = &find_line_num($lref, $_[1], $_[2]);
+local $lnum2 = &find_line_num($lref, $_[1], $_[3]);
+($lref->[$lnum1], $lref->[$lnum2]) = ($lref->[$lnum2], $lref->[$lnum1]);
+&flush_file_lines();
+}
+
+# make_struct(&struct)
+sub make_struct
+{
+local $line = join("\t", @{$_[0]->{'values'}});
+if ($_[0]->{'comment'}) {
+	$line .= "\t# $_[0]->{'comment'}";
+	}
+return &simplify_line($line);
+}
+
+# simplify_line(line)
+# Removes blank fields from the end of a line
+sub simplify_line
+{
+local $rv = $_[0];
+while($rv =~ s/\s+$// || $rv =~ s/\-$//) { }
+return $rv;
+}
+
+sub lock_table
+{
+&lock_file("$config{'config_dir'}/$_[0]");
+}
+
+sub unlock_table
+{
+&unlock_file("$config{'config_dir'}/$_[0]");
+}
+
+# parser for whitespace-separated config files
+sub standard_parser
+{
+local $l = $_[0];
+$l =~ s/#.*$//;
+local @sp = split(/\s+/, $l);
+return undef if ($sp[0] eq "SECTION");
+return @sp ? \@sp : undef;
+}
+
+# parser for shell-style config files
+sub config_parser
+{
+    local $l = $_[0];
+    $l =~ s/#\s*(.*?)\s*$//;		# save the comment we strip
+    local @sp = split(/=/, $l, 2);
+    if ($#sp > -1 && defined $1) {
+	push @sp, $1;			# add back the saved comment, if present
+	}
+    return @sp ? \@sp : undef;
+}
+
+# determine which parser function to use
+sub get_parser_func
+{
+    local $hashref = $_[0];
+    &get_clean_table_name($hashref);
+    local $pfunc = $hashref->{'tableclean'}."_parser";
+    if (!defined(&$pfunc)) {
+	if ($hashref->{'tableclean'} =~ /^(params|shorewall6_conf)$/) {
+	    $pfunc = "config_parser";
+	}
+	else {
+	    $pfunc = "standard_parser";
+	}
+    }
+    return $pfunc;
+}
+
+# ensure that the passed string contains only characters valid in shell variable identifiers
+sub clean_name
+{
+    local $str = $_[0];
+    $str =~ s/\W/_/g;
+    return $str;
+}
+
+# get a table name that is clean enough to use as a function prefix
+sub get_clean_table_name
+{
+    local $hashref = $_[0];
+    if (!exists hashref->{'tableclean'}) {
+	$hashref->{'tableclean'} = &clean_name($in{'table'});
+    }
+}
+
+# zone_field(name, value, othermode, simplemode)
+sub zone_field
+{
+local @ztable = &read_table_file("zones", \&zones_parser);
+local $found = 0;
+
+print "<select name=$_[0]>\n";
+if ($_[3] == 2) {
+	$found = !$_[1];
+	}
+elsif ($_[3] == 1) {
+	printf "<option value=- %s>%s\n",
+		$_[1] eq '-' ? "selected" : "", "&lt;$text{'list_any'}&gt;";
+	$found = !$_[1] || $_[1] eq '-';
+	}
+elsif ($_[3] == 0) {
+	printf "<option value=all %s>%s\n",
+		$_[1] eq 'all' ? "selected" : "", "&lt;$text{'list_any'}&gt;";
+	printf "<option value=\$FW %s>%s\n",
+		&is_fw($_[1]) ? "selected" : "", "&lt;$text{'list_fw'}&gt;";
+	$found = !$_[1] || $_[1] eq 'all' || &is_fw($_[1]);
+	}
+foreach $z (@ztable) {
+	printf "<option value=%s %s>%s\n",
+		$z->[0], $_[1] eq $z->[0] ? "selected" : "", &convert_zone($z->[0]);
+	$found++ if ($_[1] eq $z->[0]);
+	}
+if ($_[2]) {
+	printf "<option value='' %s>%s\n",
+		$found ? "" : "selected", $text{'list_other'};
+	}
+else {
+	print "<option value=$_[1] selected>$_[1]\n" if (!$found);
+	}
+print "</select>\n";
+return $found;
+}
+
+# iface_field(name, value)
+sub iface_field
+{
+local @itable = &read_table_file("interfaces", \&standard_parser);
+print "<select name=$_[0]>\n";
+local $found = !$_[1];
+foreach $i (@itable) {
+	printf "<option value=%s %s>%s\n",
+		$i->[1], $_[1] eq $i->[1] ? "selected" : "", $i->[1];
+	$found++ if ($_[1] eq $i->[1]);
+	}
+print "<option value=$_[1] selected>$_[1]\n" if (!$found);
+print "</select>\n";
+}
+
+# convert_zone(name)
+# Given a zone name, returns a description
+# FIXME: inefficient - should be able to pass ztable into this function
+sub convert_zone
+{
+local @ztable = &read_table_file("zones", \&zones_parser);
+foreach $z (@ztable) {
+	if ($_[0] eq $z->[0]) {
+		if (&new_zones_format()) {
+			# No descriptions in new format - use comment field if present
+			if (defined $z->[6]  &&  $z->[6] ne "") {
+				$ret = $_[0]." - ".$z->[6];
+				}
+			else {
+				$ret = $_[0];
+				}
+			}
+		else {
+			$ret = $z->[1];
+			}
+		}
+	}
+if (&is_fw($_[0])) {
+	$ret = $text{'list_fw'};
+	}
+return $ret || $_[0];
+}
+
+# nice_host_list(list)
+# Convert a comma-separate host string to space-separated
+sub nice_host_list
+{
+local @hosts = split(/,/, $_[0]);
+if (@host > 5) {
+	return join(", ", @hosts[0..5]).", ...";
+	}
+else {
+	return join(", ", @hosts);
+	}
+}
+
+# is_fw(zone)
+# - Checks if the supplied zone is the firewall zone.
+#   Now handles renaming of firewall zone in shorewall6.conf.
+sub is_fw
+{
+	local $fw = &shorewall6_config('FW');
+	$fw = 'fw' if ($fw eq '');
+	return $_[0] eq '$FW' || $_[0] eq $fw;
+}
+
+################################# zones #######################################
+
+sub zones_parser
+{
+if (&new_zones_format()) {
+	# New format
+	local $l = $_[0];
+	$l =~ s/#\s*(.*?)\s*$//;	# save the stripped comment
+	local $comment = $1 if defined $1;
+	local @r = split(/\s+/, $l, 6);
+	if ($#r > -1) {
+	    local $zone = shift @r;
+
+	    # split out parent if it is present in the zone field
+	    local $parent;
+	    $zone =~ m/(.*?):(.*)/;
+	    if (defined $2) {
+		$zone = $1;
+		$parent = $2;
+		}
+	    else {
+		$parent = "";
+		}
+	    unshift @r, $zone, $parent;
+
+	    # put the saved comment back
+	    if (defined $comment) {
+		# ensure option fields are present
+		while ($#r < 5) {
+		    push @r, "";
+		}
+
+		# add the comment field
+		push @r, $comment;
+		}
+	    }
+	return scalar(@r) ? \@r : undef;
+	}
+else {
+	# Old format
+	local $l = $_[0];
+	$l =~ s/#.*$//;
+	if ($l =~ /^(\S+)\s+(\S+)\s*(.*)/) {
+		return [ $1, $2, $3 ];
+		}
+	else {
+		return undef;
+		}
+	}
+}
+
+sub zones_columns
+{
+return &new_zones_format() ? 4 : 3;
+}
+
+# format a parsed row for display in list form
+sub zones_row
+{
+if (&new_zones_format()) {
+	return ( $_[0], $_[1], $text{'zones_'.$_[2]} || $_[2], $_[6] );
+	}
+else {
+	return @_;
+	}
+}
+
+sub zones_colnames
+{
+if (&new_zones_format()) {
+	return ( $text{'zones_0'}, $text{'zones_1new'}, $text{'zones_2new'},
+# The option fields are not displayed in the main list.
+#		$text{'zones_3new'}, $text{'zones_4new'}, $text{'zones_5new'},
+		$text{'zones_6new'} );
+	}
+else {
+	return ( $text{'zones_0'}, $text{'zones_1'}, $text{'zones_2'} );
+	}
+}
+
+sub zones_form
+{
+if (&new_zones_format()) {
+	# Shorewall 3 zones format
+	print "<tr> <td><b>$text{'zones_0'}</b></td>\n";
+	print "<td>",&ui_textbox("id", $_[0], 8),"</td>\n";
+
+	print "<td><b>$text{'zones_1new'}</b></td>\n";
+	print "<td>\n";
+	&zone_field("parent", $_[1], 0, 1);
+	print "</td> </tr>\n";
+
+	print "<td><b>$text{'zones_2new'}</b></td>\n";
+	print "<td>",&ui_select("type", $_[2],
+		[ [ "ipv6", $text{'zones_ipv6'} ],
+		  [ "ipsec", $text{'zones_ipsec'} ],
+		  [ "firewall", $text{'zones_firewall'} ] ]),"</td> </tr>\n";
+
+	print "<tr> <td><b>$text{'zones_3new'}</b></td>\n";
+	print "<td>",&ui_textbox("opts", $_[3], 50),"</td> </tr>\n";
+
+	print "<tr> <td><b>$text{'zones_4new'}</b></td>\n";
+	print "<td>",&ui_textbox("opts_in", $_[4], 50),"</td> </tr>\n";
+
+	print "<tr> <td><b>$text{'zones_5new'}</b></td>\n";
+	print "<td>",&ui_textbox("opts_out", $_[5], 50),"</td> </tr>\n";
+
+	print "<tr> <td><b>$text{'zones_6new'}</b></td>\n";
+	print "<td>",&ui_textbox("comment", $_[6], 50),"</td> </tr>\n";
+
+	}
+else {
+	# Shorewall 2 zones format
+	print "<tr> <td><b>$text{'zones_0'}</b></td>\n";
+	print "<td><input name=id size=8 value='$_[0]'></td> </tr>\n";
+
+	print "<tr> <td><b>$text{'zones_1'}</b></td>\n";
+	print "<td><input name=name size=15 value='$_[1]'></td> </tr>\n";
+
+	print "<tr> <td><b>$text{'zones_2'}</b></td>\n";
+	print "<td><input name=desc size=70 value='$_[2]'></td> </tr>\n";
+	}
+}
+
+sub zones_validate
+{
+$in{'id'} =~ /^\S+$/ || &error($text{'zones_eid'});
+&is_fw($in{'id'}) && &error($text{'zones_efwid'});
+if (&new_zones_format()) {
+	# Parse new format
+	$in{'opts'} =~ /^\S*$/ || &error($text{'zones_eopts'});
+	$in{'opts_in'} =~ /^\S*$/ || &error($text{'zones_eopts_in'});
+	$in{'opts_out'} =~ /^\S*$/ || &error($text{'zones_eopts_out'});
+	if (!defined $in{'parent'} || $in{'parent'} eq "-") {
+	    return ( $in{'id'}, $in{'type'}, $in{'opts'},
+		     $in{'opts_in'}, $in{'opts_out'}, "# $in{'comment'}" );
+	    }
+	else {
+	    return ( $in{'id'}.":".$in{'parent'}, $in{'type'}, $in{'opts'},
+		     $in{'opts_in'}, $in{'opts_out'}, "# $in{'comment'}" );
+	    }
+	}
+else {
+	# Parse old format
+	$in{'name'} =~ /^\S+$/ || &error($text{'zones_ename'});
+	$in{'desc'} =~ /\S/ || &error($text{'zones_edesc'});
+	return ( $in{'id'}, $in{'name'}, $in{'desc'} );
+	}
+}
+
+################################# interfaces ###################################
+
+sub interfaces_row
+{
+return ( $_[1],
+	 $_[0] eq '-' ? $text{'list_any'} : $_[0],
+	 $_[2] eq 'detect' ? $text{'list_auto'} :
+	  $_[2] eq '-' || $_[2] eq '' ? $text{'list_none'} : $_[2],
+	 $_[3] ? $_[3] : $text{'list_none'} );
+}
+
+@interfaces_opts = ( 'dhcp', 'noping', 'filterping', 'routestopped', 'norfc1918',
+		     'multi', 'routefilter', 'dropunclean', 'logunclean',
+		     'blacklist', 'maclist', 'tcpflags', 'proxyndp' );
+if (&version_atleast(3)) {
+	push(@interfaces_opts, "logmartians", "routeback", "ndp_filter",
+			       "ndp_ignore", "nosmurfs", "detectnets", "upnp");
+	}
+
+sub interfaces_form
+{
+print "<tr> <td><b>$text{'interfaces_0'}</b></td>\n";
+print "<td><input name=iface size=6 value='$_[1]'></td>\n";
+
+local @ztable = &read_table_file("zones", \&zones_parser);
+print "<td><b>$text{'interfaces_1'}</b></td>\n";
+print "<td>\n";
+&zone_field("zone", $_[0], 0, 1);
+print "</td> </tr>\n";
+
+local $bmode = $_[2] eq 'detect' ? 2 :
+	       $_[2] eq '-' || $_[2] eq '' ? 1 : 0;
+print "<tr> <td><b>$text{'interfaces_2'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=broad_mode value=1 %s> %s\n",
+	$bmode == 1 ? "checked" : "", $text{'list_none'};
+printf "<input type=radio name=broad_mode value=2 %s> %s\n",
+	$bmode == 2 ? "checked" : "", $text{'list_auto'};
+printf "<input type=radio name=broad_mode value=0 %s>\n",
+	$bmode == 0 ? "checked" : "";
+printf "<input name=broad size=50 value='%s'></td> </tr>\n",
+	$bmode == 0 ? $_[2] : "";
+
+# options
+local %opts = map { $_, 1 } split(/,/, $_[3]);
+print "<tr> <td valign=top><b>$text{'interfaces_3'}</b></td> <td colspan=3>\n";
+&options_input("opts", $_[3], \@interfaces_opts);
+print "</td> </tr>\n";
+}
+
+sub interfaces_validate
+{
+$in{'iface'} =~ /^[a-z]+\d*(\.\d+)?$/ ||
+	$in{'iface'} =~ /^[a-z]+\+$/ || &error($text{'interfaces_eiface'});
+$in{'broad_mode'} || $in{'broad'} =~ /^[0-9\.,]+$/ ||
+	&error($text{'interfaces_ebroad'});
+return ( $in{'zone'}, $in{'iface'},
+	 $in{'broad_mode'} == 2 ? 'detect' :
+	 $in{'broad_mode'} == 1 ? '-' : $in{'broad'},
+	 join(",", split(/\0/, $in{'opts'})) );
+}
+
+################################# policy #######################################
+
+sub policy_row
+{
+return ( $_[0] eq 'all' ? $text{'list_any'} :
+	  &is_fw($_[0]) ? $text{'list_fw'} : $_[0],
+	 $_[1] eq 'all' ? $text{'list_any'} :
+	  &is_fw($_[1]) ? $text{'list_fw'} : $_[1],
+	 $_[2], $_[3] eq '-' || $_[3] eq '' ? $text{'list_none'} : $_[3],
+	 $_[4] =~ /(\d+):(\d+)/ ? &text('policy_limit', "$1", "$2")
+				: $text{'list_none'} );
+}
+
+@policy_list = ( "ACCEPT", "DROP", "REJECT", "CONTINUE" );
+
+sub policy_form
+{
+local $found;
+
+print "<tr> <td><b>$text{'policy_0'}</b></td>\n";
+print "<td>\n";
+&zone_field("source", $_[0], 0);
+print "</td>\n";
+
+print "<td><b>$text{'policy_1'}</b></td>\n";
+print "<td>\n";
+&zone_field("dest", $_[1], 0);
+print "</td> </tr>\n";
+
+print "<tr> <td><b>$text{'policy_2'}</b></td>\n";
+print "<td><select name=policy>\n";
+$found = !$_[2];
+foreach $p (@policy_list) {
+	printf "<option value=%s %s>%s\n",
+		$p, lc($p) eq lc($_[2]) ? "selected" : "", $p;
+	$found++ if (lc($p) eq lc($_[2]));
+	}
+print "<option value=$_[2] selected>$_[2]\n" if (!$found);
+print "</select></td>\n";
+
+print "<td><b>$text{'policy_3'}</b></td>\n";
+print "<td><select name=log>\n";
+printf "<option value=- %s>%s\n",
+	$_[3] eq '-' || !$_[3] ? "selected" : "", "&lt;$text{'policy_nolog'}&gt;";
+printf "<option value=ULOG %s>%s\n",
+	$_[3] eq 'ULOG' ? "selected" : "", "&lt;$text{'policy_ulog'}&gt;";
+$found = !$_[3] || $_[3] eq '-' || $_[3] eq 'ULOG';
+&foreign_require("syslog", "syslog-lib.pl");
+foreach $l (&syslog::list_priorities()) {
+	printf "<option value=%s %s>%s\n",
+		$l, $_[3] eq $l ? "selected" : "", $l;
+	$found++ if ($_[3] eq $l);
+	}
+print "<option value=$_[3] selected>$_[3]\n" if (!$found);
+print "</select></td> </tr>\n";
+
+local ($l, $b) = $_[4] =~ /(\d+):(\d+)/ ? ($1, $2) : ( );
+print "<tr> <td><b>$text{'policy_4'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=limit_def value=1 %s> %s\n",
+	$l eq '' ? "checked" : "", $text{'list_none'};
+printf "<input type=radio name=limit_def value=0 %s>\n",
+	$l eq '' ? "" : "checked";
+print &text('policy_limit',
+	    "<input name=limit size=5 value='$l'>",
+	    "<input name=burst size=5 value='$b'>"),"</td> </tr>\n";
+}
+
+sub policy_validate
+{
+&is_fw($in{'source'}) && &is_fw($in{'dest'}) && &error($text{'policy_efw'});
+if (!$in{'limit_def'}) {
+	$in{'limit'} =~ /^\d+$/ || &error($text{'policy_elimit'});
+	$in{'burst'} =~ /^\d+$/ || &error($text{'policy_eburst'});
+	}
+return ( $in{'source'}, $in{'dest'}, $in{'policy'}, $in{'log'}, 
+	 $in{'limit_def'} ? ( ) : ( "$in{'limit'}:$in{'burst'}" ) );
+}
+
+################################# rules #######################################
+
+sub rules_row
+{
+return ( $_[0] =~ /^(\S+):/ ? "$1" : $_[0],
+	 &is_fw($_[1]) ? $text{'list_fw'} :
+	  $_[1] eq 'all' ? $text{'list_any'} :
+	  $config{'display_zone_descriptions'} == 0 ? $_[1] :
+	  $_[1] =~ /^([^:]+):(\S+)$/ ?
+	  &text('rules_hosts', &convert_zone("$1"), &nice_host_list("$2")) :
+	  &text('rules_zone', &convert_zone($_[1])),
+	 &is_fw($_[2]) ? $text{'list_fw'} :
+	  $_[2] eq 'all' ? $text{'list_any'} :
+	  $_[2] =~ /^\d+$/ ? &text('rules_rport', $_[2]) :
+	  $config{'display_zone_descriptions'} == 0 ? $_[2] :
+	  $_[2] =~ /^([^:]+):(\S+)$/ ?
+	  &text('rules_hosts', &convert_zone("$1"), &nice_host_list("$2")) :
+	  &text('rules_zone', &convert_zone($_[2])),
+	 $_[3] eq 'all' ? $text{'list_any'} :
+	  $_[3] eq 'related' ? $text{'rules_related'} : uc($_[3]),
+	 $_[3] eq 'all' || $_[3] eq 'related' ? "" :
+	  $_[5] eq '-' || $_[5] eq '' ? $text{'list_any'} : $_[5],
+	 $_[4] eq '-' || $_[4] eq '' ? "" : $_[4],
+	 &version_atleast(1, 4, 7) ? (
+		$_[7] eq "-" ? "" : $_[7],
+		$_[8] eq "-" ? "" : $_[8] ) :
+		( )
+	);
+}
+
+@rules_actions = ( 'ACCEPT', 'DROP', 'REJECT', 'DNAT', 'DNAT-', 'REDIRECT' );
+if (&version_atleast(2, 0, 0)) {
+	push(@rules_actions, 'CONTINUE');
+	push(@rules_actions, 'ACCEPT+');
+	push(@rules_actions, 'NONAT');
+	push(@rules_actions, 'REDIRECT-');
+	push(@rules_actions, 'LOG');
+	}
+if (&version_atleast(3)) {
+	push(@rules_actions, 'DNAT-');
+	push(@rules_actions, 'SAME');
+	push(@rules_actions, 'SAME-');
+	push(@rules_actions, 'QUEUE');
+	}
+@rules_protos = ( 'all', 'related', 'tcp', 'udp', 'ipv6-icmp' );
+
+sub rules_form
+{
+local $found;
+local @ztable = &read_table_file("zones", \&zones_parser);
+
+local ($action, $log) = split(/:/, $_[0]);
+local $macroarg;
+if ($action =~ /^(.*)\/(.*)$/) {
+	$action = $1;
+	$macroarg = $2;
+	}
+
+# Rule action
+print "<tr> <td><b>$text{'rules_0'}</b></td>\n";
+print "<td colspan=3><select name=action>\n";
+$found = !$_[0];
+foreach $a ((sort { $a cmp $b } @rules_actions),
+	    "-------- Actions --------",
+	    &list_standard_actions(),
+	    (&version_atleast(3) ? ( "-------- Macros --------",
+				     &list_standard_macros() ) : ( ) )) {
+	printf "<option value=%s %s>%s\n",
+		$a, $action eq $a ? "selected" : "", $a;
+	$found++ if ($action eq $a);
+	}
+print "<option value=$action selected>$action\n" if (!$found);
+print "</select>\n";
+
+# Logging level
+print "<b>$text{'rules_log'}</b> <select name=log>\n";
+printf "<option value='' %s>%s\n",
+	!$log ? "selected" : "", "&lt;$text{'rules_nolog'}&gt;";
+printf "<option value=ULOG %s>%s\n",
+	$log eq 'ULOG' ? "selected" : "", "&lt;$text{'policy_ulog'}&gt;";
+$found = !$log || $log eq '-' || $log eq 'ULOG';
+&foreign_require("syslog", "syslog-lib.pl");
+foreach $l (&syslog::list_priorities()) {
+	printf "<option value=%s %s>%s\n",
+		$l, $log eq $l ? "selected" : "", $l;
+	$found++ if ($log eq $l);
+	}
+print "<option value=$log selected>$log\n" if (!$found);
+print "</select></td> </tr>\n";
+
+if (&version_atleast(3)) {
+	print "<tr> <td valign=top><b>$text{'rules_macro'}</b></td>\n";
+	print "<td colspan=3 nowrap>\n";
+	print &ui_select("macro", $macroarg,
+		[ [ "", "&lt;$text{'rules_none2'}&gt;" ],
+		  map { [ $_ ] } (sort { $a cmp $b } @rules_actions) ],
+		1, 0, $macroarg);
+	print "</td> </tr>\n";
+	}
+
+# Source zone and hosts
+local ($zone, $host) = split(/:/, $_[1], 2);
+print "<tr> <td valign=top><b>$text{'rules_1z'}</b></td>\n";
+print "<td colspan=3 nowrap>\n";
+$found = &zone_field("source", $zone, 1);
+printf "<input name=sother size=10 value='%s'>\n",
+	$found ? "" : $zone;
+
+print "<br><b>$text{'rules_inzone'}</b>\n";
+printf "<input type=checkbox name=sinzone_def value=1 %s> %s\n",
+	$host ? "checked" : "", $text{'rules_addr'};
+printf "<input name=sinzone size=50 value='%s'></td> </tr>\n",
+	join(" ", split(/,/, $host));
+
+($zone, $host) = split(/:/, $_[2], 2);
+print "<tr> <td valign=top><b>$text{'rules_2z'}</b></td>\n";
+print "<td colspan=3 nowrap>\n";
+$found = &zone_field("dest", $zone, 1);
+printf "<input name=dother size=10 value='%s'>\n",
+	$found ? "" : $zone;
+
+print "<br><b>$text{'rules_inzone'}</b>\n";
+printf "<input type=checkbox name=dinzone_def value=1 %s> %s\n",
+	$host ? "checked" : "", $text{'rules_addr'};
+printf "<input name=dinzone size=50 value='%s'>\n",
+	join(" ", split(/,/, $host));
+print "<br>$text{'rules_dnat_dest'}</td> </tr>\n";
+
+print "<tr> <td><b>$text{'rules_3'}</b></td>\n";
+print "<td colspan=3><select name=proto>\n";
+$found = !$_[3];
+foreach $p (@rules_protos) {
+	printf "<option value=%s %s>%s\n",
+		$p, $p eq $_[3] ? "selected" : "",
+		$p eq 'all' ? "&lt;$text{'list_any'}&gt;" :
+		 $p eq 'related' ? "&lt;$text{'rules_related'}&gt;" : uc($p);
+	$found++ if ($p eq $_[3]);
+	}
+printf "<option value='' %s>%s\n",
+	$found ? "" : "selected", $text{'list_other'};
+print "</select>\n";
+printf "<input name=pother size=5 value='%s'></td> </tr>\n",
+	$found ? "" : $_[3];
+
+print "<tr> <td><b>$text{'rules_4'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=sport_def value=1 %s> %s\n",
+	$_[5] eq '' || $_[5] eq '-' ? "checked" : "", $text{'list_any'};
+printf "<input type=radio name=sport_def value=0 %s> %s\n",
+	$_[5] eq '' || $_[5] eq '-' ? "" : "checked", $text{'rules_ranges'};
+printf "<input name=sport size=30 value='%s'></td> </tr>\n",
+	$_[5] eq '' || $_[5] eq '-' ? "" : join(" ", split(/,/, $_[5]));
+
+print "<tr> <td><b>$text{'rules_5'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=dport_def value=1 %s> %s\n",
+	$_[4] eq '' || $_[4] eq '-' ? "checked" : "", $text{'list_any'};
+printf "<input type=radio name=dport_def value=0 %s> %s\n",
+	$_[4] eq '' || $_[4] eq '-' ? "" : "checked", $text{'rules_ranges'};
+printf "<input name=dport size=30 value='%s'>\n",
+	$_[4] eq '' || $_[4] eq '-' ? "" : join(" ", split(/,/, $_[4]));
+print "<br>$text{'rules_dnat_port'}</td> </tr>\n";
+
+print "<tr> <td><b>$text{'rules_dnat'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=dnat_def value=1 %s> %s\n",
+	$_[6] eq '' || $_[6] eq '-' ? "checked" : "", $text{'list_none'};
+printf "<input type=radio name=dnat_def value=0 %s>\n",
+	$_[6] eq '' || $_[6] eq '-' ? "" : "checked";
+printf "<input name=dnat size=30 value='%s'></td> </tr>\n",
+	$_[6] eq '' || $_[6] eq '-' ? "" : $_[6];
+
+if (&version_atleast(1, 4, 7)) {
+	print "<tr> <td><b>$text{'rules_rate'}</b></td> <td colspan=3>\n";
+	printf "<input type=radio name=rate_def value=1 %s> %s\n",
+		$_[7] eq "-" || !$_[7] ? "checked" : "", $text{'rules_norate'};
+	printf "<input type=radio name=rate_def value=0 %s>\n",
+		$_[7] eq "-" || !$_[7] ? "" : "checked";
+	printf "<input name=rate size=15 value='%s'></td> </tr>\n",
+		$_[7] eq "-" ? "" : $_[7];
+
+	print "<tr> <td><b>$text{'rules_set'}</b></td> <td colspan=3>\n";
+	printf "<input type=radio name=set_def value=1 %s> %s\n",
+		$_[8] eq "-" || !$_[8] ? "checked" : "", $text{'rules_noset'};
+	printf "<input type=radio name=set_def value=0 %s>\n",
+		$_[8] eq "-" || !$_[8] ? "" : "checked";
+	printf "<input name=set size=15 value='%s'></td> </tr>\n",
+		$_[8] eq "-" ? "" : $_[8];
+	}
+}
+
+sub rules_validate
+{
+$in{'action'} !~ /----/ || &error($text{'rules_eaction'});
+$in{'source'} || $in{'sother'} =~ /^\S+$/ || &error($text{'rules_esother'});
+!$in{'sinzone_def'} || $in{'sinzone'} =~ /\S/ || &error($text{'rules_esinzone'});
+$in{'dest'} || $in{'dother'} =~ /^\S+$/ || &error($text{'rules_edother'});
+!$in{'dinzone_def'} || $in{'dinzone'} =~ /\S/ || &error($text{'rules_edinzone'});
+$in{'proto'} || $in{'pother'} =~ /^\S+$/ || &error($text{'rules_epother'});
+$in{'sport_def'} || $in{'sport'} =~ /\S/ || &error($text{'rules_esport'});
+$in{'dport_def'} || $in{'dport'} =~ /\S/ || &error($text{'rules_edport'});
+$in{'dnat_def'} || &check_ip6address($in{'dnat'}) ||
+	($in{'dnat'} =~ /^([0-9\.]+):([0-9\.]+)$/ &&
+	 &check_ip6address("$1") && &check_ip6address("$2")) ||
+	($in{'dnat'} =~ /^\!([0-9\.]+)$/ && &check_ip6address("$1")) ||
+	($in{'dnat'} =~ /^\!([0-9\.]+),([0-9\.]+)(\/\d+)?$/ &&
+	 &check_ip6address("$1") && &check_ip6address("$2")) ||
+	($in{'dnat'} =~ /^\!([0-9\.,]+)$/ &&
+         scalar(grep { &check_ip6address($_) } split(/,/, $1))) ||
+	&error($text{'rules_ednat'});
+$in{'action'} ne 'DNAT' && $in{'action'} ne 'REDIRECT' && $in{'action'} ne 'DNAT-' && 
+	!$in{'dnat_def'} && &error($text{'rules_ednat2'});
+
+$in{'sinzone'} =~ s/\s+/,/g;
+$in{'dinzone'} =~ s/\s+/,/g;
+$in{'sport'} =~ s/\s+/,/g;
+$in{'dport'} =~ s/\s+/,/g;
+if (&version_atleast(1, 4, 7)) {
+	$in{'rate_def'} || $in{'rate'} =~ /^\S+$/ ||
+		&error($text{'rules_erate'});
+	$in{'set_def'} || $in{'set'} =~ /^\S+$/ ||
+		&error($text{'rules_eset'});
+	}
+if ($in{'macro'} && &indexof($in{'action'}, &list_standard_macros()) >= 0) {
+	$in{'action'} .= "/".$in{'macro'};
+	$in{'proto'} = $in{'pother'} = undef;
+	}
+return ( $in{'log'} ? "$in{'action'}:$in{'log'}" : $in{'action'},
+	 ($in{'source'} || $in{'sother'}).
+	  ($in{'sinzone_def'} ? ":$in{'sinzone'}" : ""),
+	 ($in{'dest'} || $in{'dother'}).
+	  ($in{'dinzone_def'} ? ":$in{'dinzone'}" : ""),
+	 $in{'proto'} || $in{'pother'} || '-',
+	 $in{'dport_def'} ? "-" : $in{'dport'},
+	 $in{'sport_def'} ? "-" : $in{'sport'},
+	 $in{'dnat_def'} ? "-" : $in{'dnat'},
+	 &version_atleast(1, 4, 7) ? (
+		( $in{'rate_def'} ? "-" : $in{'rate'} ),
+		( $in{'set_def'} ? "-" : $in{'set'} )
+		) : ( )
+	);
+}
+
+sub rules_columns
+{
+return &version_atleast(1, 4, 7) ? 6 : 8;
+}
+
+################################# tos #########################################
+
+%tos_map = ( 0, 'Normal-Service',
+	     2, 'Minimize-Cost',
+	     4, 'Maximize-Reliability',
+	     8, 'Maximize-Throughput',
+	     16, 'Minimize-Delay' );
+@tos_protos = ( 'tcp', 'udp', 'ipv6-icmp' );
+
+sub tos_row
+{
+return ( &is_fw($_[0]) ? $text{'list_fw'} :
+	  $_[0] eq 'all' ? $text{'list_any'} :
+	  $_[0] =~ /^([^:]+):(\S+)$/ ? &text('rules_hosts', "$1", "$2") :
+	  &text('rules_zone', $_[0]),
+	 &is_fw($_[1]) ? $text{'list_fw'} :
+	  $_[1] eq 'all' ? $text{'list_any'} :
+	  $_[1] =~ /^([^:]+):(\S+)$/ ? &text('rules_hosts', "$1", "$2") :
+	  &text('rules_zone', $_[1]),
+	 uc($_[2]),
+	 $_[3] eq '-' || $_[3] eq '' ? $text{'list_any'} : $_[3],
+	 $_[4] eq '-' || $_[4] eq '' ? $text{'list_any'} : $_[4],
+	 $tos_map{$_[5]} || $_[5],
+	 $_[6] eq '-' ? $text{'list_none'} : $_[6] );
+}
+
+sub tos_form
+{
+local ($zone, $host) = split(/:/, $_[0], 2);
+print "<tr> <td valign=top><b>$text{'tos_0z'}</b></td>\n";
+print "<td colspan=3 nowrap>\n";
+$found = &zone_field("source", $zone, 1);
+printf "<input name=sother size=10 value='%s'>\n",
+	$found ? "" : $zone;
+
+print "<br><b>$text{'rules_inzone'}</b>\n";
+printf "<input type=checkbox name=sinzone_def value=1 %s> %s\n",
+	$host ? "checked" : "", $text{'rules_addr'};
+printf "<input name=sinzone size=50 value='%s'></td> </tr>\n",
+	join(" ", split(/,/, $host));
+
+($zone, $host) = split(/:/, $_[1], 2);
+print "<tr> <td valign=top><b>$text{'tos_1z'}</b></td>\n";
+print "<td colspan=3 nowrap>\n";
+$found = &zone_field("dest", $zone, 1);
+printf "<input name=dother size=10 value='%s'>\n",
+	$found ? "" : $zone;
+
+print "<br><b>$text{'rules_inzone'}</b>\n";
+printf "<input type=checkbox name=dinzone_def value=1 %s> %s\n",
+	$host ? "checked" : "", $text{'rules_addr'};
+printf "<input name=dinzone size=50 value='%s'></td> </tr>\n",
+	join(" ", split(/,/, $host));
+
+print "<tr> <td><b>$text{'tos_2'}</b></td>\n";
+print "<td><select name=proto>\n";
+$found = !$_[2];
+foreach $p (@tos_protos) {
+	printf "<option value=%s %s>%s\n",
+		$p, $p eq $_[2] ? "selected" : "", uc($p);
+	$found++ if ($p eq $_[2]);
+	}
+printf "<option value='' %s>%s\n",
+	$found ? "" : "selected", $text{'list_other'};
+print "</select>\n";
+printf "<input name=pother size=5 value='%s'></td> </tr>\n",
+	$found ? "" : $_[2];
+
+print "<tr> <td><b>$text{'tos_3'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=sport_def value=1 %s> %s\n",
+	$_[3] eq '' || $_[3] eq '-' ? "checked" : "", $text{'list_any'};
+printf "<input type=radio name=sport_def value=0 %s> %s\n",
+	$_[3] eq '' || $_[3] eq '-' ? "" : "checked", $text{'rules_ranges'};
+printf "<input name=sport size=30 value='%s'></td> </tr>\n",
+	$_[3] eq '' || $_[3] eq '-' ? "" : join(" ", split(/,/, $_[3]));
+
+print "<tr> <td><b>$text{'tos_4'}</b></td> <td colspan=3>\n";
+printf "<input type=radio name=dport_def value=1 %s> %s\n",
+	$_[4] eq '' || $_[4] eq '-' ? "checked" : "", $text{'list_any'};
+printf "<input type=radio name=dport_def value=0 %s> %s\n",
+	$_[4] eq '' || $_[4] eq '-' ? "" : "checked", $text{'rules_ranges'};
+printf "<input name=dport size=30 value='%s'></td> </tr>\n",
+	$_[4] eq '' || $_[4] eq '-' ? "" : join(" ", split(/,/, $_[4]));
+
+print "<tr> <td><b>$text{'tos_5'}</b></td>\n";
+print "<td><select name=tos>\n";
+$found = !$_[5];
+foreach $t (sort { $a <=> $b } keys %tos_map) {
+	printf "<option value=%s %s>%s\n",
+		$t, $_[5] == $t ? "selected" : "", $tos_map{$t};
+	$found++ if ($_[5] == $t);
+	}
+print "<option value=$_[5] selected>$_[5]\n" if (!$found);
+print "</select></td> </tr>\n";
+
+print "<tr> <td><b>$text{'tos_6'}</b></td>\n";
+printf "<td><input name=mark size=50 value='%s'></td> </tr>\n",
+	$_[6] eq "-" ? "" : $_[6];
+}
+
+sub tos_validate
+{
+$in{'source'} || $in{'sother'} =~ /^\S+$/ || &error($text{'rules_esother'});
+!$in{'sinzone_def'} || $in{'sinzone'} =~ /\S/ || &error($text{'rules_esinzone'});
+$in{'dest'} || $in{'dother'} =~ /^\S+$/ || &error($text{'rules_edother'});
+!$in{'dinzone_def'} || $in{'dinzone'} =~ /\S/ || &error($text{'rules_edinzone'});
+$in{'proto'} || $in{'pother'} =~ /^\S+$/ || &error($text{'rules_epother'});
+$in{'sport_def'} || $in{'sport'} =~ /\S/ || &error($text{'rules_esport'});
+$in{'dport_def'} || $in{'dport'} =~ /\S/ || &error($text{'rules_edport'});
+return ( ($in{'source'} || $in{'sother'}).
+	  ($in{'sinzone_def'} ? ":$in{'sinzone'}" : ""),
+	 ($in{'dest'} || $in{'dother'}).
+	  ($in{'dinzone_def'} ? ":$in{'dinzone'}" : ""),
+	 $in{'proto'} || $in{'pother'},
+	 $in{'sport_def'} ? "-" : join(",", split(/\s+/, $in{'sport'})),
+	 $in{'dport_def'} ? "-" : join(",", split(/\s+/, $in{'dport'})),
+	 $in{'tos'},
+	 $in{'mark'} || "-" );
+}
+
+################################# proxyndp #######################################
+
+sub proxyndp_row
+{
+return ( $_[0],
+	 $_[1] eq '-' || $_[1] eq '' ? $text{'list_auto'} : $_[1],
+	 $_[2],
+	 &version_atleast(2, 0, 0) ?
+		( $_[4] =~ /yes/i ? $text{'yes'} : $text{'no'} ) : ( ) );
+}
+
+sub proxyndp_form
+{
+print "<tr> <td><b>$text{'proxyndp_0'}</b></td>\n";
+print "<td><input name=addr size=15 value='$_[0]'></td>\n";
+
+print "<td><b>$text{'proxyndp_1'}</b></td>\n";
+printf "<td><input type=radio name=int_def value=1 %s> %s\n",
+	$_[1] eq '-' || $_[1] eq '' ? "checked" : "", $text{'list_auto'};
+printf "<input type=radio name=int_def value=0 %s>\n",
+	$_[1] eq '-' || $_[1] eq '' ? "" : "checked";
+&iface_field("int", $_[1] eq '-' ? undef : $_[1]);
+print "</td> </tr>";
+
+local $have = $_[3] =~ /yes/i;
+print "<tr> <td><b>$text{'proxyndp_have'}</b></td>\n";
+printf "<td><input type=radio name=have value=1 %s> %s\n",
+	$have ? "checked" : "", $text{'yes'};
+printf "<input type=radio name=have value=0 %s> %s</td>\n",
+	$have ? "" : "checked", $text{'no'};
+
+print "<td><b>$text{'proxyndp_2'}</b></td>\n";
+print "<td>";
+&iface_field("ext", $_[2]);
+print "</td> </tr>";
+
+if (&version_atleast(2, 0, 0)) {
+	local $pers = $_[4] =~ /yes/i;
+	print "<tr> <td><b>$text{'proxydnp_pers'}</b></td>\n";
+	printf "<td><input type=radio name=pers value=1 %s> %s\n",
+		$pers ? "checked" : "", $text{'yes'};
+	printf "<input type=radio name=pers value=0 %s> %s</td>\n",
+		$pers ? "" : "checked", $text{'no'};
+	}
+}
+
+sub proxydnp_validate
+{
+&check_ip6address($in{'addr'}) || &error($text{'proxyndp_eaddr'});
+return ( $in{'addr'},
+	 $in{'int_def'} ? "-" : $in{'int'},
+	 $in{'ext'},
+	 $in{'have'} ? "yes" : "no",
+	 &version_atleast(2, 0, 0) ? ( $in{'pers'} ? "yes" : "no" ) : ( )
+	); 
+	 
+}
+
+sub proxyndp_columns
+{
+return &version_atleast(2, 0, 0) ? 4 : 3;
+}
+
+################################ routestopped ##################################
+
+sub routestopped_row
+{
+return ( $_[0], $_[1],
+	 $_[2] eq '-' || $_[2] eq '' ? $text{'default'} : $_[2],
+	 $_[3] eq '-' || $_[3] eq '' ? $text{'tunnels_gnone'} : $_[3] );
+}
+
+sub routestopped_columns
+{
+return 2;
+}
+
+@routestopped_options = ( "routeback", "source", "dest", "critical" );
+
+sub routestopped_form
+{
+print "<tr> <td valign=top><b>$text{'routestopped_0'}</b></td>\n";
+print "<td valign=top>";
+&iface_field("iface", $_[0]);
+print "</td>\n";
+
+local $none = $_[1] eq '' || $_[1] eq '-' || $_[1] eq '0.0.0.0/0';
+print "<td valign=top><b>$text{'routestopped_1'}</b></td>\n";
+printf "<td><input type=radio name=addr_def value=1 %s> %s<br>\n",
+	$none ? "checked" : "", $text{'routestopped_all'};
+printf "<input type=radio name=addr_def value=0 %s> %s<br>\n",
+	$none ? "" : "checked", $text{'routestopped_list'};
+print "<textarea name=addr rows=5 cols=20>",
+	$none ? "" : join("\n", split(/,/, $_[1])),
+	"</textarea></td> </tr>\n";
+
+if (&version_atleast(3)) {
+	print "<tr> <td valign=top><b>$text{'routestopped_2'}</b></td>\n";
+	print "<td colspan=3>\n";
+	&options_input("opts", $_[2], \@routestopped_options);
+	print "</td> </tr>\n";
+	}
+}
+
+sub routestopped_validate
+{
+$in{'addr_def'} || $in{'addr'} =~ /\S/ || &error($text{'routestopped_eaddr'});
+return ( $in{'iface'},
+	 $in{'addr_def'} ? "-" : join(",", split(/\s+/, $in{'addr'})),
+	 join(",", split(/\0/, $in{'opts'})) );
+}
+
+################################ tunnels ##################################
+
+sub tunnels_row
+{
+local $tt = $_[0];
+$tt =~ s/^(openvpn|generic):.*$/$1/;
+return ( $text{'tunnels_'.$tt} || $tt,
+	 $_[1] eq '-' || $_[1] eq '' ? $text{'routestopped_all'} : $_[1],
+	 $_[2], $_[3] );
+}
+
+sub tunnels_form
+{
+print "<tr> <td><b>$text{'tunnels_0'}</b></td>\n";
+print "<td><select name=type>\n";
+local $tt;
+local $found = !$_[0];
+local $ttype = $_[0];
+local $tport;
+if ($ttype =~ s/^(openvpn|generic):(.*)$/$1/) {
+	$tport = $2;
+	}
+foreach $tt ('ipsec', 'ipsecnat',
+	     (&version_atleast(2, 0, 0) ? ( 'ipsec:noah', 'ipsecnat:noah' )
+				       : ( )),
+	     'ip', 'gre', 'pptpclient', 'pptpserver', 'generic',
+	     (&version_atleast(1, 3, 14) ? ( 'openvpn' ) : ( )) ) {
+	printf "<option value=%s %s>%s\n",
+		$tt, $ttype eq $tt ? "selected" : "",
+		$text{'tunnels_'.$tt.'_l'} || $text{'tunnels_'.$tt};
+	$found++ if ($ttype eq $tt);
+	}
+print "<option value=$ttype selected>",uc($ttype),"\n" if (!$found);
+print "</select>\n";
+print "<input name=tport size=10 value='$tport'>\n";
+print "</td>\n";
+
+print "<tr> <td><b>$text{'tunnels_1'}</b></td>\n";
+print "<td>";
+&zone_field("zone", $_[1], 0, 0);
+print "</td> </tr>\n";
+
+local $none = $_[2] eq '' || $_[2] eq '-';
+print "<tr> <td><b>$text{'tunnels_2'}</b></td> <td valign=top>\n";
+printf "<input type=radio name=gateway_def value=1 %s> %s\n",
+	$none ? "checked" : "", $text{'default'};
+printf "<input type=radio name=gateway_def value=0 %s> %s\n",
+	$none ? "" : "checked", $text{'tunnels_sel'};
+printf "<input name=gateway size=20 value='%s'></td> </tr>\n", $_[2];
+
+local $none = $_[2] eq '' || $_[2] eq '-';
+print "<tr> <td><b>$text{'tunnels_3'}</b></td> <td valign=top>\n";
+printf "<input type=radio name=gzones_def value=1 %s> %s\n",
+	$none ? "checked" : "", $text{'tunnels_gnone'};
+printf "<input type=radio name=gzones_def value=0 %s> %s\n",
+	$none ? "" : "checked", $text{'tunnels_gsel'};
+printf "<input name=gzones size=50 value='%s'></td> </tr>\n",
+	join(" ", split(/,/, $_[3]));
+}
+
+sub tunnels_validate
+{
+$in{'gateway_def'} || &check_ip6address($in{'gateway'}) ||
+	($in{'gateway'} =~ /^(\S+)\/(\d+)$/ && &check_ip6address($1)) ||
+		&error($text{'tunnels_egateway'});
+if ($in{'type'} eq "openvpn") {
+	$in{'tport'} =~ /^\d*$/ || &error($text{'tunnels_eopenvpn'});
+	$in{'type'} .= ":".$in{'tport'} if ($in{'tport'});
+	}
+elsif ($in{'type'} eq 'generic') {
+	$in{'tport'} =~ /^\S+$/ || &error($text{'tunnels_egeneric'});
+	$in{'type'} .= ":".$in{'tport'};
+	}
+return ( $in{'type'}, $in{'zone'},
+	 $in{'gateway_def'} ? '-' : $in{'gateway'},
+	 $in{'gzones_def'} ? '-' : join(",", split(/\s+/, $in{'gzones'})) );
+}
+
+################################ hosts ##################################
+
+sub hosts_row
+{
+return ( $_[0], $_[1] =~ /^(\S+):(\S+)$/ ? ( $1, $2 ) : ( undef, undef ) );
+}
+
+@host_options = ( "maclist", "routeback" );
+if (&version_atleast(3)) {
+	push(@host_options, "norfc1918", "blacklist", "tcpflags",
+			    "nosmurfs", "ipsec");
+	}
+
+sub hosts_form
+{
+print "<tr> <td><b>$text{'hosts_0'}</b></td>\n";
+print "<td>";
+&zone_field("zone", $_[0], 0, 2);
+print "</td> </tr>\n";
+
+local ($iface, $net) = split(/:/, $_[1]);
+print "<tr> <td><b>$text{'hosts_1'}</b></td>\n";
+print "<td>";
+&iface_field("iface", $iface);
+print "</td> </tr>\n";
+
+print "<tr> <td><b>$text{'hosts_2'}</b></td>\n";
+print "<td><input name=net size=50 value='$net'></td> </tr>\n";
+
+print "<tr> <td valign=top><b>$text{'hosts_opts'}</b></td> <td>\n";
+&options_input("opts", $_[2], \@host_options);
+print "</td> </tr>\n";
+}
+
+sub hosts_validate
+{
+&check_ip6address($in{'net'}) ||
+	$in{'net'} =~ /^(\S+)\/(\d+)$/ && &check_ip6address($1) ||
+	&error($text{'hosts_enet'});
+return ( $in{'zone'}, $in{'iface'}.":".$in{'net'},
+	 join(",", split(/\0/, $in{'opts'})) );
+}
+
+################################ blacklist ##################################
+
+sub blacklist_row
+{
+return ( $_[0] eq '-' ? $text{'blacklist_any'} : $_[0],
+	 uc($_[1]) || $text{'blacklist_any'},
+	 $_[2] || $text{'blacklist_any'} );
+}
+
+@blacklist_protos = ( undef, 'tcp', 'udp', 'ipv6-icmp' );
+
+sub blacklist_form
+{
+print "<tr> <td valign=top><b>$text{'blacklist_host'}</b></td> <td colspan=3>\n";
+local ($mode, $ipset, $mac, $ip);
+if ($_[0] =~ /^\+(.*)/) {
+	$mode = 2; $ipset = $1;
+	}
+elsif ($_[0] =~ /^\~(.*)$/) {
+	$mode = 1; $mac = $1;
+	}
+elsif ($_[0] eq '-') {
+	$mode = 3;
+	}
+else {
+	$mode = 0; $ip = $_[0];
+	}
+print &ui_radio("host_def", $mode,
+    [ [ 0, &text('hosts_ip', &ui_textbox("host", $ip, 30))."<br>" ],
+      [ 1, &text('hosts_mac', &ui_textbox("mac", $mac, 30))."<br>" ],
+      [ 3, $text{'hosts_any'}."<br>" ],
+      &version_atleast(3) ?
+       ( [ 2, &text('hosts_ipset', &ui_textbox("ipset", $ipset, 15)) ] ) : ( ),
+	    ]);
+print "</td> </tr>\n";
+
+print "<tr> <td><b>$text{'blacklist_proto'}</b></td>\n";
+print "<td colspan=3><select name=proto>\n";
+$found = !$_[1];
+foreach $p (@blacklist_protos) {
+	printf "<option value='%s' %s>%s\n",
+		$p, $p eq $_[1] ? "selected" : "",
+		$p eq '' ? "&lt;$text{'list_any'}&gt;" : uc($p);
+	$found++ if ($p eq $_[1]);
+	}
+printf "<option value='*' %s>%s\n",
+	$found ? "" : "selected", $text{'list_other'};
+print "</select>\n";
+printf "<input name=pother size=5 value='%s'></td> </tr>\n",
+	$found ? "" : $_[1];
+
+print "<tr> <td><b>$text{'blacklist_ports'}</b></td>\n";
+print "<td colspan=3><input name=ports size=20 value='$_[2]'></td> </tr>\n";
+}
+
+sub blacklist_validate
+{
+local $host;
+if ($in{'host_def'} == 0) {
+	&check_ip6address($in{'host'}) ||
+		$in{'host'} =~ /^(\S+)\/(\d+)$/ && &check_ip6address($1) ||
+		&error($text{'blacklist_ehost'});
+	$host = $in{'host'};
+	}
+elsif ($in{'host_def'} == 1) {
+	$in{'mac'} =~ s/:/-/g;
+	$in{'mac'} =~ /^[0-9a-f]{2}(\-[0-9a-f]{2}){5}$/ ||
+		&error($text{'blacklist_emac'});
+	$host = "~".$in{'mac'};
+	}
+elsif ($in{'host_def'} == 2) {
+	$in{'ipset'} =~ /^\S+$/ || &error($text{'blacklist_eipset'});
+	$host = "+".$in{'ipset'};
+	}
+elsif ($in{'host_def'} == 3) {
+	$host = "-";
+	}
+local $proto;
+if ($in{'proto'} eq '*') {
+	$in{'pother'} =~ /^\d+$/ ||
+	    defined(getprotobyname($in{'pother'})) ||
+		&error($text{'blacklist_eproto'});
+	$proto = lc($in{'pother'});
+	}
+else {
+	$proto = lc($in{'proto'});
+	}
+if ($proto eq "tcp" || $proto eq "udp") {
+	$in{'ports'} =~ /^\S+$/ || &error($text{'blacklist_eports'});
+	}
+elsif ($in{'ports'}) {
+	&error($text{'blacklist_eports2'});
+	}
+return ( $host, $proto, $in{'ports'} );
+}
+
+################################ providers ##################################
+
+sub providers_row
+{
+return ( $_[0], $_[1], $_[2], $_[4], $_[5] );
+}
+
+@providers_opts = ( "track", "balance", "loose" );
+
+sub providers_form
+{
+print "<tr> <td><b>$text{'providers_name'}</b></td>\n";
+print "<td><input name=name size=20 value='$_[0]'></td>\n";
+
+print "<td><b>$text{'providers_number'}</b></td>\n";
+print "<td><input name=number size=4 value='$_[1]'></td> </tr>\n";
+
+print "<tr> <td><b>$text{'providers_iface'}</b></td>\n";
+print "<td>";
+&iface_field("iface", $_[4]);
+print "</td>\n";
+
+print "<td><b>$text{'providers_mark'}</b></td>\n";
+print "<td><input name=mark size=4 value='$_[2]'></td> </tr>\n";
+
+print "<tr> <td><b>$text{'providers_gateway'}</b></td>\n";
+print "<td><input name=gateway size=15 value='$_[5]'></td>\n";
+
+local $ddef = $_[3] eq "-" || $_[3] eq "" ? 0 : $_[3] eq "main" ? 1 : 2;
+print "<td><b>$text{'providers_dup'}</b></td>\n";
+print "<td>",&ui_radio("dup_def", $ddef,
+		[ [ 0, $text{'default'} ],
+		  [ 1, $text{'providers_main'} ],
+		  [ 2, &ui_textbox("dup", $ddef == 2 ? $_[3] : "", 5) ] ]),
+      "</td> </tr>\n";
+
+local %opts = map { $_, 1 } split(/,/, $_[6]);
+print "<tr> <td valign=top><b>$text{'providers_opts'}</b></td> <td>\n";
+foreach my $o (@providers_opts) {
+	print &ui_checkbox("opts", $o, $text{'providers_'.$o}, $opts{$o})."<br>\n";
+	delete($opts{$o});
+	}
+foreach my $o (keys %opts) {
+	print &ui_hidden("opts", $o),"\n";
+	}
+print "</td>\n";
+
+print "<td valign=top><b>$text{'providers_copy'}</b></td>\n";
+print "<td valign=top><input name=copy size=15 value='$_[7]'></td> </tr>\n";
+}
+
+sub providers_validate
+{
+$in{'name'} =~ /^\S+$/ || &error($text{'providers_ename'});
+$in{'number'} =~ /^\d+$/ || &error($text{'providers_enumber'});
+$in{'mark'} =~ /^\d+$/ || &error($text{'providers_emark'});
+$in{'dup_def'} < 2 || $in{'dup'} =~ /^\S+$/ || &error($text{'providers_edup'});
+&check_ip6address($in{'gateway'}) || &error($text{'providers_egateway'});
+return ( $in{'name'}, $in{'number'}, $in{'mark'},
+	 $in{'dup_def'} == 0 ? '-' : $in{'dup_def'} == 1 ? 'main' : $in{'dup'},
+	 $in{'iface'}, $in{'gateway'},
+	 join(",", split(/\0/, $in{'opts'})) || "-",
+	 $in{'copy'} || "-" );
+}
+
+################################ shorewall6.conf ##################################
+
+sub conf_form
+{
+    local ($msg1, $msg2, $msg3, $field1, $field2, $field3, $dummy) = @_;
+
+    $field1 =~ s/"/&#34;/g;
+    print "<tr><td><b>$msg1</b></td>\n";
+    print "<td><input name=var size=50 value=\"$field1\"></td></tr>\n";
+
+    $field2 =~ s/"/&#34;/g;
+    print "<tr><td><b>$msg2</b></td>\n";
+    print "<td><input name=val size=50 value=\"$field2\"></td></tr>\n";
+
+    $field3 =~ s/"/&#34;/g;
+    print "<tr><td><b>$msg3</b></td>\n";
+    print "<td><input name=comment size=50 value=\"$field3\"></td></tr>\n";
+
+    print "</td></tr>\n";
+}
+
+################################ shorewall6.conf ##################################
+
+sub shorewall6_conf_columns
+{
+    return 3;
+}
+
+sub shorewall6_conf_form
+{
+    &conf_form($text{'shorewall6_conf_0'}, $text{'shorewall6_conf_1'}, $text{'shorewall6_conf_2'}, @_);
+}
+
+sub shorewall6_conf_validate
+{
+    &error($text{'shorewall6_conf_varname'}) unless $in{'var'} =~ /^\w+$/;
+    local $comment = "";
+    $comment = "\t# ".$in{'comment'} if (exists $in{'comment'} and $in{'comment'} ne "");
+    return ($in{'var'}.'='.$in{'val'}.$comment);
+}
+
+################################ params ##################################
+
+sub params_columns
+{
+    return 3;
+}
+
+sub params_form
+{
+    &conf_form($text{'params_0'}, $text{'params_1'}, $text{'params_2'}, @_);
+}
+
+sub params_validate
+{
+    &error($text{'params_varname'}) unless $in{'var'} =~ /^\w+$/;
+    local $comment = "";
+    $comment = "\t# ".$in{'comment'} if (exists $in{'comment'} and $in{'comment'} ne "");
+    return ($in{'var'}.'='.$in{'val'}.$comment);
+}
+
+
+#############################################################################
+
+# can_access(file)
+sub can_access
+{
+if ($access{'files'} eq '*') {
+	return 1;
+	}
+else {
+	local @acc = split(/\s+/, $access{'files'});
+	return &indexof($_[0], @acc) >= 0;
+	}
+}
+
+# run_before_apply_command()
+# Runs the before-applying command, if any. If it failes, returns the error
+# message output
+sub run_before_apply_command
+{
+if ($config{'before_apply_cmd'}) {
+	local $out = &backquote_logged("($config{'before_apply_cmd'}) </dev/null 2>&1");
+	return $out if ($?);
+	}
+return undef;
+}
+
+# run_after_apply_command()
+# Runs the after-applying command, if any
+sub run_after_apply_command
+{
+if ($config{'after_apply_cmd'}) {
+	&system_logged("($config{'after_apply_cmd'}) </dev/null >/dev/null 2>&1");
+	}
+}
+
+# list_standard_actions()
+# Returns a list of standard Shorewall actions
+sub list_standard_actions
+{
+local @rv;
+foreach my $a (split(/\t+/, $config{'actions'})) {
+	open(ACTIONS, $a);
+	while(<ACTIONS>) {
+		s/\r|\n//g;
+		s/#.*$//;
+		s/\s+$//;
+		if (/\S/) {
+			push(@rv, $_);
+			}
+		}
+	close(ACTIONS);
+	}
+if (&version_atleast(3)) {
+	# Add built-in actions
+	push(@rv, "allowBcast", "dropBcast", "dropNotSyn", "rejNotSyn",
+		  "dropInvalid", "allowInvalid", "allowoutUPnP", "allowinUPnP",
+		  "forwardUPnP");
+	}
+return &unique(@rv);
+}
+
+# list_standard_macros()
+# Returns a list of all macro. actions
+sub list_standard_macros
+{
+local @rv;
+foreach my $a ($config{'config_dir'}, $config{'macros'}) {
+	opendir(DIR, $a);
+	foreach my $f (readdir(DIR)) {
+		push(@rv, $1) if ($f =~ /^macro\.(.*)$/);
+		}
+	closedir(DIR);
+	}
+return &unique(@rv);
+}
+
+$BETA_STR = "-Beta";
+$BETA_NUM = "\.0000\.";
+
+# get_shorewall6_version(nocache)
+sub get_shorewall6_version
+{
+local ($nocache) = @_;
+local $version;
+if (!$nocache && open(VERSION, "$module_config_directory/version")) {
+	chop($version = <VERSION>);
+	close(VERSION);
+	}
+if (!$version) {
+	local $out = `$config{'shorewall6'} version 2>&1`;
+	$out =~ s/\r//g;
+	$out =~ s/$BETA_STR/$BETA_NUM/i;		# Convert beta string to version number.
+	if ($out =~ /(\n|^)([0-9\.]+)\n/) {
+		$version = $2;
+		}
+	}
+return $version;
+}
+
+sub get_printable_version($)
+{
+	local $out = $_[0];
+	$out =~ s/$BETA_NUM/$BETA_STR/i;		# Convert version number back to string.
+	return $out;
+}
+
+sub list_protocols
+{
+local @stdprotos = ( 'tcp', 'udp', 'ipv6-icmp' );
+local @otherprotos;
+open(PROTOS, "/etc/protocols");
+while(<PROTOS>) {
+	s/\r|\n//g;
+	s/#.*$//;
+	push(@otherprotos, $1) if (/^(\S+)\s+(\d+)/);
+	}
+close(PROTOS);
+@otherprotos = sort { lc($a) cmp lc($b) } @otherprotos;
+return &unique(@stdprotos, @otherprotos);
+}
+
+# options_input(name, value, &opts)
+sub options_input
+{
+local ($name, $value, $opts) = @_;
+local %opts = map { $_, 1 } split(/,/, $value);
+print "<table width=100%>\n";
+local $i = 0;
+foreach my $o (@$opts) {
+	print "<tr>\n" if ($i%3 == 0);
+	printf "<td><input type=checkbox name=$name value=%s %s> %s</td>\n",
+		$o, $opts{$o} ? "checked" : "", $text{'opts_'.$o} || $o;
+	print "</tr>\n" if ($i%3 == 2);
+	delete($opts{$o});
+	$i++;
+	}
+foreach $o (keys %opts) {
+	print "<input type=hidden name=opts value=$o>\n";
+	}
+print "</table>\n";
+}
+
+1;
+
diff --git a/shorewall6/start.cgi b/shorewall6/start.cgi
new file mode 100755
index 000000000..653f6a64f
--- /dev/null
+++ b/shorewall6/start.cgi
@@ -0,0 +1,21 @@
+#!/usr/bin/perl
+# start.cgi
+# Make the firewall active
+
+require './shorewall6-lib.pl';
+if ($access{'nochange'}) {
+  &redirect("/");
+  exit 0;
+}
+
+&error_setup($text{'start_err'});
+$err = &run_before_apply_command();
+&error($err) if ($err);
+$out = &backquote_logged("$config{'shorewall6'} start 2>&1");
+if ($?) {
+	&error("<pre>$out</pre>");
+	}
+$err = &run_after_apply_command();
+&webmin_log("start");
+&redirect("");
+
diff --git a/shorewall6/status.cgi b/shorewall6/status.cgi
new file mode 100755
index 000000000..c3c028bd1
--- /dev/null
+++ b/shorewall6/status.cgi
@@ -0,0 +1,15 @@
+#!/usr/bin/perl
+# status.cgi
+# Show the status
+
+require './shorewall6-lib.pl';
+&ui_print_header(undef, $text{'status_title'}, "");
+print "<font size=-1><pre>";
+open(STATUS, "$config{'shorewall6'} status 2>&1 |");
+while(<STATUS>) {
+	print &html_escape($_);
+	}
+close(STATUS);
+print "</pre></font>\n";
+&ui_print_footer("", $text{'index_return'});
+
diff --git a/shorewall6/stop.cgi b/shorewall6/stop.cgi
new file mode 100755
index 000000000..1b1a8083c
--- /dev/null
+++ b/shorewall6/stop.cgi
@@ -0,0 +1,18 @@
+#!/usr/bin/perl
+# stop.cgi
+# Shut down the firewall
+
+require './shorewall6-lib.pl';
+if ($access{'nochange'}) {
+  &redirect("/");
+  exit 0;
+}
+
+&error_setup($text{'stop_err'});
+$out = &backquote_logged("$config{'shorewall6'} stop 2>&1");
+if ($?) {
+	&error("<pre>$out</pre>");
+	}
+&webmin_log("stop");
+&redirect("");
+
diff --git a/shorewall6/up.cgi b/shorewall6/up.cgi
new file mode 100755
index 000000000..cae569a82
--- /dev/null
+++ b/shorewall6/up.cgi
@@ -0,0 +1,14 @@
+#!/usr/bin/perl
+# up.cgi
+# Move a row in a table up
+
+require './shorewall6-lib.pl';
+&ReadParse();
+&can_access($in{'table'}) || &error($text{'list_ecannot'});
+$pfunc = &get_parser_func(\%in);
+&lock_table($in{'table'});
+&swap_table_rows($in{'table'}, $pfunc, $in{'idx'}, $in{'idx'}-1);
+&unlock_table($in{'table'});
+&webmin_log('up', 'table', $in{'table'});
+&redirect("list.cgi?table=$in{'table'}");
+