summaryrefslogtreecommitdiff
path: root/docs/configuration/firewall/index.rst
diff options
context:
space:
mode:
authorRobert Göhler <github@ghlr.de>2023-04-25 11:50:30 +0200
committerGitHub <noreply@github.com>2023-04-25 11:50:30 +0200
commitaafa7993f3df776ee51d97d0857cb6bb6cb4b843 (patch)
treeb7b227572d4fe857cd505c76277b7519a071d067 /docs/configuration/firewall/index.rst
parentacd3cecea5f5f112625c50dc1389b231e831b936 (diff)
parent6e1189cead232b8d720a39882469fd2c368c8dcc (diff)
downloadvyos-documentation-aafa7993f3df776ee51d97d0857cb6bb6cb4b843.tar.gz
vyos-documentation-aafa7993f3df776ee51d97d0857cb6bb6cb4b843.zip
Merge pull request #993 from systeembeheerder/patch-1
Update index.rst
Diffstat (limited to 'docs/configuration/firewall/index.rst')
-rw-r--r--docs/configuration/firewall/index.rst6
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index c2e584a3..ef41f198 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -357,7 +357,11 @@ There are a lot of matching criteria against which the package can be tested.
.. cfgcmd:: set firewall ipv6-name <name> rule <1-999999> destination group
address-group <name>
- Use a specific address-group
+ Use a specific address-group. Thes can also be "negated" using '!'. For Example
+
+ .. code-block:: none
+
+ set firewall name WAN-IN-v4 rule 20 source group address-group '!TRUSTED-HOSTS'
.. cfgcmd:: set firewall name <name> rule <1-999999> source group
network-group <name>