diff options
author | Christian Breunig <christian@breunig.cc> | 2024-05-10 14:22:44 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-05-10 14:22:44 +0200 |
commit | 6a604b7beb7b53bd89140c13bd7bcfe1a583d9f0 (patch) | |
tree | 97fbfb77c04e94e503f148f0c6664e4c7bd77fde /docs/configuration/firewall/ipv4.rst | |
parent | 4d29fbc73b72db3efc239175f95230cc3d83d20d (diff) | |
parent | dab2e1af9de9dd2a862881cb9442c6436b5008c3 (diff) | |
download | vyos-documentation-6a604b7beb7b53bd89140c13bd7bcfe1a583d9f0.tar.gz vyos-documentation-6a604b7beb7b53bd89140c13bd7bcfe1a583d9f0.zip |
Merge pull request #1439 from vyos/mergify/bp/sagitta/pr-1437
firewall: T5729: remove obsolete enable and correct interface name (backport #1437)
Diffstat (limited to 'docs/configuration/firewall/ipv4.rst')
-rw-r--r-- | docs/configuration/firewall/ipv4.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst index 840c522e..b5a087a7 100644 --- a/docs/configuration/firewall/ipv4.rst +++ b/docs/configuration/firewall/ipv4.rst @@ -820,13 +820,13 @@ geoip) to keep database and rules updated. set firewall ipv4 input filter rule 13 tcp flags not 'fin' .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999> - state [established | invalid | new | related] [enable | disable] + state [established | invalid | new | related] .. cfgcmd:: set firewall ipv4 input filter rule <1-999999> - state [established | invalid | new | related] [enable | disable] + state [established | invalid | new | related] .. cfgcmd:: set firewall ipv4 output filter rule <1-999999> - state [established | invalid | new | related] [enable | disable] + state [established | invalid | new | related] .. cfgcmd:: set firewall ipv4 name <name> rule <1-999999> - state [established | invalid | new | related] [enable | disable] + state [established | invalid | new | related] Match against the state of a packet. @@ -965,12 +965,12 @@ Requirements to enable synproxy: set firewall global-options syn-cookies 'enable' set firewall ipv4 input filter rule 10 action 'synproxy' set firewall ipv4 input filter rule 10 destination port '8080' - set firewall ipv4 input filter rule 10 inbound-interface interface-name 'eth1' + set firewall ipv4 input filter rule 10 inbound-interface name 'eth1' set firewall ipv4 input filter rule 10 protocol 'tcp' set firewall ipv4 input filter rule 10 synproxy tcp mss '1460' set firewall ipv4 input filter rule 10 synproxy tcp window-scale '7' set firewall ipv4 input filter rule 1000 action 'drop' - set firewall ipv4 input filter rule 1000 state invalid 'enable' + set firewall ipv4 input filter rule 1000 state invalid *********************** |