Firewall: add documentation for dynamic firewall groups.

1 files changed, 21 insertions, 0 deletions

diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst
index a9459f00..e19ae1bd 100644
--- a/docs/configuration/firewall/ipv4.rst
+++ b/docs/configuration/firewall/ipv4.rst
@@ -539,6 +539,27 @@ geoip) to keep database and rules updated.
    criteria.
 
 .. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
+   source group dynamic-address-group <name | !name>
+.. cfgcmd:: set firewall ipv4 input filter rule <1-999999>
+   source group dynamic-address-group <name | !name>
+.. cfgcmd:: set firewall ipv4 output filter rule <1-999999>
+   source group dynamic-address-group <name | !name>
+.. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
+   source group dynamic-address-group <name | !name>
+
+.. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
+   destination group dynamic-address-group <name | !name>
+.. cfgcmd:: set firewall ipv4 input filter rule <1-999999>
+   destination group dynamic-address-group <name | !name>
+.. cfgcmd:: set firewall ipv4 output filter rule <1-999999>
+   destination group dynamic-address-group <name | !name>
+.. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
+   destination group dynamic-address-group <name | !name>
+
+   Use a specific dynamic-address-group. Prepend character ``!`` for inverted
+   matching criteria.
+
+.. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
    source group network-group <name | !name>
 .. cfgcmd:: set firewall ipv4 input filter rule <1-999999>
    source group network-group <name | !name>