summaryrefslogtreecommitdiff
path: root/docs/configuration/firewall/zone.rst
diff options
context:
space:
mode:
authorrebortg <github@ghlr.de>2023-09-12 22:16:59 +0200
committerrebortg <github@ghlr.de>2023-09-12 22:16:59 +0200
commit686a2597f4b1b23a36792bca261d4f901024960e (patch)
tree6f5fe07949eecce2c2644c830befe9f879437493 /docs/configuration/firewall/zone.rst
parent975df767347a2d6abe2c789824250a8e2fcbd3eb (diff)
parent4533a8f8ff1639a50b30f031cea8270bcf04e3ed (diff)
downloadvyos-documentation-686a2597f4b1b23a36792bca261d4f901024960e.tar.gz
vyos-documentation-686a2597f4b1b23a36792bca261d4f901024960e.zip
Merge branch 'master' of github.com:vyos/vyos-documentation
Diffstat (limited to 'docs/configuration/firewall/zone.rst')
-rw-r--r--docs/configuration/firewall/zone.rst21
1 files changed, 16 insertions, 5 deletions
diff --git a/docs/configuration/firewall/zone.rst b/docs/configuration/firewall/zone.rst
index 403de912..70ad7b65 100644
--- a/docs/configuration/firewall/zone.rst
+++ b/docs/configuration/firewall/zone.rst
@@ -6,13 +6,24 @@
Zone Based Firewall
###################
-.. note:: **Important note:**
- This documentation is valid only for VyOS Sagitta prior to
- 1.4-rolling-YYYYMMDDHHmm
+.. note:: Starting from VyOS 1.4-rolling-202308040557, a new firewall
+ structure can be found on all vyos instalations, and zone based firewall is
+ no longer supported. Documentation for most of the new firewall CLI can be
+ found in the `firewall
+ <https://docs.vyos.io/en/latest/configuration/firewall/general.html>`_
+ chapter. The legacy firewall is still available for versions before
+ 1.4-rolling-202308040557 and can be found in the :ref:`firewall-legacy`
+ chapter. The examples in this section use the legacy firewall configuration
+ commands, since this feature has been removed in earlier releases.
+
+.. note:: For latest releases, refer the `firewall
+ <https://docs.vyos.io/en/latest/configuration/firewall/general.html#interface-groups>`_
+ main page to configure zone based rules. New syntax was introduced here
+ :vytask:`T5160`
In zone-based policy, interfaces are assigned to zones, and inspection policy
is applied to traffic moving between the zones and acted on according to
-firewall rules. A Zone is a group of interfaces that have similar functions or
+firewall rules. A zone is a group of interfaces that have similar functions or
features. It establishes the security borders of a network. A zone defines a
boundary where traffic is subjected to policy restrictions as it crosses to
another region of a network.
@@ -40,7 +51,7 @@ firewall can be created to simplify configuration when multiple interfaces
belong to the same security zone. Instead of applying rule-sets to interfaces,
they are applied to source zone-destination zone pairs.
-An basic introduction to zone-based firewalls can be found `here
+A basic introduction to zone-based firewalls can be found `here
<https://support.vyos.io/en/kb/articles/a-primer-to-zone-based-firewall>`_,
and an example at :ref:`examples-zone-policy`.