summaryrefslogtreecommitdiff
path: root/docs/configuration/firewall
diff options
context:
space:
mode:
authorRobert Göhler <github@ghlr.de>2021-10-11 21:37:16 +0200
committerGitHub <noreply@github.com>2021-10-11 21:37:16 +0200
commit11153db2f17d511434fc352fa0ed7f282384cdea (patch)
treefe84034a5536788fa65c946665dfb1768bf8667f /docs/configuration/firewall
parent175911b7d435454bed806bc0c51ede8ee77e2fa1 (diff)
parentfa911b95f05c693a53ec9373020e19444dca6a62 (diff)
downloadvyos-documentation-11153db2f17d511434fc352fa0ed7f282384cdea.tar.gz
vyos-documentation-11153db2f17d511434fc352fa0ed7f282384cdea.zip
Merge pull request #630 from showipintbri/patch-6
Update index.rst
Diffstat (limited to 'docs/configuration/firewall')
-rw-r--r--docs/configuration/firewall/index.rst6
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index b4a884f0..c5be158f 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -490,6 +490,12 @@ Applying a Rule-Set to a Zone
Before you are able to apply a rule-set to a zone you have to create the zones
first.
+It helps to think of the syntax as: (see below). The 'rule-set' should be
+written from the perspective of: *Source Zone*-to->*Destination Zone*
+
+.. cfgcmd:: set zone-policy zone <Destination Zone> from <Source Zone>
+ firewall name <rule-set>
+
.. cfgcmd:: set zone-policy zone <name> from <name> firewall name
<rule-set>
.. cfgcmd:: set zone-policy zone <name> from <name> firewall ipv6-name