diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-12-23 08:24:04 -0300 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-12-23 08:24:04 -0300 |
commit | 768cae5fab16adbcc74c9dff0e321381bc294029 (patch) | |
tree | 85c43cc87d0cd0b4b314da164a366df71936e2dd /docs/configuration | |
parent | aade883e244075b3ac6678b64c9da7929e74192a (diff) | |
download | vyos-documentation-768cae5fab16adbcc74c9dff0e321381bc294029.tar.gz vyos-documentation-768cae5fab16adbcc74c9dff0e321381bc294029.zip |
T4886: Add connection-mark information to firewall and policy docs.
Diffstat (limited to 'docs/configuration')
-rw-r--r-- | docs/configuration/firewall/general.rst | 7 | ||||
-rw-r--r-- | docs/configuration/policy/route.rst | 16 |
2 files changed, 21 insertions, 2 deletions
diff --git a/docs/configuration/firewall/general.rst b/docs/configuration/firewall/general.rst index dc087018..f2e01e03 100644 --- a/docs/configuration/firewall/general.rst +++ b/docs/configuration/firewall/general.rst @@ -345,6 +345,13 @@ There are a lot of matching criteria against which the package can be tested. Match criteria based on nat connection status. +.. cfgcmd:: set firewall name <name> rule <1-999999> connection-mark + <1-2147483647> +.. cfgcmd:: set firewall ipv6-name <name> rule <1-999999> connection-mark + <1-2147483647> + + Match criteria based on connection mark. + .. cfgcmd:: set firewall name <name> rule <1-999999> source address [address | addressrange | CIDR] .. cfgcmd:: set firewall name <name> rule <1-999999> destination address diff --git a/docs/configuration/policy/route.rst b/docs/configuration/policy/route.rst index 6f60bc36..a6330c57 100644 --- a/docs/configuration/policy/route.rst +++ b/docs/configuration/policy/route.rst @@ -41,6 +41,11 @@ There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section. +.. cfgcmd:: set policy route <name> rule <n> connection-mark <1-2147483647> +.. cfgcmd:: set policy route6 <name> rule <n> connection-mark <1-2147483647> + + Set match criteria based on connection mark. + .. cfgcmd:: set policy route <name> rule <n> source address <match_criteria> .. cfgcmd:: set policy route <name> rule <n> destination address @@ -226,6 +231,13 @@ setting a different routing table. Set rule action to drop. +.. cfgcmd:: set policy route <name> rule <n> set connection-mark + <1-2147483647> +.. cfgcmd:: set policy route6 <name> rule <n> set connection-mark + <1-2147483647> + + Set a specific connection mark. + .. cfgcmd:: set policy route <name> rule <n> set dscp <0-63> .. cfgcmd:: set policy route6 <name> rule <n> set dscp <0-63> @@ -234,12 +246,12 @@ setting a different routing table. .. cfgcmd:: set policy route <name> rule <n> set mark <1-2147483647> .. cfgcmd:: set policy route6 <name> rule <n> set mark <1-2147483647> - Set packet modifications: Packet marking + Set a specific packet mark. .. cfgcmd:: set policy route <name> rule <n> set table <main | 1-200> .. cfgcmd:: set policy route6 <name> rule <n> set table <main | 1-200> - Set packet modifications: Routing table to forward packet with. + Set the routing table to forward packet with. .. cfgcmd:: set policy route <name> rule <n> set tcp-mss <500-1460> .. cfgcmd:: set policy route6 <name> rule <n> set tcp-mss <500-1460> |