summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorNicolas Vollmar <nvollmar@gmail.com>2024-05-10 14:19:25 +0200
committerGitHub <noreply@github.com>2024-05-10 14:19:25 +0200
commita2c982709a765a007926e7af3c0d4e55310ab3b9 (patch)
tree321a61be8d09e8b0ae37d669bd0bbaba69e06a53 /docs
parent4417661f38238f5b0c2ef78a3e5c32ea2f5f1387 (diff)
downloadvyos-documentation-a2c982709a765a007926e7af3c0d4e55310ab3b9.tar.gz
vyos-documentation-a2c982709a765a007926e7af3c0d4e55310ab3b9.zip
firewall: T5729: remove obsolete enable and correct interface name
Diffstat (limited to 'docs')
-rw-r--r--docs/configuration/firewall/ipv4.rst12
-rw-r--r--docs/configuration/firewall/ipv6.rst12
2 files changed, 12 insertions, 12 deletions
diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst
index e19ae1bd..cbd8df31 100644
--- a/docs/configuration/firewall/ipv4.rst
+++ b/docs/configuration/firewall/ipv4.rst
@@ -864,13 +864,13 @@ geoip) to keep database and rules updated.
set firewall ipv4 input filter rule 13 tcp flags not 'fin'
.. cfgcmd:: set firewall ipv4 forward filter rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
.. cfgcmd:: set firewall ipv4 input filter rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
.. cfgcmd:: set firewall ipv4 output filter rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
.. cfgcmd:: set firewall ipv4 name <name> rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
Match against the state of a packet.
@@ -985,12 +985,12 @@ Requirements to enable synproxy:
set firewall global-options syn-cookies 'enable'
set firewall ipv4 input filter rule 10 action 'synproxy'
set firewall ipv4 input filter rule 10 destination port '8080'
- set firewall ipv4 input filter rule 10 inbound-interface interface-name 'eth1'
+ set firewall ipv4 input filter rule 10 inbound-interface name 'eth1'
set firewall ipv4 input filter rule 10 protocol 'tcp'
set firewall ipv4 input filter rule 10 synproxy tcp mss '1460'
set firewall ipv4 input filter rule 10 synproxy tcp window-scale '7'
set firewall ipv4 input filter rule 1000 action 'drop'
- set firewall ipv4 input filter rule 1000 state invalid 'enable'
+ set firewall ipv4 input filter rule 1000 state invalid
***********************
diff --git a/docs/configuration/firewall/ipv6.rst b/docs/configuration/firewall/ipv6.rst
index 28b57e72..e81e7c62 100644
--- a/docs/configuration/firewall/ipv6.rst
+++ b/docs/configuration/firewall/ipv6.rst
@@ -850,13 +850,13 @@ geoip) to keep database and rules updated.
set firewall ipv6 input filter rule 13 tcp flags not 'fin'
.. cfgcmd:: set firewall ipv6 forward filter rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
.. cfgcmd:: set firewall ipv6 input filter rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
.. cfgcmd:: set firewall ipv6 output filter rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
.. cfgcmd:: set firewall ipv6 name <name> rule <1-999999>
- state [established | invalid | new | related] [enable | disable]
+ state [established | invalid | new | related]
Match against the state of a packet.
@@ -971,12 +971,12 @@ Requirements to enable synproxy:
set firewall global-options syn-cookies 'enable'
set firewall ipv6 input filter rule 10 action 'synproxy'
set firewall ipv6 input filter rule 10 destination port '8080'
- set firewall ipv6 input filter rule 10 inbound-interface interface-name 'eth1'
+ set firewall ipv6 input filter rule 10 inbound-interface name 'eth1'
set firewall ipv6 input filter rule 10 protocol 'tcp'
set firewall ipv6 input filter rule 10 synproxy tcp mss '1460'
set firewall ipv6 input filter rule 10 synproxy tcp window-scale '7'
set firewall ipv6 input filter rule 1000 action 'drop'
- set firewall ipv6 input filter rule 1000 state invalid 'enable'
+ set firewall ipv6 input filter rule 1000 state invalid
***********************
Operation-mode Firewall