diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/cli.rst | 3 | ||||
| -rw-r--r-- | docs/configexamples/zone-policy.rst | 8 | ||||
| -rw-r--r-- | docs/configuration/firewall/bridge.rst | 8 | ||||
| -rw-r--r-- | docs/configuration/firewall/ipv4.rst | 8 | ||||
| -rw-r--r-- | docs/configuration/firewall/ipv6.rst | 10 | ||||
| -rw-r--r-- | docs/configuration/policy/route.rst | 6 | ||||
| -rw-r--r-- | docs/configuration/service/ntp.rst | 8 | ||||
| -rw-r--r-- | docs/configuration/service/pppoe-server.rst | 1 |
8 files changed, 27 insertions, 25 deletions
diff --git a/docs/cli.rst b/docs/cli.rst index 884971da..79501c66 100644 --- a/docs/cli.rst +++ b/docs/cli.rst @@ -872,6 +872,9 @@ be ``config.boot-hostname.YYYYMMDD_HHMMSS``. * ``tftp://<host>/<dir>`` * ``git+https://<user>:<passwd>@<host>/<path>`` + Since username and password are part of the URI, they need to be + properly url encoded if containing special characters. + .. note:: The number of revisions don't affect the commit-archive. .. note:: You may find VyOS not allowing the secure connection because diff --git a/docs/configexamples/zone-policy.rst b/docs/configexamples/zone-policy.rst index 6658f2b1..95648e7a 100644 --- a/docs/configexamples/zone-policy.rst +++ b/docs/configexamples/zone-policy.rst @@ -145,7 +145,7 @@ To add logging to the default rule, do: .. code-block:: none - set firewall name <ruleSet> enable-default-log + set firewall name <ruleSet> default-log By default, iptables does not allow traffic for established sessions to @@ -251,7 +251,7 @@ Since we have 4 zones, we need to setup the following rulesets. Dmz-local Even if the two zones will never communicate, it is a good idea to -create the zone-pair-direction rulesets and set enable-default-log. This +create the zone-pair-direction rulesets and set default-log. This will allow you to log attempts to access the networks. Without it, you will never see the connection attempts. @@ -261,7 +261,7 @@ This is an example of the three base rules. name wan-lan { default-action drop - enable-default-log + default-log rule 1 { action accept state { @@ -285,7 +285,7 @@ Here is an example of an IPv6 DMZ-WAN ruleset. ipv6-name dmz-wan-6 { default-action drop - enable-default-log + default-log rule 1 { action accept state { diff --git a/docs/configuration/firewall/bridge.rst b/docs/configuration/firewall/bridge.rst index bcde7beb..f84fd456 100644 --- a/docs/configuration/firewall/bridge.rst +++ b/docs/configuration/firewall/bridge.rst @@ -157,8 +157,8 @@ log options can be defined. Enable logging for the matched packet. If this configuration command is not present, then log is not enabled. -.. cfgcmd:: set firewall bridge forward filter enable-default-log -.. cfgcmd:: set firewall bridge name <name> enable-default-log +.. cfgcmd:: set firewall bridge forward filter default-log +.. cfgcmd:: set firewall bridge name <name> default-log Use this command to enable the logging of the default action on the specified chain. @@ -325,7 +325,7 @@ Configuration example: .. code-block:: none set firewall bridge forward filter default-action 'drop' - set firewall bridge forward filter enable-default-log + set firewall bridge forward filter default-log set firewall bridge forward filter rule 10 action 'continue' set firewall bridge forward filter rule 10 inbound-interface name 'eth2' set firewall bridge forward filter rule 10 vlan id '22' @@ -341,7 +341,7 @@ Configuration example: set firewall bridge forward filter rule 40 destination mac-address '66:55:44:33:22:11' set firewall bridge forward filter rule 40 source mac-address '11:22:33:44:55:66' set firewall bridge name TEST default-action 'accept' - set firewall bridge name TEST enable-default-log + set firewall bridge name TEST default-log set firewall bridge name TEST rule 10 action 'continue' set firewall bridge name TEST rule 10 log set firewall bridge name TEST rule 10 vlan priority '0' diff --git a/docs/configuration/firewall/ipv4.rst b/docs/configuration/firewall/ipv4.rst index 5544ea95..a9459f00 100644 --- a/docs/configuration/firewall/ipv4.rst +++ b/docs/configuration/firewall/ipv4.rst @@ -206,10 +206,10 @@ log options can be defined. Enable logging for the matched packet. If this configuration command is not present, then log is not enabled. -.. cfgcmd:: set firewall ipv4 forward filter enable-default-log -.. cfgcmd:: set firewall ipv4 input filter enable-default-log -.. cfgcmd:: set firewall ipv4 output filter enable-default-log -.. cfgcmd:: set firewall ipv4 name <name> enable-default-log +.. cfgcmd:: set firewall ipv4 forward filter default-log +.. cfgcmd:: set firewall ipv4 input filter default-log +.. cfgcmd:: set firewall ipv4 output filter default-log +.. cfgcmd:: set firewall ipv4 name <name> default-log Use this command to enable the logging of the default action on the specified chain. diff --git a/docs/configuration/firewall/ipv6.rst b/docs/configuration/firewall/ipv6.rst index 236bdead..4b695f74 100644 --- a/docs/configuration/firewall/ipv6.rst +++ b/docs/configuration/firewall/ipv6.rst @@ -206,10 +206,10 @@ log options can be defined. Enable logging for the matched packet. If this configuration command is not present, then log is not enabled. -.. cfgcmd:: set firewall ipv6 forward filter enable-default-log -.. cfgcmd:: set firewall ipv6 input filter enable-default-log -.. cfgcmd:: set firewall ipv6 output filter enable-default-log -.. cfgcmd:: set firewall ipv6 name <name> enable-default-log +.. cfgcmd:: set firewall ipv6 forward filter default-log +.. cfgcmd:: set firewall ipv6 input filter default-log +.. cfgcmd:: set firewall ipv6 output filter default-log +.. cfgcmd:: set firewall ipv6 name <name> default-log Use this command to enable the logging of the default action on the specified chain. @@ -1177,7 +1177,7 @@ Example Partial Config } name INP-ETH1 { default-action drop - enable-default-log + default-log rule 10 { action accept protocol tcp_udp diff --git a/docs/configuration/policy/route.rst b/docs/configuration/policy/route.rst index 1a85ffc6..45975774 100644 --- a/docs/configuration/policy/route.rst +++ b/docs/configuration/policy/route.rst @@ -19,8 +19,8 @@ from 1 - 999999, at the first match the action of the rule will be executed. Provide a rule-set description. -.. cfgcmd:: set policy route <name> enable-default-log -.. cfgcmd:: set policy route6 <name> enable-default-log +.. cfgcmd:: set policy route <name> default-log +.. cfgcmd:: set policy route6 <name> default-log Option to log packets hitting default-action. @@ -271,4 +271,4 @@ setting a different routing table. .. cfgcmd:: set policy route <name> rule <n> set tcp-mss <500-1460> .. cfgcmd:: set policy route6 <name> rule <n> set tcp-mss <500-1460> - Set packet modifications: Explicitly set TCP Maximum segment size value.
\ No newline at end of file + Set packet modifications: Explicitly set TCP Maximum segment size value. diff --git a/docs/configuration/service/ntp.rst b/docs/configuration/service/ntp.rst index e7ee392b..266376cf 100644 --- a/docs/configuration/service/ntp.rst +++ b/docs/configuration/service/ntp.rst @@ -46,9 +46,9 @@ Configuration There are 3 default NTP server set. You are able to change them. - * ``0.pool.ntp.org`` - * ``1.pool.ntp.org`` - * ``2.pool.ntp.org`` + * ``time1.vyos.net`` + * ``time2.vyos.net`` + * ``time3.vyos.net`` .. cfgcmd:: set service ntp server <address> <noselect | nts | pool | prefer> @@ -85,7 +85,7 @@ Configuration .. cfgcmd:: set service ntp leap-second [ignore|smear|system|timezone] - Define how to handle leaf-seonds. + Define how to handle leap-seconds. * `ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are diff --git a/docs/configuration/service/pppoe-server.rst b/docs/configuration/service/pppoe-server.rst index b00d941f..d9a16036 100644 --- a/docs/configuration/service/pppoe-server.rst +++ b/docs/configuration/service/pppoe-server.rst @@ -24,7 +24,6 @@ Configuring PPPoE Server set service pppoe-server authentication local-users username test password 'test' set service pppoe-server client-ip-pool PPPOE-POOL range 192.168.255.2-192.168.255.254 set service pppoe-server default-pool 'PPPOE-POOL' - set service pppoe-server outside-address 192.0.2.2 set service pppoe-server gateway-address 192.168.255.1 set service pppoe-server interface eth0 |