From 1e8c862c55493799b51482cdc9d9eb8323784bff Mon Sep 17 00:00:00 2001 From: Nick Anderegg Date: Tue, 12 Sep 2023 21:36:25 -0400 Subject: chore: fix formatting and add linter comments --- docs/configuration/firewall/general-legacy.rst | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'docs/configuration/firewall/general-legacy.rst') diff --git a/docs/configuration/firewall/general-legacy.rst b/docs/configuration/firewall/general-legacy.rst index 783f655e..041dd8aa 100644 --- a/docs/configuration/firewall/general-legacy.rst +++ b/docs/configuration/firewall/general-legacy.rst @@ -424,11 +424,13 @@ There are a lot of matching criteria against which the package can be tested. An arbitrary netmask can be applied to mask addresses to only match against a specific portion. This is particularly useful with IPv6 and a zone-based firewall as rules will remain valid if the IPv6 prefix changes and the host - portion of systems IPv6 address is static (for example, with SLAAC or `tokenised IPv6 addresses - `_) + portion of systems IPv6 address is static (for example, with SLAAC or + `tokenised IPv6 addresses + `_). This functions for both individual addresses and address groups. + .. stop_vyoslinter .. code-block:: none # Match any IPv6 address with the suffix ::0000:0000:0000:beef @@ -442,6 +444,7 @@ There are a lot of matching criteria against which the package can be tested. set firewall group ipv6-address-group WEBSERVERS address ::2000 set firewall name WAN-LAN-v6 rule 200 source group address-group WEBSERVERS set firewall name WAN-LAN-v6 rule 200 source address-mask ::ffff:ffff:ffff:ffff + .. start_vyoslinter .. cfgcmd:: set firewall name rule <1-999999> source fqdn .. cfgcmd:: set firewall name rule <1-999999> destination fqdn -- cgit v1.2.3