From db58a8d8f3c8e6f6036307573416108018a8e95a Mon Sep 17 00:00:00 2001
From: Remi <remi@diekos.nl>
Date: Mon, 11 Jul 2022 19:36:09 +0200
Subject: Firewall: Added 'recent' matching criteria

---
 docs/configuration/firewall/index.rst | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'docs/configuration')

diff --git a/docs/configuration/firewall/index.rst b/docs/configuration/firewall/index.rst
index 92f2da8d..a9fb3c93 100644
--- a/docs/configuration/firewall/index.rst
+++ b/docs/configuration/firewall/index.rst
@@ -417,6 +417,15 @@ There are a lot of matching criteria against which the package can be tested.
 
    Match against the state of a packet.
 
+.. cfgcmd:: set firewall name <name> rule <1-999999> recent count <1-255>
+.. cfgcmd:: set firewall ipv6-name <name> rule <1-999999> recent count <1-255>
+.. cfgcmd:: set firewall name <name> rule <1-999999> recent time <second | 
+   minute | hour>
+.. cfgcmd:: set firewall ipv6-name <name> rule <1-999999> recent time <second | 
+   minute | hour>
+
+   Match when 'count' amount of connections are seen within 'time'. These 
+   matching criteria can be used to block brute-force attempts.
 
 ***********************************
 Applying a Rule-Set to an Interface
-- 
cgit v1.2.3