diff options
Diffstat (limited to 'templates')
10 files changed, 12 insertions, 0 deletions
diff --git a/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def b/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def new file mode 100644 index 0000000..d46d0c9 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def @@ -0,0 +1 @@ +help: Set firewall rule disabled diff --git a/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def new file mode 100644 index 0000000..75338e3 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def @@ -0,0 +1 @@ +help: Match second and further fragments of fragmented packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def new file mode 100644 index 0000000..3105271 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def @@ -0,0 +1 @@ +help: Match head fragments or unfragmented packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def b/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def new file mode 100644 index 0000000..c532d49 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def @@ -0,0 +1 @@ +help: Set IP fragment matching diff --git a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def new file mode 100644 index 0000000..8d4bf12 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def @@ -0,0 +1 @@ +help: Match inbound IPsec packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def new file mode 100644 index 0000000..cfcbc8a --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def @@ -0,0 +1 @@ +help: Match inbound non-IPsec packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def new file mode 100644 index 0000000..c905e2d --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def @@ -0,0 +1 @@ +help: Set inbound IPsec packet matching diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def new file mode 100644 index 0000000..a07010f --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def @@ -0,0 +1,2 @@ +type: u32 +help: Set to N to only match source addresses seen more than N times diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def new file mode 100644 index 0000000..e1be0a3 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def @@ -0,0 +1 @@ +help: Set parameters for matching recently seen sources diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def new file mode 100644 index 0000000..b84a0b7 --- /dev/null +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def @@ -0,0 +1,2 @@ +type: u32 +help: Set to N to only match source addresses seen in the last N seconds |