firewall: sync to master branch

1 files changed, 32 insertions, 2 deletions

diff --git a/docs/configuration/firewall/global-options.rst b/docs/configuration/firewall/global-options.rst
index 9c9a1a1e..455e530b 100644
--- a/docs/configuration/firewall/global-options.rst
+++ b/docs/configuration/firewall/global-options.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2023-11-07
+:lastproofread: 2023-12-026
 
 .. _firewall-global-options-configuration:
 
@@ -111,7 +111,37 @@ Configuration
 .. cfgcmd:: set firewall global-options twa-hazards-protection
    [enable | disable]
 
-   Enable or Disable VyOS to be :rfc:`1337` conforming.
+   Enable or Disable VyOS to be :rfc:`1337` conform.
    The following system parameter will be altered:
 
    * ``net.ipv4.tcp_rfc1337``
+
+.. cfgcmd:: set firewall global-options state-policy established action
+   [accept | drop | reject]
+
+.. cfgcmd:: set firewall global-options state-policy established log
+
+.. cfgcmd:: set firewall global-options state-policy established log-level
+   [emerg | alert | crit | err | warn | notice | info | debug]
+
+   Set the global setting for an established connection.
+
+.. cfgcmd:: set firewall global-options state-policy invalid action
+   [accept | drop | reject]
+
+.. cfgcmd:: set firewall global-options state-policy invalid log
+
+.. cfgcmd:: set firewall global-options state-policy invalid log-level
+   [emerg | alert | crit | err | warn | notice | info | debug]
+
+   Set the global setting for invalid packets.
+
+.. cfgcmd:: set firewall global-options state-policy related action
+   [accept | drop | reject]
+
+.. cfgcmd:: set firewall global-options state-policy related log
+
+.. cfgcmd:: set firewall global-options state-policy related log-level
+   [emerg | alert | crit | err | warn | notice | info | debug]
+
+   Set the global setting for related connections.