3 Restrict packet destination address. This can refer to a single IP address,
4 an IP set ('+ipsetname') or an IP alias definition. You can also specify an
5 address range like '20.34.101.207-201.3.9.99', or a list of IP addresses
6 and networks (entries are separated by comma). Please do not mix IPv4 and
7 IPv6 addresses inside such lists.
11 Restrict TCP/UDP destination port. You can use service names or simple
12 numbers (0-65535), as defined in '/etc/services'. Port ranges can be
13 specified with '\d+:\d+', for example '80:85', and you can use comma
14 separated list to match several ports or ranges.
18 Network interface name. You have to use network configuration key names for
19 VMs and containers ('net\d+'). Host related rules can use arbitrary
24 IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as
25 defined in '/etc/protocols'.
29 Restrict packet source address. This can refer to a single IP address, an
30 IP set ('+ipsetname') or an IP alias definition. You can also specify an
31 address range like '20.34.101.207-201.3.9.99', or a list of IP addresses
32 and networks (entries are separated by comma). Please do not mix IPv4 and
33 IPv6 addresses inside such lists.
37 Restrict TCP/UDP source port. You can use service names or simple numbers
38 (0-65535), as defined in '/etc/services'. Port ranges can be specified with
39 '\d+:\d+', for example '80:85', and you can use comma separated list to
40 match several ports or ranges.