X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pve-firewall-rules-opts.adoc;h=4e674af1c9a84c916bc9e4c8c373c7aefe1c811e;hb=51d1bdf64eb55c6cacbc0a785a8ed9cd6a84c1cd;hp=dbdc27488ecaf331a7329b1cd23911d1361dca65;hpb=013dc89ffce47b8c55412c016a508205768b4fd6;p=pve-docs.git

diff --git a/pve-firewall-rules-opts.adoc b/pve-firewall-rules-opts.adoc
index dbdc274..4e674af 100644
--- a/pve-firewall-rules-opts.adoc
+++ b/pve-firewall-rules-opts.adoc
@@ -1,24 +1,32 @@
-`-dest` `<string>` ::
+`--dest` `<string>` ::
 
 Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.
 
-`-dport` `<string>` ::
+`--dport` `<string>` ::
 
 Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.
 
-`-iface` `<string>` ::
+`--icmp-type` `<string>` ::
+
+Specify icmp-type. Only valid if proto equals 'icmp'.
+
+`--iface` `<string>` ::
 
 Network interface name. You have to use network configuration key names for VMs and containers ('net\d+'). Host related rules can use arbitrary strings.
 
-`-proto` `<string>` ::
+`--log` `<alert | crit | debug | emerg | err | info | nolog | notice | warning>` ::
+
+Log level for firewall rule.
+
+`--proto` `<string>` ::
 
 IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.
 
-`-source` `<string>` ::
+`--source` `<string>` ::
 
 Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.
 
-`-sport` `<string>` ::
+`--sport` `<string>` ::
 
 Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.