X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pve-firewall-rules-opts.adoc;h=dbdc27488ecaf331a7329b1cd23911d1361dca65;hb=c994e4e5326512204e108b62779f03809c42e58c;hp=0a6361dfd7d36841597d8c849f3bbc94208cd9e3;hpb=696fb448dc961b76926b8f656f0b192e537a1fba;p=pve-docs.git diff --git a/pve-firewall-rules-opts.adoc b/pve-firewall-rules-opts.adoc index 0a6361d..dbdc274 100644 --- a/pve-firewall-rules-opts.adoc +++ b/pve-firewall-rules-opts.adoc @@ -1,41 +1,24 @@ -`-dest` `string` :: +`-dest` `` :: -Restrict packet destination address. This can refer to a single IP address, -an IP set ('+ipsetname') or an IP alias definition. You can also specify an -address range like '20.34.101.207-201.3.9.99', or a list of IP addresses -and networks (entries are separated by comma). Please do not mix IPv4 and -IPv6 addresses inside such lists. +Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists. -`-dport` `string` :: +`-dport` `` :: -Restrict TCP/UDP destination port. You can use service names or simple -numbers (0-65535), as defined in '/etc/services'. Port ranges can be -specified with '\d+:\d+', for example '80:85', and you can use comma -separated list to match several ports or ranges. +Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges. -`-iface` `string` :: +`-iface` `` :: -Network interface name. You have to use network configuration key names for -VMs and containers ('net\d+'). Host related rules can use arbitrary -strings. +Network interface name. You have to use network configuration key names for VMs and containers ('net\d+'). Host related rules can use arbitrary strings. -`-proto` `string` :: +`-proto` `` :: -IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as -defined in '/etc/protocols'. +IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'. -`-source` `string` :: +`-source` `` :: -Restrict packet source address. This can refer to a single IP address, an -IP set ('+ipsetname') or an IP alias definition. You can also specify an -address range like '20.34.101.207-201.3.9.99', or a list of IP addresses -and networks (entries are separated by comma). Please do not mix IPv4 and -IPv6 addresses inside such lists. +Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists. -`-sport` `string` :: +`-sport` `` :: -Restrict TCP/UDP source port. You can use service names or simple numbers -(0-65535), as defined in '/etc/services'. Port ranges can be specified with -'\d+:\d+', for example '80:85', and you can use comma separated list to -match several ports or ranges. +Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.