]> git.proxmox.com Git - pve-firewall.git/blobdiff - example/100.fw
projects / pve-firewall.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
merge IN/OUT section into RULES section
[pve-firewall.git] / example / 100.fw
diff --git a/example/100.fw b/example/100.fw
index 5068f0bdbe1c63c216d8148f04130d92556e2b91..b7b27dd1c6b1488b9b1c9ced7c2b147cb78fab5f 100644 (file)
--- a/example/100.fw
+++ b/example/100.fw
@@ -28,21 +28,21 @@ tcpflags: 1
 dhcp: 1
 
 
-[IN]
+[RULES]
 
-#ACTION IFACE SOURCE DEST PROTO D-PORT S-PORT
+#TYPE ACTION IFACE SOURCE DEST PROTO D-PORT S-PORT
 
-SSH(ACCEPT) net0
-SSH(ACCEPT) net0 # a comment
-SSH(ACCEPT) net0 192.168.2.192  # only allow SSH from  192.168.2.192
-|SSH(ACCEPT) net0 # disbaled rule
+IN SSH(ACCEPT) net0
+IN SSH(ACCEPT) net0 # a comment
+IN SSH(ACCEPT) net0 192.168.2.192  # only allow SSH from  192.168.2.192
+|IN SSH(ACCEPT) net0 # disabled rule
 
-[OUT]
+# add a security group
+GROUP group1 net0
 
-
-DNS(ACCEPT) net0
-Ping(ACCEPT) net0
-SSH(ACCEPT)
+OUT DNS(ACCEPT) net0
+OUT Ping(ACCEPT) net0
+OUT SSH(ACCEPT)
 
 
 
Firewall test scripts