cleanup_fw_rule: only copy defined rule properties

[pve-firewall.git] / example / 100.fw

diff --git a/example/100.fw b/example/100.fw
index 36c831ae97bcbdb9a274e84a2c9f033f6f147277..6572fe3bd2e9c609f279d71322803a8ef4fb6d34 100644 (file)
--- a/example/100.fw
+++ b/example/100.fw
@@ -1,6 +1,7 @@
 # Example VM firewall configuration
 
-[OPTIONS] # VM specific firewall options
+# VM specific firewall options
+[OPTIONS]
 
 # disable/enable the whole thing
 enable: 1 
@@ -18,8 +19,8 @@ log_level_in: info
 # disable log for outgoing connections
 log_level_out: nolog
 
-# filter SMURFS
-nosmurfs: 1
+# disable SMURFS filter
+nosmurfs: 0
 
 # filter illegal combinations of TCP flags
 tcpflags: 1
@@ -27,6 +28,13 @@ tcpflags: 1
 # enable DHCP
 dhcp: 1
 
+# enable ips
+ips: 1
+
+# specify nfqueue queues (optionnal)
+#ips_queues: 0
+ips_queues: 0:3
+
 
 [RULES]