]> git.proxmox.com Git - pve-firewall.git/blobdiff - example/cluster.fw
projects / pve-firewall.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ipset : use only netgroup
[pve-firewall.git] / example / cluster.fw
diff --git a/example/cluster.fw b/example/cluster.fw
index fe283fcf94600c4cc1e36c4ab341e9c855f9a2cf..97f58cbda6f8c399b00860f337314eca8eef1415 100644 (file)
--- a/example/cluster.fw
+++ b/example/cluster.fw
@@ -19,22 +19,10 @@ IN  ACCEPT 10.0.0.2
 IN  ACCEPT 10.0.0.2 
 
 
-#ipset hash:ip
-[ipgroup ipgroup1]
-
-192.168.0.1
-192.168.0.2
-192.168.0.3
-
-
-[ipgroup ipgroup2]
-
-192.168.0.3
-192.168.0.4
-
-#ipset hash:net
-[netgroup netgroup1]
+[netgroup mynetgroup]
 
+192.168.0.1 #mycomment
+172.16.0.10
 192.168.0.0/24
-10.0.0.0/8
+! 10.0.0.0/8  #nomatch
 
Firewall test scripts