X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=debian%2Fexample%2F100.fw;h=88690232785fe8c1bf66db54fd89001999439faa;hp=dffd144fee496923ebaf88ceaf15a8935b00dbf2;hb=9268573a4675ab12576c956ad055538df616c994;hpb=dba740a9c766f1584f06b87747069740fb333fcd;ds=sidebyside

diff --git a/debian/example/100.fw b/debian/example/100.fw
index dffd144..8869023 100644
--- a/debian/example/100.fw
+++ b/debian/example/100.fw
@@ -29,6 +29,8 @@ ips: 1
 #ips_queues: 0
 ips_queues: 0:3
 
+[IPSET ipfilter-net0] # only allow specified IPs on net0
+192.168.2.10
 
 [RULES]
 
@@ -45,7 +47,7 @@ IN SSH(ACCEPT) -i net0 # a comment
 IN SSH(ACCEPT) -i net0 -source 192.168.2.192  # only allow SSH from  192.168.2.192
 IN SSH(ACCEPT) -i net0 -source 10.0.0.1-10.0.0.10 #accept SSH for ip in range 10.0.0.1 to 10.0.0.10
 IN SSH(ACCEPT) -i net0 -source 10.0.0.1,10.0.0.2,10.0.0.3 #accept ssh for 10.0.0.1 or 10.0.0.2 or 10.0.0.3
-IN SSH(ACCEPT) -i net0 -source +mynetgroup   #accept ssh for netgroup mynetgroup
+IN SSH(ACCEPT) -i net0 -source +mynetgroup   #accept ssh for ipset mynetgroup
 IN SSH(ACCEPT) -i net0 -source myserveralias   #accept ssh for alias myserveralias
 
 |IN SSH(ACCEPT) -i net0 # disabled rule