X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=debian%2Fexample%2Fcluster.fw;h=daa9ef5a2c62832b0c4e670cb5b9670114fad825;hp=457c993dd914d82e4f429279953d0d5bb5872b72;hb=9268573a4675ab12576c956ad055538df616c994;hpb=88733a748c21283a6f1168f88a679056c68325c9

diff --git a/debian/example/cluster.fw b/debian/example/cluster.fw
index 457c993..daa9ef5 100644
--- a/debian/example/cluster.fw
+++ b/debian/example/cluster.fw
@@ -14,21 +14,21 @@ mynetworkalias 10.0.0.0/24
 
 [RULES]
 
-IN  SSH(ACCEPT) vmbr0
+IN  SSH(ACCEPT) -i vmbr0
 
 [group group1]
 
-IN  ACCEPT - - tcp 22 -
-OUT ACCEPT - - tcp 80 -
-OUT ACCEPT - - icmp - -
+IN  ACCEPT -p tcp -dport 22
+OUT ACCEPT -p tcp -dport 80
+OUT ACCEPT -p icmp
 
 [group group3]
 
-IN  ACCEPT 10.0.0.1 
-IN  ACCEPT 10.0.0.1-10.0.0.10
-IN  ACCEPT 10.0.0.1,10.0.0.2,10.0.0.3
-IN  ACCEPT +mynetgroup 
-IN  ACCEPT myserveralias
+IN  ACCEPT -source 10.0.0.1 
+IN  ACCEPT -source 10.0.0.1-10.0.0.10
+IN  ACCEPT -source 10.0.0.1,10.0.0.2,10.0.0.3
+IN  ACCEPT -source +mynetgroup 
+IN  ACCEPT -source myserveralias
 
 
 [ipset myipset]
@@ -43,4 +43,4 @@ mynetworkalias
 [ipset blacklist]
 
 10.0.0.8
-192.168.0./24
+192.168.0.0/24