From fb060a52e8acf9c9e221393393ff38eb4286506f Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Thu, 31 Mar 2016 08:06:02 +0200 Subject: [PATCH] add property descriptions to improve docs --- src/PVE/Firewall.pm | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index 428ffb2..4213d17 100644 --- a/src/PVE/Firewall.pm +++ b/src/PVE/Firewall.pm @@ -1120,6 +1120,11 @@ sub copy_list_with_digest { return wantarray ? ($res, $digest) : $res; } + +my $addr_list_descr = "This can refer to a single IP address, an IP set (`+ipsetname`) or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by ','). Please do not mix IPv4 and IPv6 addresses inside such lists."; + +my $port_descr = "You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with `\\d+:\\d+`, for example `80:85', and you can use comma separated list to match several ports or ranges."; + my $rule_properties = { pos => { description => "Update rule at position .", @@ -1146,16 +1151,22 @@ my $rule_properties = { optional => 1, maxLength => 128, }, - iface => get_standard_option('pve-iface', { optional => 1 }), + iface => get_standard_option('pve-iface', { + description => "Network interface name. You have to use network configuration key names for VMs and containers ('net\d+'). Host related rules can use arbitrary strings.", + optional => 1 + }), source => { + description => "Restrict packet source address. $addr_list_descr", type => 'string', format => 'pve-fw-addr-spec', optional => 1, }, dest => { + description => "Restrict packet destination address. $addr_list_descr", type => 'string', format => 'pve-fw-addr-spec', optional => 1, }, proto => { + description => "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.", type => 'string', format => 'pve-fw-protocol-spec', optional => 1, }, @@ -1165,10 +1176,12 @@ my $rule_properties = { optional => 1, }, sport => { + description => "Restrict TCP/UDP source port. $port_descr", type => 'string', format => 'pve-fw-sport-spec', optional => 1, }, dport => { + description => "Restrict TCP/UDP destination port. $port_descr", type => 'string', format => 'pve-fw-dport-spec', optional => 1, }, -- 2.39.2