proxmox-mirrors/pve-docs
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-docs synced 2025-08-14 08:46:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

firewall: text width fixes

Browse Source 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2022-03-16 15:23:27 +01:00
parent bdb9c34e11
commit 580d1297d5
1 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
pve-firewall-rules-opts.adoc
View File

@ -1,10 +1,17 @@
`--dest` `<string>` ::
Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.
Restrict packet destination address. This can refer to a single IP address, an
IP set ('+ipsetname') or an IP alias definition. You can also specify an
address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and
networks (entries are separated by comma). Please do not mix IPv4 and IPv6
addresses inside such lists.
`--dport` `<string>` ::
Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.
Restrict TCP/UDP destination port. You can use service names or simple numbers
(0-65535), as defined in '/etc/services'. Port ranges can be specified with
'\d+:\d+', for example '80:85', and you can use comma separated list to match
several ports or ranges.
`--icmp-type` `<string>` ::
@ -15,7 +22,8 @@ Type[/Code] value, for example 'network-unreachable' which corresponds to
`--iface` `<string>` ::
Network interface name. You have to use network configuration key names for VMs and containers ('net\d+'). Host related rules can use arbitrary strings.
Network interface name. You have to use network configuration key names for VMs
and containers ('net\d+'). Host related rules can use arbitrary strings.
`--log` `<alert | crit | debug | emerg | err | info | nolog | notice | warning>` ::
@ -23,13 +31,21 @@ Log level for firewall rule.
`--proto` `<string>` ::
IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.
IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as
defined in '/etc/protocols'.
`--source` `<string>` ::
Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.
Restrict packet source address. This can refer to a single IP address, an IP
set ('+ipsetname') or an IP alias definition. You can also specify an address
range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks
(entries are separated by comma). Please do not mix IPv4 and IPv6 addresses
inside such lists.
`--sport` `<string>` ::
Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.
Restrict TCP/UDP source port. You can use service names or simple numbers
(0-65535), as defined in '/etc/services'. Port ranges can be specified with
'\d+:\d+', for example '80:85', and you can use comma separated list to match
several ports or ranges.