extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-25 09:03:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Document leading "+" in inline matches

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-06-22 12:43:25 -07:00
parent 708644f7c9
commit 1e2030fd6f
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/configuration_file_basics.xml
View File

@ -859,6 +859,15 @@ INLINE net $FW ; -m recent --rcheck 10 --hitcount 5 -
<programlisting>COMB_IF !70.90.191.120/29 70.90.191.121 ;; -m statistic --mode random --probability 0.50 <programlisting>COMB_IF !70.90.191.120/29 70.90.191.121 ;; -m statistic --mode random --probability 0.50
COMB_IF !70.90.191.120/29 70.90.191.123</programlisting> COMB_IF !70.90.191.120/29 70.90.191.123</programlisting>
<para>If the first character of the inline matches is a plus sign
("+"), then the matches are processed before the column-oriented
input in the rule. That is required when specifying additional TCP
protocol parameters.</para>
<para>Example from action.TCPFlags:</para>
<programlisting>DROP - - ;;+ -p 6 --tcp-flags ALL FIN,URG,PSH</programlisting>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>