extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-08 00:34:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update ipset doc for 5.0

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-02-18 09:10:41 -08:00
parent 745e04823d
commit 3277bd991b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/ipsets.xml
View File

@ -107,13 +107,13 @@
<para>Example 1: Blacklist all hosts in an ipset named "blacklist"</para>
<para><filename>/etc/shorewall/blacklist</filename><programlisting>#ADDRESS/SUBNET PROTOCOL PORT
+blacklist</programlisting></para>
<para><filename>/etc/shorewall/blrules</filename><programlisting>#ACTION SOURCE DEST PROTO DPORT
DROP net:+blacklist</programlisting></para>
<para>Example 2: Allow SSH from all hosts in an ipset named "sshok:</para>
<para><filename>/etc/shorewall/rules</filename><programlisting>#ACTION SOURCE DEST PROTO DEST PORT(S)
ACCEPT net:+sshok $FW tcp 22</programlisting></para>
<para><filename>/etc/shorewall/rules</filename><programlisting>#ACTION SOURCE DEST PROTO DPORT
ACCEPT net:+sshok $FW tcp 22</programlisting></para>
<para>The name of the ipset can be optionally followed by a
comma-separated list of flags enclosed in square brackets ([...]). Each