ungleich-public/cdist-web
ungleich-public
/
cdist-web
6
0
Fork 1
Code Issues 1 Pull Requests Projects Releases Wiki Activity
cdist-web/src/extra/manual/3.1.13/man7/cdist-type__firewalld_rule....

57 lines
5.1 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>cdist-type__firewalld_rule(7)</title><link rel="stylesheet" type="text/css" href="docbook-xsl.css" /><meta name="generator" content="DocBook XSL Stylesheets V1.78.1" /></head><body><div xml:lang="en" class="article" lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="idm139631633158304"></a>cdist-type__firewalld_rule(7)</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Nico</span> <span class="surname">Schottelius</span></h3><code class="email">&lt;<a class="email" href="mailto:nico-cdist--@--schottelius.org">nico-cdist--@--schottelius.org</a>&gt;</code></div></div></div><hr /></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="#_name">1. NAME</a></span></dt><dt><span class="section"><a href="#_description">2. DESCRIPTION</a></span></dt><dt><span class="section"><a href="#_required_parameters">3. REQUIRED PARAMETERS</a></span></dt><dt><span class="section"><a href="#_optional_parameters">4. OPTIONAL PARAMETERS</a></span></dt><dt><span class="section"><a href="#_examples">5. EXAMPLES</a></span></dt><dt><span class="section"><a href="#_see_also">6. SEE ALSO</a></span></dt><dt><span class="section"><a href="#_copying">7. COPYING</a></span></dt></dl></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_name"></a>1. NAME</h2></div></div></div><p>cdist-type__firewalld_rule - Configure firewalld rules</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_description"></a>2. DESCRIPTION</h2></div></div></div><p>This cdist type allows you to manage rules in firewalld
using the <span class="strong"><strong>direct</strong></span> way (i.e. no zone support).</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_required_parameters"></a>3. REQUIRED PARAMETERS</h2></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
rule
</span></dt><dd>
The rule to apply. Essentially an firewalld command
line without firewalld in front of it.
</dd><dt><span class="term">
protocol
</span></dt><dd>
Either ipv4, ipv4 or eb. See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>
</dd><dt><span class="term">
table
</span></dt><dd>
The table to use (like filter or nat). See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>.
</dd><dt><span class="term">
chain
</span></dt><dd>
The chain to use (like INPUT_direct or FORWARD_direct). See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>.
</dd><dt><span class="term">
priority
</span></dt><dd>
The priority to use (0 is topmost). See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>.
</dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_optional_parameters"></a>4. OPTIONAL PARAMETERS</h2></div></div></div><div class="variablelist"><dl class="variablelist"><dt><span class="term">
state
</span></dt><dd>
<span class="emphasis"><em>present</em></span> or <span class="emphasis"><em>absent</em></span>, defaults to <span class="emphasis"><em>present</em></span>
</dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_examples"></a>5. EXAMPLES</h2></div></div></div><pre class="screen"># Allow acces from entrance.place4.ungleich.ch
__firewalld_rule entrance \
--protocol ipv4 \
--table filter \
--chain INPUT_direct \
--priority 0 \
--rule '-s entrance.place4.ungleich.ch -j ACCEPT'
# Allow forwarding of traffic from br0
__firewalld_rule vm-forward --protocol ipv4 \
--table filter \
--chain FORWARD_direct \
--priority 0 \
--rule '-i br0 -j ACCEPT'
# Ensure old rule is absent - warning, the rule part must stay the same!
__firewalld_rule vm-forward
--protocol ipv4 \
--table filter \
--chain FORWARD_direct \
--priority 0 \
--rule '-i br0 -j ACCEPT' \
--state absent</pre></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_see_also"></a>6. SEE ALSO</h2></div></div></div><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
<a href="../man7/cdist-type.html">cdist-type(7)</a>
</li><li class="listitem">
<a href="../man7/cdist-type__iptables_rule.html">cdist-type__iptables_rule(7)</a>
</li><li class="listitem">
firewalld(8)
</li></ul></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_copying"></a>7. COPYING</h2></div></div></div><p>Copyright (C) 2015 Nico Schottelius. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).</p></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink