57 lines
5.2 KiB
HTML
57 lines
5.2 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>cdist-type__firewalld_rule(7)</title><link rel="stylesheet" type="text/css" href="docbook-xsl.css" /><meta name="generator" content="DocBook XSL Stylesheets V1.76.1" /></head><body><div xml:lang="en" class="article" title="cdist-type__firewalld_rule(7)" lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="idp64676944"></a>cdist-type__firewalld_rule(7)</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Nico</span> <span class="surname">Schottelius</span></h3><code class="email"><<a class="email" href="mailto:nico-cdist--@--schottelius.org">nico-cdist--@--schottelius.org</a>></code></div></div></div><hr /></div><div class="toc"><p><strong>Table of Contents</strong></p><dl><dt><span class="section"><a href="#_name">1. NAME</a></span></dt><dt><span class="section"><a href="#_description">2. DESCRIPTION</a></span></dt><dt><span class="section"><a href="#_required_parameters">3. REQUIRED PARAMETERS</a></span></dt><dt><span class="section"><a href="#_optional_parameters">4. OPTIONAL PARAMETERS</a></span></dt><dt><span class="section"><a href="#_examples">5. EXAMPLES</a></span></dt><dt><span class="section"><a href="#_see_also">6. SEE ALSO</a></span></dt><dt><span class="section"><a href="#_copying">7. COPYING</a></span></dt></dl></div><div class="section" title="1. NAME"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_name"></a>1. NAME</h2></div></div></div><p>cdist-type__firewalld_rule - Configure firewalld rules</p></div><div class="section" title="2. DESCRIPTION"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_description"></a>2. DESCRIPTION</h2></div></div></div><p>This cdist type allows you to manage rules in firewalld
|
||
using the <span class="strong"><strong>direct</strong></span> way (i.e. no zone support).</p></div><div class="section" title="3. REQUIRED PARAMETERS"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_required_parameters"></a>3. REQUIRED PARAMETERS</h2></div></div></div><div class="variablelist"><dl><dt><span class="term">
|
||
rule
|
||
</span></dt><dd>
|
||
The rule to apply. Essentially an firewalld command
|
||
line without firewalld in front of it.
|
||
</dd><dt><span class="term">
|
||
protocol
|
||
</span></dt><dd>
|
||
Either ipv4, ipv4 or eb. See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>
|
||
</dd><dt><span class="term">
|
||
table
|
||
</span></dt><dd>
|
||
The table to use (like filter or nat). See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>.
|
||
</dd><dt><span class="term">
|
||
chain
|
||
</span></dt><dd>
|
||
The chain to use (like INPUT_direct or FORWARD_direct). See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>.
|
||
</dd><dt><span class="term">
|
||
priority
|
||
</span></dt><dd>
|
||
The priority to use (0 is topmost). See <a href="../man1/firewall-cmd.html">firewall-cmd(1)</a>.
|
||
</dd></dl></div></div><div class="section" title="4. OPTIONAL PARAMETERS"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_optional_parameters"></a>4. OPTIONAL PARAMETERS</h2></div></div></div><div class="variablelist"><dl><dt><span class="term">
|
||
state
|
||
</span></dt><dd>
|
||
<span class="emphasis"><em>present</em></span> or <span class="emphasis"><em>absent</em></span>, defaults to <span class="emphasis"><em>present</em></span>
|
||
</dd></dl></div></div><div class="section" title="5. EXAMPLES"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_examples"></a>5. EXAMPLES</h2></div></div></div><pre class="screen"># Allow acces from entrance.place4.ungleich.ch
|
||
__firewalld_rule entrance \
|
||
--protocol ipv4 \
|
||
--table filter \
|
||
--chain INPUT_direct \
|
||
--priority 0 \
|
||
--rule '-s entrance.place4.ungleich.ch -j ACCEPT'
|
||
|
||
# Allow forwarding of traffic from br0
|
||
__firewalld_rule vm-forward --protocol ipv4 \
|
||
--table filter \
|
||
--chain FORWARD_direct \
|
||
--priority 0 \
|
||
--rule '-i br0 -j ACCEPT'
|
||
|
||
# Ensure old rule is absent - warning, the rule part must stay the same!
|
||
__firewalld_rule vm-forward
|
||
--protocol ipv4 \
|
||
--table filter \
|
||
--chain FORWARD_direct \
|
||
--priority 0 \
|
||
--rule '-i br0 -j ACCEPT' \
|
||
--state absent</pre></div><div class="section" title="6. SEE ALSO"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_see_also"></a>6. SEE ALSO</h2></div></div></div><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem">
|
||
<a href="../man7/cdist-type.html">cdist-type(7)</a>
|
||
</li><li class="listitem">
|
||
<a href="../man7/cdist-type__iptables_rule.html">cdist-type__iptables_rule(7)</a>
|
||
</li><li class="listitem">
|
||
firewalld(8)
|
||
</li></ul></div></div><div class="section" title="7. COPYING"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="_copying"></a>7. COPYING</h2></div></div></div><p>Copyright (C) 2015 Nico Schottelius. Free use of this software is
|
||
granted under the terms of the GNU General Public License version 3 (GPLv3).</p></div></div></body></html>
|