[pve-devel] firewall rules format
Dietmar Maurer
dietmar at proxmox.com
Fri May 16 17:44:52 CEST 2014
We currently use the following format for rules:
#TYPE ACTION IFACE SOURCE DEST PROTO D-PORT S-PORT
IN ACCEPT(MACRO) net0 192.168.2.0 1.2.3.4 tcp 80 20
This hard to write/read because you need to remember the correct order.
So I thought about using something like:
in ACCEPT(MACRO) -i net0 -source 192.168.2.0 -dest 1.2.3.4 -p tcp -dport 80 -sport 20
This is a bit harder to parse, but it is easy to add more options in future.
What do you think?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20140516/051759c5/attachment.htm>
More information about the pve-devel
mailing list