4 option title 'Firewall configuration'
8 option title 'Firewall zones'
9 option package 'firewall'
14 option section 'firewall.zone'
19 option title 'Networks belonging to this zone'
20 option section 'firewall.zone'
21 option valueof 'network.interface'
26 option title 'Zone specific action for forwarded traffic'
27 option section 'firewall.zone'
32 option title 'Zone specific action for incoming traffic'
33 option section 'firewall.zone'
38 option title 'Zone specific action for outgoing traffic'
39 option section 'firewall.zone'
44 option title 'Enable masquerading for outgoing zone traffic'
45 option section 'firewall.zone'
46 option datatype 'boolean'
51 option name 'defaults'
52 option title 'Global firewall defaults'
53 option package 'firewall'
59 option title 'Action for forwarded traffic'
60 option section 'firewall.defaults'
65 option title 'Action for incoming traffic'
66 option section 'firewall.defaults'
71 option title 'Action for outgoing traffic'
72 option section 'firewall.defaults'
76 option name 'syn_flood'
77 option title 'Enable syn-flood protection'
78 option section 'firewall.defaults'
79 option datatype 'boolean'
82 option name 'drop_invalid'
83 option title 'Do not drop packages with state invalid'
84 option section 'firewall.defaults'
85 option datatype 'boolean'
90 option name 'forwarding'
91 option title 'Forwarding rules'
92 option package 'firewall'
96 option title 'Source zone'
97 option section 'firewall.forwarding'
98 option valueof 'firewall.zone.name'
103 option title 'Destination zone'
104 option section 'firewall.forwarding'
105 option valueof 'firewall.zone.name'
109 option name 'mtu_fix'
110 option title 'Fixup MTU of outgoing packages'
111 option section 'firewall.forwarding'
112 option datatype 'boolean'
118 option title 'Custom rules'
119 option package 'firewall'
120 list depends 'target, src'
121 list depends 'target, dest'
122 list depends 'target, src_ip'
123 list depends 'target, src_port'
124 list depends 'target, src_mac'
125 list depends 'target, dest_ip'
126 list depends 'target, dest_port'
127 list depends 'target, proto'
131 option title 'Source zone'
132 option section 'firewall.rule'
133 option valueof 'firewall.zone.name'
137 option title 'Source IP address'
138 option section 'firewall.rule'
139 option datatype 'ipaddr'
142 option name 'src_port'
143 option title 'Source port'
144 option section 'firewall.rule'
145 option datatype 'portrange'
148 option name 'src_mac'
149 option title 'Source MAC address'
150 option section 'firewall.rule'
151 option datatype 'macaddr'
155 option title 'Destination zone'
156 option section 'firewall.rule'
157 option valueof 'firewall.zone.name'
160 option name 'dest_ip'
161 option title 'Destination IP address'
162 option section 'firewall.rule'
163 option datatype 'ipaddr'
166 option name 'dest_port'
167 option title 'Destination port'
168 option section 'firewall.rule'
169 option datatype 'portrange'
173 option title 'Protocol'
174 option section 'firewall.rule'
175 option datatype 'string'
179 option title 'Option target'
180 option section 'firewall.rule'
181 option datatype 'string'
186 option name 'redirect'
187 option title 'Redirection rules'
188 option package 'firewall'
192 option title 'Source zone'
193 option section 'firewall.redirect'
194 option valueof 'firewall.zone.name'
198 option title 'Source IP address'
199 option section 'firewall.redirect'
200 option datatype 'ipaddr'
203 option name 'src_port'
204 option title 'Source port'
205 option section 'firewall.redirect'
206 option datatype 'portrange'
209 option name 'src_dport'
210 option title 'Source destination port'
211 option section 'firewall.redirect'
212 option datatype 'portrange'
215 option name 'src_mac'
216 option title 'Option src_mac'
217 option section 'firewall.redirect'
218 option datatype 'macaddr'
222 option title 'Destination zone'
223 option section 'firewall.redirect'
224 option valueof 'firewall.zone.name'
227 option name 'dest_ip'
228 option title 'Destination IP address'
229 option section 'firewall.redirect'
230 option datatype 'ipaddr'
233 option name 'dest_port'
234 option title 'Destination port'
235 option section 'firewall.redirect'
236 option datatype 'portrange'
240 option title 'Protocol'
241 option section 'firewall.redirect'
242 option datatype 'string'
247 option name 'include'
248 option title 'User defined config includes'
249 option package 'firewall'
253 option title 'Path to the include file'
254 option section 'firewall.include'
255 option datatype 'file'