vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-12-17 11:02:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

zone-policy: correct spelling and grammar

Browse Source
This commit is contained in:
rebortg 2021-06-29 11:45:33 +02:00
parent 2db2398ee7
commit 3730a3d410
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/configexamples/zone-policy.rst
View File

@ -1,3 +1,5 @@
:lastproofread: 2021-06-29
.. _examples-zone-policy: .. _examples-zone-policy:
Zone-Policy example Zone-Policy example
@ -132,7 +134,7 @@ To add logging to the default rule, do:
set firewall name <ruleSet> enable-default-log set firewall name <ruleSet> enable-default-log
By default, iptables does not allow traffic for established session to By default, iptables does not allow traffic for established sessions to
return, so you must explicitly allow this. I do this by adding two rules return, so you must explicitly allow this. I do this by adding two rules
to every ruleset. 1 allows established and related state packets through to every ruleset. 1 allows established and related state packets through
and rule 2 drops and logs invalid state packets. We place the and rule 2 drops and logs invalid state packets. We place the
@ -367,7 +369,7 @@ IPv6 Tunnel
^^^^^^^^^^^ ^^^^^^^^^^^
If you are using a IPv6 tunnel from HE.net or someone else, the basis is If you are using a IPv6 tunnel from HE.net or someone else, the basis is
the same except you have two WAN interface. One for v4 and one for v6. the same except you have two WAN interfaces. One for v4 and one for v6.
You would have 5 zones instead of just 4 and you would configure your v6 You would have 5 zones instead of just 4 and you would configure your v6
ruleset between your tunnel interface and your LAN/DMZ zones instead of ruleset between your tunnel interface and your LAN/DMZ zones instead of