Correction of firewall syntax in multiple pages (#1651)

2025-10-26 08:41:46 +01:00 · 2025-06-26 14:42:41 +05:30 · 2025-06-26 14:42:41 +05:30 · 711d71329f
commit 711d71329f
parent 1772d6700d
3 changed files with 18 additions and 18 deletions
--- a/docs/configexamples/autotest/tunnelbroker/tunnelbroker.rst
+++ b/docs/configexamples/autotest/tunnelbroker/tunnelbroker.rst
@ -208,9 +208,8 @@ Firewall
 ========
 Finally, don't forget the :ref:`Firewall<configuration/firewall/index:Firewall>`. The usage is identical, except for
-instead of `set firewall name NAME`, you would use `set firewall ipv6-name
+instead of `set firewall ipv4 name NAME`, you would use `set firewall ipv6 name
 NAME`.
-Similarly, to attach the firewall, you would use `set interfaces ethernet eth0
+Similarly, to attach the firewall, you would use `set firewall ipv6 name NAME rule N inbound-interface name eth0` or `set firewall zone LOCAL from WAN firewall 
 firewall in ipv6-name` or `set firewall zone LOCAL from WAN firewall 
 ipv6-name`.
--- a/docs/configuration/interfaces/wireguard.rst
+++ b/docs/configuration/interfaces/wireguard.rst
@ -220,14 +220,15 @@ firewall exception.
    set firewall ipv4 name OUTSIDE_LOCAL rule 20 destination port 51820
    set firewall ipv4 name OUTSIDE_LOCAL rule 20 log enable
    set firewall ipv4 name OUTSIDE_LOCAL rule 20 protocol udp
    set firewall ipv4 name OUTSIDE_LOCAL rule 20 source
 You should also ensure that the OUTSIDE_LOCAL firewall group is applied to the
-WAN interface and a direction (local).
+WAN interface and in an input (local) direction.
 .. code-block:: none
-    set interfaces ethernet eth0 firewall local name 'OUTSIDE-LOCAL'
+    set firewall ipv4 input filter rule 10 action jump
    set firewall ipv4 input filter rule 10 jump-target 'OUTSIDE_LOCAL'
    set firewall ipv4 input filter rule 10 inbound-interface name 'eth0'
 Assure that your firewall rules allow the traffic, in which case you have a
 working VPN using WireGuard.
--- a/docs/configuration/vpn/l2tp.rst
+++ b/docs/configuration/vpn/l2tp.rst
@ -92,18 +92,18 @@ Example:
 .. code-block:: none
-  set firewall name OUTSIDE-LOCAL rule 40 action 'accept'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 40 action 'accept'
-  set firewall name OUTSIDE-LOCAL rule 40 protocol 'esp'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 40 protocol 'esp'
-  set firewall name OUTSIDE-LOCAL rule 41 action 'accept'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 41 action 'accept'
-  set firewall name OUTSIDE-LOCAL rule 41 destination port '500'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 41 destination port '500'
-  set firewall name OUTSIDE-LOCAL rule 41 protocol 'udp'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 41 protocol 'udp'
-  set firewall name OUTSIDE-LOCAL rule 42 action 'accept'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 42 action 'accept'
-  set firewall name OUTSIDE-LOCAL rule 42 destination port '4500'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 42 destination port '4500'
-  set firewall name OUTSIDE-LOCAL rule 42 protocol 'udp'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 42 protocol 'udp'
-  set firewall name OUTSIDE-LOCAL rule 43 action 'accept'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 43 action 'accept'
-  set firewall name OUTSIDE-LOCAL rule 43 destination port '1701'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 43 destination port '1701'
-  set firewall name OUTSIDE-LOCAL rule 43 ipsec 'match-ipsec'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 43 ipsec 'match-ipsec'
-  set firewall name OUTSIDE-LOCAL rule 43 protocol 'udp'
+  set firewall ipv4 name OUTSIDE-LOCAL rule 43 protocol 'udp'
 To allow VPN-clients access via your external address, a NAT rule is required: