mirror of
https://github.com/vyos/vyos-documentation.git
synced 2025-10-26 08:41:46 +01:00
c25c40dfa9
* order workflows and add submodule * rename gitmodules file * delete docs/.gitignore * add vyos custom linter * correct __pycache__ in gitignore * add test-coverage.py * move draw.io folder * arrange changelog, install history and about * arrange: firewall * arrange: highavailability * arrange: loadbalancing * arrange: nat * arrange: services * sort configexamples and configuration interfaces * wireles: rename wireless * rearrange: Protocols and Policy * rearrange: Firewall and Zone Policy * rearrange: Interfaces * rearrange: Interfaces * rearrange: dynamic DNS * hostinfo: add page to index * rearrange: appendix * venv: add Pipfile * rearrange: contributing * index: remove debugging * rearrange: fix all figure and refs * rearrange: commandtree * fix: cli, openvpn, install headline level * protocols: change headline * firewall: move mss clamping * ip: separate ipv4 and ipv6 * arp: move to static page * igmp: rename multicast page * Update to year 2021
9 lines
425 B
ReStructuredText
9 lines
425 B
ReStructuredText
Zone-based Firewall Policy
|
|
--------------------------
|
|
|
|
As an alternative to applying policy to an interface directly, a zone-based
|
|
firewall can be created to simplify configuration when multiple interfaces
|
|
belong to the same security zone. Instead of applying to rulesets to interfaces
|
|
they are applied to source zone-destination zone pairs.
|
|
|
|
An example to zone-based firewalls can be found here: :ref:`examples-zone-policy`. |