You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

pve-firewall-host-opts.adoc 1.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748
  1. `enable`: `<boolean>` ::
  2. Enable host firewall rules.
  3. `log_level_in`: `<alert | crit | debug | emerg | err | info | nolog | notice | warning>` ::
  4. Log level for incoming traffic.
  5. `log_level_out`: `<alert | crit | debug | emerg | err | info | nolog | notice | warning>` ::
  6. Log level for outgoing traffic.
  7. `log_nf_conntrack`: `<boolean>` ('default =' `0`)::
  8. Enable logging of conntrack information.
  9. `ndp`: `<boolean>` ::
  10. Enable NDP.
  11. `nf_conntrack_allow_invalid`: `<boolean>` ('default =' `0`)::
  12. Allow invalid packets on connection tracking.
  13. `nf_conntrack_max`: `<integer> (32768 - N)` ::
  14. Maximum number of tracked connections.
  15. `nf_conntrack_tcp_timeout_established`: `<integer> (7875 - N)` ::
  16. Conntrack established timeout.
  17. `nosmurfs`: `<boolean>` ::
  18. Enable SMURFS filter.
  19. `smurf_log_level`: `<alert | crit | debug | emerg | err | info | nolog | notice | warning>` ::
  20. Log level for SMURFS filter.
  21. `tcp_flags_log_level`: `<alert | crit | debug | emerg | err | info | nolog | notice | warning>` ::
  22. Log level for illegal tcp flags filter.
  23. `tcpflags`: `<boolean>` ::
  24. Filter illegal combinations of TCP flags.