Jo-Philipp Wich
695e8211d1
doc: fix swapped include positions in nftables.d README
|
2 yıl önce | |
|---|---|---|
| .. | ||
| README | 2 yıl önce | |
README
This directory may contain partial nftables files which are automatically
included into the nftables ruleset generated by the fw4 program.
Only accessible files (no broken symlinks, no files with insufficient
permissions) with an `*.nft` file extension are considered.
The include position of each file within the overall ruleset is derived
from the file path:
- Files in ./ruleset-pre/ and ./ruleset-post/ are included before and
after the `table inet fw4 { ... }` declaration respectively
- Files in ./table-pre/ and ./table-post/ are included before the first
chain and after the last chain declaration within the fw4 table
respectively
- Files in ./chain-pre/${chain}/ and ./chain-post/${chain}/ are included
before the first and after the last rule within the mentioned chain of
the fw4 table respectively
Automatic inclusion of these files can be disabled by setting the global
`auto_includes` option to `0` within the defaults section of
/etc/config/firewall.
included into the nftables ruleset generated by the fw4 program.
Only accessible files (no broken symlinks, no files with insufficient
permissions) with an `*.nft` file extension are considered.
The include position of each file within the overall ruleset is derived
from the file path:
- Files in ./ruleset-pre/ and ./ruleset-post/ are included before and
after the `table inet fw4 { ... }` declaration respectively
- Files in ./table-pre/ and ./table-post/ are included before the first
chain and after the last chain declaration within the fw4 table
respectively
- Files in ./chain-pre/${chain}/ and ./chain-post/${chain}/ are included
before the first and after the last rule within the mentioned chain of
the fw4 table respectively
Automatic inclusion of these files can be disabled by setting the global
`auto_includes` option to `0` within the defaults section of
/etc/config/firewall.