firehol-group man page

firehol-group — group commands with common options

Synopsis

group with rule-params

group end

Description

The group command allows you to group together multiple client and server commands.

Grouping commands with common options (see firehol-params(5)) allows the option values to be checked only once in the generated firewall rather than once per service, making it more efficient.

Nested groups may be used.

Examples

This:

interface any world
  client all accept
  server http accept

  # Provide these services to trusted hosts only
  server "ssh telnet" accept src "192.0.2.1 192.0.2.2"

can be replaced to produce a more efficient firewall by this:

interface any world
  client all accept
  server http accept

  # Provide these services to trusted hosts only
  group with src "192.0.2.1 192.0.2.2"
    server telnet accept
    server ssh accept
  group end

See Also

·
firehol(1) - FireHOL program
·
firehol.conf(5) - FireHOL configuration
·
firehol-interface(5) - interface definition
·
firehol-router(5) - router definition
·
firehol-params(5) - optional rule parameters
·
FireHOL Website (http://firehol.org/)
·
FireHOL Online PDF Manual (http://firehol.org/firehol-manual.pdf)
·
FireHOL Online HTML Manual (http://firehol.org/manual)

Authors

FireHOL Team.

Referenced By

firehol-conf(5), firehol-interface(5), firehol-modifiers(5), firehol-router(5).

Built 15 Feb 2015 FireHOL Reference 2.0.1