[pve-devel] [PATCH v2 docs] add documentation for the new icmp-type parameter

Mira Limbeck m.limbeck at proxmox.com
Fri May 29 14:22:05 CEST 2020


Signed-off-by: Mira Limbeck <m.limbeck at proxmox.com>
---
v2:
 - rebased on master

 pve-firewall-rules-opts.adoc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pve-firewall-rules-opts.adoc b/pve-firewall-rules-opts.adoc
index 13ec8d8..5e8c01e 100644
--- a/pve-firewall-rules-opts.adoc
+++ b/pve-firewall-rules-opts.adoc
@@ -6,6 +6,10 @@ Restrict packet destination address. This can refer to a single IP address, an I
 
 Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\d+:\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.
 
+`--icmp-type` `<string>` ::
+
+Restrict ICMP packets to specific types. You can either use the names as ip[6]tables ('ip[6]tables -p icmp[v6] -h') provides them, or use the Type[/Code] value, for example 'network-unreachable' which corresponds to '3/0'.
+
 `--iface` `<string>` ::
 
 Network interface name. You have to use network configuration key names for VMs and containers ('net\d+'). Host related rules can use arbitrary strings.
-- 
2.20.1





More information about the pve-devel mailing list