U Insert the string "1 user" or "<n> users" where <n> is the number of current users logged in.\r
\r
v Insert the version of the OS, that is, the build-date and such.</string>\r
+ <string id="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9">Firewalld</string>\r
+ <string id="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978">Zones</string>\r
+ <string id="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978_Help">A list of zones to create. Existing zones on the host will be unaffected.\r
+\r
+Rule creation for zones is handled in the Rules setting.</string>\r
+ <string id="POL_B21F349F_4BF6_473E_8452_047D714F156C">Rules</string>\r
+ <string id="POL_B21F349F_4BF6_473E_8452_047D714F156C_Help">A JSON dictionary, containing zones paired with a list of rules.\r
+\r
+For example, to create rules for the Work and Home zones, specify the following JSON:\r
+\r
+{\r
+ "work": [\r
+ {"rule": {"family": "ipv4"}, "source address": "172.25.1.7", "service name": "ftp", "reject": {}},\r
+ {"rule": {}, "source address": "172.25.1.8", "service name": "ftp", "reject": {}}\r
+ ],\r
+ "home": [\r
+ {"rule": {}, "protocol value": "icmp", "reject": {}},\r
+ {"rule": {"family": "ipv4"}, "source address": "192.168.1.2/32", "service name": "telnet", "accept": {"limit value": "1/m"}}\r
+ ]\r
+}\r
+\r
+An improperly formatted JSON will be ignored.\r
+\r
+The rule structure loosely follows the Firewalld Rich Language Documentation.\r
+\r
+General rule structure:\r
+{\r
+ "rule": {\r
+ "family": "ipv4 | ipv6",\r
+ "priority": "priority"\r
+ },\r
+ "source [not] address | mac | ipset": "address[/mask] | mac-address | ipset",\r
+ "destination [not] adress": "address[/mask]",\r
+ "service name": "service name",\r
+ "port": {\r
+ "port": "port value",\r
+ "protocol": "tcp | udp"\r
+ }\r
+ "protocol value": "protocol value",\r
+ "icmp-block name": "icmptype name",\r
+ "Masquerade": true|false,\r
+ "icmp-type": "icmptype name",\r
+ "forward-port": {\r
+ "port": "port value",\r
+ "protocol": "tcp | udp",\r
+ "to-port": "port value",\r
+ "to-addr": "address"\r
+ },\r
+ "source-port": {\r
+ "port": "port value",\r
+ "protocol": "tcp | udp"\r
+ },\r
+ "log": {\r
+ "prefix": "prefix text",\r
+ "level": "emerg | alert | crit | error | warning | notice | info | debug",\r
+ "limit value": "rate/duration"\r
+ },\r
+ "audit": {\r
+ "limit value": "rate/duration"\r
+ },\r
+ "accept" : {\r
+ "limit value": "rate/duration"\r
+ } | "reject": {\r
+ "type": "reject type",\r
+ "limit value": "rate/duration"\r
+ } | "drop": {\r
+ "limit value": "rate/duration"\r
+ } | "mark": {\r
+ "set": "mark[/mask]",\r
+ "limit value": "rate/duration"\r
+ }\r
+}</string>\r
</stringTable>\r
<presentationTable>\r
<presentation id="POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061">\r
<defaultValue>Welcome to \s \r \l</defaultValue>\r
</textBox>\r
</presentation>\r
+ <presentation id="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978">\r
+ <listBox refId="LST_5B9AE80A_6529_4313_A9A1_764DF5320930">Firewalld Zones</listBox>\r
+ </presentation>\r
+ <presentation id="POL_B21F349F_4BF6_473E_8452_047D714F156C">\r
+ <textBox refId="TXT_76109A0B_AA79_4F69_ADFC_2B3CA52763D2">\r
+ <label>Firewalld Rules</label>\r
+ <defaultValue>{}</defaultValue>\r
+ </textBox>\r
+ </presentation>\r
</presentationTable>\r
</resources>\r
</policyDefinitionResources>\r
<category displayName="$(string.CAT_10827749_64ED_5052_87F7_E81AD421856A)" name="CAT_10827749_64ED_5052_87F7_E81AD421856A">\r
<parentCategory ref="CAT_3338C1DD_8A00_4273_8547_158D8B8C19E9"/>\r
</category>\r
+ <category name="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9" displayName="$(string.CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9)">\r
+ <parentCategory ref="CAT_7D8D7DC8_5A9D_4BE1_8227_F09CDD5AFFC6" />\r
+ </category>\r
</categories>\r
<policies>\r
<policy name="POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061" class="Both" displayName="$(string.POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061)" explainText="$(string.POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061_Help)" presentation="$(presentation.POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061)" key="Software\Policies\Samba\Unix Settings">\r
<text id="TXT_8075D9EA_6E15_4B2A_833A_B918EE90856F" key="Software\Policies\Samba\Unix Settings\Messages" valueName="issue" />\r
</elements>\r
</policy>\r
+ <policy name="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978" class="Machine" displayName="$(string.POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978)" explainText="$(string.POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978_Help)" presentation="$(presentation.POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978)" key="Software\Policies\Samba\Unix Settings\Firewalld" valueName="Zones">\r
+ <parentCategory ref="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9" />\r
+ <supportedOn ref="SUPPORTED_SAMBA_4_16" />\r
+ <elements>\r
+ <list id="LST_5B9AE80A_6529_4313_A9A1_764DF5320930" key="Software\Policies\Samba\Unix Settings\Firewalld\Zones" />\r
+ </elements>\r
+ </policy>\r
+ <policy name="POL_B21F349F_4BF6_473E_8452_047D714F156C" class="Machine" displayName="$(string.POL_B21F349F_4BF6_473E_8452_047D714F156C)" explainText="$(string.POL_B21F349F_4BF6_473E_8452_047D714F156C_Help)" presentation="$(presentation.POL_B21F349F_4BF6_473E_8452_047D714F156C)" key="Software\Policies\Samba\Unix Settings\Firewalld" valueName="Rules">\r
+ <parentCategory ref="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9" />\r
+ <supportedOn ref="SUPPORTED_SAMBA_4_16" />\r
+ <elements>\r
+ <text id="TXT_76109A0B_AA79_4F69_ADFC_2B3CA52763D2" key="Software\Policies\Samba\Unix Settings\Firewalld\Rules" valueName="Rules" />\r
+ </elements>\r
+ </policy>\r
</policies>\r
</policyDefinitions>\r
projects / thirdparty / samba.git / commitdiff
