firewalld.helper
Name
firewalld.helper — firewalld helper configuration files
Synopsis
/etc/firewalld/helpers/helper.xml/usr/lib/firewalld/helpers/helper.xml
Description
A firewalld helper configuration file provides the information of a helper entry for firewalld. The most important configuration options are ports, family and module.
This example configuration file shows the structure of a helper configuration file:<?xml version="1.0" encoding="utf-8"?> <helper module="nf_conntrack_module" [family="ipv4|ipv6"]> <short>short</short> <description>description</description> <portportid[-portid]" protocol="tcp|udp|sctp|dccp"/> </helper>
Options
The config can contain these tags and attributes. Some of them are mandatory, others optional.
helper
The mandatory helper start and end tag defines the helper. This tag can only be used once in a helper configuration file. There is one mandatory and also optional attributes for helper:module=" string"The mandatory module of the helper. This is one of the netfilter conntrack helper modules. The name starts with
nf_conntrack_.family=" ipv4|ipv6"The optional family of the helper. This can be one of these ipv types:
ipv4oripv6. If the family is not specified, then the helper is usable forIPv4andIPv6.version=" string"To give the helper a version.
port
Is an mandatory empty-element tag and can be used several times to have more than one port entry. All attributes of a port entry are mandatory:port=" string"The port
stringcan be a single port number or a port rangeportid-portidor also empty to match a protocol only.protocol=" string"The protocol value can either be
tcp,udp,sctpordccp.
See Also
firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.dbus(5), firewalld.icmptype(5), firewalld.lockdown-whitelist(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5), firewalld.zones(5), firewalld.policy(5), firewalld.policies(5), firewalld.ipset(5), firewalld.helper(5)