From e29660b357d59afa6f14a799626fcab4d495b758 Mon Sep 17 00:00:00 2001 From: Markus Makela Date: Wed, 16 Mar 2016 21:15:38 +0200 Subject: [PATCH] Added missing dbfwfilter syntax documentation The `allow` keyword can be used to substitute the `deny` keyword but this was not documented. Also the fact that neither of them affect the actual behavior of the filter was not very clearly stated. --- Documentation/Filters/Database-Firewall-Filter.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Documentation/Filters/Database-Firewall-Filter.md b/Documentation/Filters/Database-Firewall-Filter.md index 3e17e4943..f56f95b20 100644 --- a/Documentation/Filters/Database-Firewall-Filter.md +++ b/Documentation/Filters/Database-Firewall-Filter.md @@ -60,7 +60,12 @@ rule NAME deny [wildcard | columns VALUE ... | Rules always define a blocking action so the basic mode for the database firewall filter is to allow all queries that do not match a given set of rules. Rules are identified by their name and have a mandatory part and optional parts. You can add comments to the rule files by adding the `#` character at the beginning of the line. -The first step of defining a rule is to start with the keyword `rule` which identifies this line of text as a rule. The second token is identified as the name of the rule. After that the mandatory token `deny` is required to mark the start of the actual rule definition. +The first step of defining a rule is to start with the keyword `rule` which +identifies this line of text as a rule. The second token is identified as +the name of the rule. After that one of the mandatory action tokens, `deny` or +`allow`, is required to mark the start of the actual rule definition. Both +`deny` and `allow` function in the same way and the actual behavior of +the filter is determined by the `action` parameter. ### Mandatory rule parameters