Provided by: firewalld_2.3.0-1_all bug

NAME

       firewalld.helper - firewalld helper configuration files

SYNOPSIS

       /etc/firewalld/helpers/helper.xml
       /usr/lib/firewalld/helpers/helper.xml

DESCRIPTION

       A firewalld helper configuration file provides the information of a helper entry for
       firewalld. The most important configuration options are ports, family and module.

       This example configuration file shows the structure of a helper configuration file:

           <?xml version="1.0" encoding="utf-8"?>
           <helper module="nf_conntrack_module" [family="ipv4|ipv6"]>
             <short>short</short>
             <description>description</description>
             <port portid[-portid]" protocol="tcp|udp|sctp|dccp"/>
           </helper>

OPTIONS

       The config can contain these tags and attributes. Some of them are mandatory, others
       optional.

   helper
       The mandatory helper start and end tag defines the helper. This tag can only be used once
       in a helper configuration file. There is one mandatory and also optional attributes for
       helper:

       module="string"
           The mandatory module of the helper. This is one of the netfilter conntrack helper
           modules. The name starts with nf_conntrack_.

       family="ipv4|ipv6"
           The optional family of the helper. This can be one of these ipv types: ipv4 or ipv6.
           If the family is not specified, then the helper is usable for IPv4 and IPv6.

       version="string"
           To give the helper a version.

   short
       Is an optional start and end tag and is used to give a helper a more readable name.

   description
       Is an optional start and end tag to have a description for a helper.

   port
       Is an mandatory empty-element tag and can be used several times to have more than one port
       entry. All attributes of a port entry are mandatory:

       port="string"
           The port string can be a single port number or a port range portid-portid or also
           empty to match a protocol only.

       protocol="string"
           The protocol value can either be tcp, udp, sctp or dccp.

SEE ALSO

       firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5),
       firewalld.direct(5), firewalld.dbus(5), firewalld.icmptype(5), firewall-offline-cmd(1),
       firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5), firewalld.zones(5),
       firewalld.policy(5), firewalld.policies(5), firewalld.ipset(5), firewalld.helper(5)

NOTES

       firewalld home page:
           http://firewalld.org

AUTHORS

       Thomas Woerner <twoerner@redhat.com>
           Developer

       Jiri Popelka <jpopelka@redhat.com>
           Developer

       Eric Garver <eric@garver.life>
           Developer