docs: rdr: add docs for table as source

2025-12-11 09:29:55 +01:00 · 2025-06-18 19:00:09 -06:00
parent ae39ededbb
commit aed09d68b9
1 changed files with 8 additions and 5 deletions
--- a/docs/chapters/subcommands/rdr.rst
+++ b/docs/chapters/subcommands/rdr.rst
@@ -35,8 +35,8 @@ The ``rdr`` command includes 4 additional options:
 .. code-block:: shell

    -i | --interface   [interface]               Set the interface to create the rdr rule on. Useful if you have multiple interfaces.
-    -s | --source      [source ip]               Limit rdr to a source IP. Useful to only allow access from a certian IP or subnet.
-    -d | --destination [destination ip]          Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
+    -s | --source      [source]                  Limit rdr to a source IP or table. Useful to only allow access from certain sources.
+    -d | --destination [destination]             Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
    -t | --type        [ipv4|ipv6]               Specify IP type. Must be used if -s or -d are used. Defaults to both.

 .. code-block:: shell
@@ -68,6 +68,9 @@ The options can be used together, as seen above.
 If you have multiple interfaces assigned to your jail, ``bastille rdr`` will
 only redirect using the default one.

+It is also possible to specify a pf table as the source, providing it exists. Simply use the table
+name instead of an IP address or subnet.
+
 .. code-block:: shell

  # bastille rdr --help
@@ -76,7 +79,7 @@ only redirect using the default one.
      Options:

      -i | --interface   [interface]               Set the interface to create the rdr rule on. Useful if you have multiple interfaces.
-      -s | --source      [source ip]               Limit rdr to a source IP. Useful to only allow access from a certian IP or subnet.
-      -d | --destination [destination ip]          Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
+      -s | --source      [source]                  Limit rdr to a source IP or table. Useful to only allow access from certain sources.
+      -d | --destination [destination]             Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
      -t | --type        [ipv4|ipv6]               Specify IP type. Must be used if -s or -d are used. Defaults to both.
-      -x | --debug                                 Enable debug mode.
+      -x | --debug                                 Enable debug mode.