pcn-firewall: update documents to transparent cube

mauriciovasquezbernal · mauriciovasquezbernal · commit b36a05ae2fb1 · 2019-05-09T16:25:57.000-05:00
pcn-firewall is now transparent, update documentation to reflect it

Signed-off-by: Mauricio Vasquez B &lt;mauriciovasquezbernal@gmail.com&gt;
diff --git a/Documentation/services/pcn-firewall/firewall.rst b/Documentation/services/pcn-firewall/firewall.rst
@@ -1,7 +1,9 @@
 Firewall
 ========
 
-This service is a transparent firewall, it can be connected between two interfaces, and it may drop or forward each packet that matches one of the defined rules, based on the source and destination IPv4 addresses, level 4 protocol and ports, and TCP flags. Policy rules can include one or more of the above fields; if a given field is missing, its content is influent for the matching. *Packets that are not ip are forwarded without any check*.
+This service is a transparent firewall, it can be attached to a port or a netdev, and it may drop or forward each packet that matches one of the defined rules, based on the source and destination IPv4 addresses, level 4 protocol and ports, and TCP flags.
+Policy rules can include one or more of the above fields; if a given field is missing, its content is influent for the matching.
+*Packets that are not ip are forwarded without any check*.
 
 Features
 --------
@@ -24,13 +26,10 @@ Supported features:
 How to use
 ----------
 
-Ingress ad egress chains and ports
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+Ingress ad egress chains
+^^^^^^^^^^^^^^^^^^^^^^^^
 
-The service is based on the ingress and egress chains and ports idea.
-The ``ingress port`` is by default the first port created, the ``egress port`` is by default the second port created. They can be changed respectively by issuing the commands ``polycubectl firewall fwname set ingress-port=portname`` and ``polycubectl firewall fwname set egress-port=portname``.
-The ``ingress chain`` processes all the traffic coming from the ingress port, and either drops it or forwards it to the egress port.
-The ``egress chain`` processes all the traffic coming from the egress port, and either drops it or forwards it to the ingress port.
+The service is based on the ingress and egress chains.
 Ingress and egress chains are independent and have two different policy sets.
 
 Rule insertion
