docs: fix incorrect info about routed networks

In a recent expansion of the documentation on network forward modes, I incorrectly stated that incoming sessions to guests on routed networks were blocked. This is true for guests on NATed networks, but not routed. This patch corrects that error, and adds a pointer to the nwfilter page for those who do want to restrict incoming sessions to hosts on routed networks.
2025-03-21 10:50:24 +03:00 · 2011-10-20 15:26:30 -04:00 · 2011-10-20 15:26:30 -04:00 · 52e3b3d1bb
commit 52e3b3d1bb
parent 755a09b579
1 changed files with 6 additions and 6 deletions
--- a/docs/formatnetwork.html.in
+++ b/docs/formatnetwork.html.in
@ -134,12 +134,12 @@
            attribute is set, firewall rules will restrict forwarding
            to the named device only. This presumes that the local LAN
            router has suitable routing table entries to return
-            traffic to this host. Firewall rules are also installed
-            that prevent incoming sessions from the physical network
-            to the guests, but outgoing sessions are unrestricted (as
-            are sessions from the host to the guests, and between
-            guests on the same network.)<span class="since">Since
-            0.4.2</span>
+            traffic to this host. All incoming and outgoing sessions
+            to guest on these networks are unrestricted. (To restrict
+            incoming traffic to a guest on a routed network, you can
+            configure <a href="formatnwfilter.html">nwfilter rules</a>
+            on the guest's interfaces.)
+            <span class="since">Since 0.4.2</span>
          </dd>

          <dt><code>bridge</code></dt>