enable |
Enum with the following possible values: true , false |
Whether to enable restrictions or not. Default is true . |
mode |
Enum with the following possible values: monitor , block |
If monitor is specified, events are only logged. If block is specified, network access is blocked. |
target |
Enum with the following possible values: host , container |
Selecting host applies the restriction to the host-wide. Selecting container will apply the restriction only to containers. |
cidr |
List containing the following sub-keys:
allow: [cidr list] deny: [cidr list] |
Allow or Deny CIDRs. |
domain |
List containing the following sub-keys:
allow: [domain list] deny: [domain list] |
Allow or Deny Domains. |
command |
List containing the following sub-keys:
allow: [command list] deny: [command list] |
Allow or Deny commands. |
uid |
List containing the following sub-keys:
allow: [uid list] deny: [uid list] |
Allow or Deny uids. |
gid |
List containing the following sub-keys:
allow: [gid list] deny: [gid list] |
Allow or Deny gids. |