enable |
Enum with the following possible values: true, false |
Whether to enable restrictions or not. Default is true. |
mode |
Enum with the following possible values: monitor, block |
If monitor is specified, events are only logged. If block is specified, network access is blocked. |
target |
Enum with the following possible values: host, container |
Selecting host applies the restriction to the host-wide. Selecting container will apply the restriction only to containers. |
cidr |
List containing the following sub-keys:
allow: [cidr list]deny: [cidr list] |
Allow or Deny CIDRs. |
domain |
List containing the following sub-keys:
allow: [domain list]deny: [domain list] |
Allow or Deny Domains. |
command |
List containing the following sub-keys:
allow: [command list]deny: [command list] |
Allow or Deny commands. |
uid |
List containing the following sub-keys:
allow: [uid list]deny: [uid list] |
Allow or Deny uids. |
gid |
List containing the following sub-keys:
allow: [gid list]deny: [gid list] |
Allow or Deny gids. |