NSXv¶

Header Format¶

The nsx header designation has the following format:

targets:
    nsxv: {section_name} {inet|inet6|mixed} section-id securitygroup securitygroupId

• section_name: specifies the name of the section all terms in this header apply to.
• inet: specifies that the resulting filter should only render IPv4 addresses.
• inet6: specifies that the resulting filter should only render IPv6 addresses.
• mixed: specifies that the resulting filter should render both IPv4 and IPv6 addresses.
• sectionId: specifies the Id for the section (optional)
• securitygroup: specifies that the appliedTo should be security group (optional)
• securitygroupId: specifies the Id of the security group (mandatory if securitygroup is given)

(Required keywords option and verbatim are not supported in NSX)

Term Format¶

• for common keys see common.md

• destination-exclude: Exclude one or more address tokens from the specified destination-address

• logging: Specify that this packet should be logged via syslog.
• source-exclude: exclude one or more address tokens from the specified source-address.
• verbatim: this specifies that the text enclosed within quotes should be rendered into the output without interpretation or modification. This is sometimes used as a temporary workaround while new required features are being added.

Sub Tokens¶

Actions¶

• accept
• deny
• reject
• reject-with-tcp-rst