Inbound

content/en/docs/reference/rules/default-macros/inbound.md

latest229 B

yaml

- macro: inbound
  condition: >
    ((evt.type in (accept,listen)) or
     (fd.typechar = 4 or fd.typechar = 6) and
     (fd.ip != "0.0.0.0" and fd.net != "127.0.0.0/8") and (evt.rawres >= 0 or evt.res = EINPROGRESS))