> ## Documentation Index > Fetch the complete documentation index at: https://docs.siderolabs.com/llms.txt > Use this file to discover all available pages before exploring further. > NetworkRuleConfig is a network firewall rule config document. # NetworkRuleConfig export const VersionWarningBanner = () => { const latestVersion = "v1.13"; const [latestUrl, setLatestUrl] = useState(null); const [currentVersion, setCurrentVersion] = useState(null); const [isBeta, setIsBeta] = useState(false); const parseVersion = v => v.replace("v", "").split(".").map(Number); const isGreaterVersion = (a, b) => { const [aMajor, aMinor] = parseVersion(a); const [bMajor, bMinor] = parseVersion(b); if (aMajor > bMajor) return true; if (aMajor === bMajor && aMinor > bMinor) return true; return false; }; useEffect(() => { if (typeof window === "undefined") return; const {pathname, hash, search} = window.location; const match = pathname.match(/\/talos\/(v\d+\.\d+)\//); if (!match) return; const detectedVersion = match[1]; if (detectedVersion === latestVersion) return; setCurrentVersion(detectedVersion); if (isGreaterVersion(detectedVersion, latestVersion)) { setIsBeta(true); } const newPath = pathname.replace(`/talos/${detectedVersion}/`, `/talos/${latestVersion}/`); setLatestUrl(`${newPath}${search}${hash}`); }, []); if (!latestUrl || !currentVersion) return null; return
{isBeta ? <> ⚠️ You are viewing a beta version of Talos ({currentVersion}). This version may be unstable. View latest stable version {latestVersion} → : <> ⚠️ You are viewing an older version of Talos ({currentVersion}). View the latest version {latestVersion} → }
; }; ```yaml theme={null} apiVersion: v1alpha1 kind: NetworkRuleConfig name: ingress-apid # Name of the config document. # Port selector defines which ports and protocols on the host are affected by the rule. portSelector: # Ports defines a list of port ranges or single ports. ports: - 50000 protocol: tcp # Protocol defines traffic protocol (e.g. TCP or UDP). # Ingress defines which source subnets are allowed to access the host ports/protocols defined by the `portSelector`. ingress: - subnet: 192.168.0.0/16 # Subnet defines a source subnet. ```
Field Type Description Value(s)
`name` string Name of the config document.
`portSelector` RulePortSelector Port selector defines which ports and protocols on the host are affected by the rule.
`ingress` IngressRule Ingress defines which source subnets are allowed to access the host ports/protocols defined by the `portSelector`.
## portSelector RulePortSelector is a port selector for the network rule.
Field Type Description Value(s)
`ports` PortRanges Ports defines a list of port ranges or single ports.
The port ranges are inclusive, and should not overlap.
`protocol` Protocol Protocol defines traffic protocol (e.g. TCP or UDP). `tcp`
`udp`
`icmp`
`icmpv6`
## ingress\[] IngressRule is a ingress rule.
Field Type Description Value(s)
`subnet` Prefix Subnet defines a source subnet.
`except` Prefix Except defines a source subnet to exclude from the rule, it gets excluded from the `subnet`.