From 11ed8abfdef28a3dbdb8e9bc944a9a6e0efaed64 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Wed, 1 Dec 2021 10:28:00 +0100
Subject: [PATCH] Firewall - make some room for more generic topics and start
 explaining the different address types.

---
 source/firewall.rst                |  1 +
 source/manual/firewall_generic.rst | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 source/manual/firewall_generic.rst

diff --git a/source/firewall.rst b/source/firewall.rst
index 38f9a48d..556fc38e 100644
--- a/source/firewall.rst
+++ b/source/firewall.rst
@@ -16,6 +16,7 @@ These are all combined in the firewall section.
    :maxdepth: 2
    :titlesonly:
 
+   manual/firewall_generic
    manual/aliases
    manual/firewall_categories
    manual/firewall_groups
diff --git a/source/manual/firewall_generic.rst b/source/manual/firewall_generic.rst
new file mode 100644
index 00000000..cc98e00a
--- /dev/null
+++ b/source/manual/firewall_generic.rst
@@ -0,0 +1,29 @@
+===========================
+Generic info
+===========================
+
+This chapter explains some of the concepts that are being used in different modules of our firewall system and
+therefore don't belong to a specific section of this topic.
+
+
+-----------------------------------------
+Address types
+-----------------------------------------
+
+When choosing source and or destination addresses, the user can choose several options depending on the context.
+To explain what the different options mean when being presented, we will sum them up below:
+
+========================================================================================================================================================
+
+====================================  ==================================================================================================================
+Alias                                 Flexible type of network or address definition for easy reuse, expained in
+                                      :doc:`aliases </manual/aliases>`
+Single host or network                Standard host or network in `CIDR notation <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing>`__
+any                                   All IPv4 and/or IPv6 addresses (in the world)
+This Firewall                         All IPv4 and/or IPv6 addresses assigned to this firewall
+[Interface] Network                   All networks assigned to the physical interface, this will include networks of virtual addresses assigned as well
+                                      ([Interface] is explained in the :doc:`interfaces </manual/interfaces>` topic). Normally used to allow traffic
+                                      from or to clients connected to a specific interface.
+[Interface] Address                   All addresses configured on an interface, this includes all virtual (alias) addresses as well.
+Virtual IPs                           Explicit selection for addresses defined in :doc:`Virtual IPs </manual/firewall_vip>`
+====================================  ==================================================================================================================