diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-01-05 12:13:17 +0000 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-02-01 20:22:26 +0000 |
| commit | 3ce9583b9420ed72cf45728f439f00b1c4cf5800 (patch) | |
| tree | fa903955d30ca32944bf0b89daf33f928760eb23 /interface-definitions/include/firewall/common-rule-ipv4.xml.i | |
| parent | 9109a5603963216180f6d6fe09820ee1ba227ade (diff) | |
| download | vyos-1x-3ce9583b9420ed72cf45728f439f00b1c4cf5800.tar.gz vyos-1x-3ce9583b9420ed72cf45728f439f00b1c4cf5800.zip | |
T4839: firewall: Add dynamic address group in firewall configuration, and appropiate commands to populate such groups using source and destination address of the packet.
(cherry picked from commit 6ce5fedb602c5ea0df52049a5e9c4fb4f5a86122)
Diffstat (limited to 'interface-definitions/include/firewall/common-rule-ipv4.xml.i')
| -rw-r--r-- | interface-definitions/include/firewall/common-rule-ipv4.xml.i | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/common-rule-ipv4.xml.i b/interface-definitions/include/firewall/common-rule-ipv4.xml.i index 4ed179ae7..158c7a662 100644 --- a/interface-definitions/include/firewall/common-rule-ipv4.xml.i +++ b/interface-definitions/include/firewall/common-rule-ipv4.xml.i @@ -1,6 +1,29 @@ <!-- include start from firewall/common-rule-ipv4.xml.i --> #include <include/firewall/common-rule-inet.xml.i> #include <include/firewall/ttl.xml.i> +<node name="add-address-to-group"> + <properties> + <help>Add ip address to dynamic address-group</help> + </properties> + <children> + <node name="source-address"> + <properties> + <help>Add source ip addresses to dynamic address-group</help> + </properties> + <children> + #include <include/firewall/add-dynamic-address-groups.xml.i> + </children> + </node> + <node name="destination-address"> + <properties> + <help>Add destination ip addresses to dynamic address-group</help> + </properties> + <children> + #include <include/firewall/add-dynamic-address-groups.xml.i> + </children> + </node> + </children> +</node> <node name="destination"> <properties> <help>Destination parameters</help> @@ -13,6 +36,7 @@ #include <include/firewall/mac-address.xml.i> #include <include/firewall/port.xml.i> #include <include/firewall/source-destination-group.xml.i> + #include <include/firewall/source-destination-dynamic-group.xml.i> </children> </node> <node name="icmp"> @@ -67,6 +91,7 @@ #include <include/firewall/mac-address.xml.i> #include <include/firewall/port.xml.i> #include <include/firewall/source-destination-group.xml.i> + #include <include/firewall/source-destination-dynamic-group.xml.i> </children> </node> <!-- include end -->
\ No newline at end of file |