summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2023-10-25 11:59:01 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2023-11-01 10:39:10 +0000
commit2b38b45e219e363955b850d90a40564eb4b375c0 (patch)
tree095864603743dc97eac8b401832dbe299df2cdd0 /interface-definitions
parent03e5ab66610770cb58e24aa6e1309264a091d812 (diff)
downloadvyos-1x-2b38b45e219e363955b850d90a40564eb4b375c0.tar.gz
vyos-1x-2b38b45e219e363955b850d90a40564eb4b375c0.zip
T5681: Firewall,Nat and Nat66: simplified and standarize interface matcher firewal, nat and nat66.
(cherry picked from commit 51abbc0f1b2ccf4785cf7f29f1fe6f4af6007ee6)
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/firewall/inbound-interface-no-group.xml.i34
-rw-r--r--interface-definitions/include/firewall/match-interface.xml.i4
-rw-r--r--interface-definitions/include/firewall/outbound-interface-no-group.xml.i34
-rw-r--r--interface-definitions/include/version/firewall-version.xml.i2
-rw-r--r--interface-definitions/include/version/nat-version.xml.i2
-rw-r--r--interface-definitions/include/version/nat66-version.xml.i2
-rw-r--r--interface-definitions/nat66.xml.in19
7 files changed, 75 insertions, 22 deletions
diff --git a/interface-definitions/include/firewall/inbound-interface-no-group.xml.i b/interface-definitions/include/firewall/inbound-interface-no-group.xml.i
new file mode 100644
index 000000000..bcd4c9570
--- /dev/null
+++ b/interface-definitions/include/firewall/inbound-interface-no-group.xml.i
@@ -0,0 +1,34 @@
+<!-- include start from firewall/inbound-interface-no-group.xml.i -->
+<node name="inbound-interface">
+ <properties>
+ <help>Match inbound-interface</help>
+ </properties>
+ <children>
+ <leafNode name="name">
+ <properties>
+ <help>Match interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces</script>
+ <path>vrf name</path>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Interface name</description>
+ </valueHelp>
+ <valueHelp>
+ <format>txt*</format>
+ <description>Interface name with wildcard</description>
+ </valueHelp>
+ <valueHelp>
+ <format>!txt</format>
+ <description>Inverted interface name to match</description>
+ </valueHelp>
+ <constraint>
+ <regex>(\!?)(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)([0-9]?)(\*?)(.+)?|(\!?)lo</regex>
+ <validator name="vrf-name"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<!-- include end --> \ No newline at end of file
diff --git a/interface-definitions/include/firewall/match-interface.xml.i b/interface-definitions/include/firewall/match-interface.xml.i
index 7810f88ab..8be97c3ed 100644
--- a/interface-definitions/include/firewall/match-interface.xml.i
+++ b/interface-definitions/include/firewall/match-interface.xml.i
@@ -1,5 +1,5 @@
<!-- include start from firewall/match-interface.xml.i -->
-<leafNode name="interface-name">
+<leafNode name="name">
<properties>
<help>Match interface</help>
<completionHelp>
@@ -22,7 +22,7 @@
</constraint>
</properties>
</leafNode>
-<leafNode name="interface-group">
+<leafNode name="group">
<properties>
<help>Match interface-group</help>
<completionHelp>
diff --git a/interface-definitions/include/firewall/outbound-interface-no-group.xml.i b/interface-definitions/include/firewall/outbound-interface-no-group.xml.i
new file mode 100644
index 000000000..e3bace42d
--- /dev/null
+++ b/interface-definitions/include/firewall/outbound-interface-no-group.xml.i
@@ -0,0 +1,34 @@
+<!-- include start from firewall/outbound-interface-no-group.xml.i -->
+<node name="outbound-interface">
+ <properties>
+ <help>Match outbound-interface</help>
+ </properties>
+ <children>
+ <leafNode name="name">
+ <properties>
+ <help>Match interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces</script>
+ <path>vrf name</path>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Interface name</description>
+ </valueHelp>
+ <valueHelp>
+ <format>txt*</format>
+ <description>Interface name with wildcard</description>
+ </valueHelp>
+ <valueHelp>
+ <format>!txt</format>
+ <description>Inverted interface name to match</description>
+ </valueHelp>
+ <constraint>
+ <regex>(\!?)(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)([0-9]?)(\*?)(.+)?|(\!?)lo</regex>
+ <validator name="vrf-name"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<!-- include end --> \ No newline at end of file
diff --git a/interface-definitions/include/version/firewall-version.xml.i b/interface-definitions/include/version/firewall-version.xml.i
index dd21bfaca..39f0cdcba 100644
--- a/interface-definitions/include/version/firewall-version.xml.i
+++ b/interface-definitions/include/version/firewall-version.xml.i
@@ -1,3 +1,3 @@
<!-- include start from include/version/firewall-version.xml.i -->
-<syntaxVersion component='firewall' version='11'></syntaxVersion>
+<syntaxVersion component='firewall' version='12'></syntaxVersion>
<!-- include end -->
diff --git a/interface-definitions/include/version/nat-version.xml.i b/interface-definitions/include/version/nat-version.xml.i
index 027216a07..656da6e14 100644
--- a/interface-definitions/include/version/nat-version.xml.i
+++ b/interface-definitions/include/version/nat-version.xml.i
@@ -1,3 +1,3 @@
<!-- include start from include/version/nat-version.xml.i -->
-<syntaxVersion component='nat' version='5'></syntaxVersion>
+<syntaxVersion component='nat' version='7'></syntaxVersion>
<!-- include end -->
diff --git a/interface-definitions/include/version/nat66-version.xml.i b/interface-definitions/include/version/nat66-version.xml.i
index 7b7123dcc..478ca080f 100644
--- a/interface-definitions/include/version/nat66-version.xml.i
+++ b/interface-definitions/include/version/nat66-version.xml.i
@@ -1,3 +1,3 @@
<!-- include start from include/version/nat66-version.xml.i -->
-<syntaxVersion component='nat66' version='1'></syntaxVersion>
+<syntaxVersion component='nat66' version='2'></syntaxVersion>
<!-- include end -->
diff --git a/interface-definitions/nat66.xml.in b/interface-definitions/nat66.xml.in
index 7a8970bdf..a657535ba 100644
--- a/interface-definitions/nat66.xml.in
+++ b/interface-definitions/nat66.xml.in
@@ -38,14 +38,7 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="outbound-interface">
- <properties>
- <help>Outbound interface of NAT66 traffic</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces</script>
- </completionHelp>
- </properties>
- </leafNode>
+ #include <include/firewall/outbound-interface-no-group.xml.i>
#include <include/nat/protocol.xml.i>
<node name="destination">
<properties>
@@ -166,15 +159,7 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="inbound-interface">
- <properties>
- <help>Inbound interface of NAT66 traffic</help>
- <completionHelp>
- <list>any</list>
- <script>${vyos_completion_dir}/list_interfaces</script>
- </completionHelp>
- </properties>
- </leafNode>
+ #include <include/firewall/inbound-interface-no-group.xml.i>
#include <include/nat/protocol.xml.i>
<node name="destination">
<properties>