Age | Commit message (Collapse) | Author |
|
T6188: add description to show firewall
|
|
For readability in console sessions, moved the description column to only be shown in the detail view.
Changed wrapping in the detail view for description to 65 characters to prevent full line wrapping in console sessions.
|
|
found using "git ls-files *.py | xargs pylint | grep W0611"
|
|
- modified: src/op_mode/firewall.py
Changed behavior of "show firewall" for specific rule to only show rule and not also default-action
|
|
- Added show firewall <sections> detail paths
modified: src/op_mode/firewall.py
- Added Description as a header to normal "show firewall" commands
- Added 'detail' view which shows the output in a list key-pair format
Description column was added for these commands and their subsections:
show firewall statistics
show firewall groups
show firewall <family>
Detail view was added for these commands:
show firewall bridge forward filter detail
show firewall bridge forward filter rule <rule#> detail
show firewall bridge name <chain> detail
show firewall bridge name <chain> rule <rule#> detail
show firewall ipv4 forward filter detail
show firewall ipv4 forward filter rule <rule#> detail
show firewall ipv4 input filter detail
show firewall ipv4 input filter rule <rule#> detail
show firewall ipv4 output filter detail
show firewall ipv4 output filter rule <rule#> detail
show firewall ipv4 name <chain> detail
show firewall ipv4 name <chain> rule <rule#> detail
show firewall ipv6 forward filter detail
show firewall ipv6 forward filter rule <rule#> detail
show firewall ipv6 input filter detail
show firewall ipv6 input filter rule <rule#> detail
show firewall ipv6 output filter detail
show firewall ipv6 output filter rule <rule#> detail
show firewall ipv6 name <chain> detail
show firewall ipv6 name <chain> rule <rule#> detail
show firewall group detail
show firewall group <group> detail
|
|
|
|
appropiate commands to populate such groups using source and destination address of the packet.
|
|
to be able to catch logs using separte rule for default-action
|
|
default actions and extend references for firewall groups
|
|
|
|
The `rule` key could be not exists in the entry of the dictionary
for examppe `{'default_action': 'drop'}`
Fix it
|
|
easy to read, and we get uniform output for both families, and will look the same when working with inet family in the future. Fix output of geo-ip matchers. Fix output for default-action rules: display N/A for counters in base chains, since they are not available.Change from N/A to N/D for empty groups, and for groups which found no reference in config
|
|
|
|
specified (correct ::/0 for ipv6). Also, add columns for inbound and outbound interfaces
|
|
correct reference in source/destination column
|
|
|
|
show_firewall_group.
|
|
|
|
|
|
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process
* T5195: use read_file and write_file implementation from vyos.utils.file
Changed code automatically using:
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} +
find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} +
* T5195: move chmod* helpers to vyos.utils.permission
* T5195: use colon_separated_to_dict from vyos.utils.dict
* T5195: move is_systemd_service_* to vyos.utils.process
* T5195: fix boot issues with missing imports
* T5195: move dict_search_* helpers to vyos.utils.dict
* T5195: move network helpers to vyos.utils.network
* T5195: move commit_* helpers to vyos.utils.commit
* T5195: move user I/O helpers to vyos.utils.io
|
|
show firewall name <name> will output an error as explained in
https://phabricator.vyos.net/T4794
|
|
table name
|
|
|
|
|
|
|
|
items sorted and one per line
|
|
|