From fdeba8da3e99256fe449e331d0b833a941315226 Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Wed, 28 Jul 2021 12:03:21 +0200
Subject: firewall: T2199: Migrate firewall to XML/Python
---
.../include/firewall/action.xml.i | 16 ++++---
.../include/firewall/common-rule.xml.i | 54 ++++++++++++++++------
.../firewall/source-destination-group-ipv6.xml.i | 33 +++++++++++++
.../firewall/source-destination-group.xml.i | 9 ++++
4 files changed, 91 insertions(+), 21 deletions(-)
create mode 100644 interface-definitions/include/firewall/source-destination-group-ipv6.xml.i
(limited to 'interface-definitions/include/firewall')
diff --git a/interface-definitions/include/firewall/action.xml.i b/interface-definitions/include/firewall/action.xml.i
index 230f590cb..4ba93e3aa 100644
--- a/interface-definitions/include/firewall/action.xml.i
+++ b/interface-definitions/include/firewall/action.xml.i
@@ -3,18 +3,22 @@
Rule action [REQUIRED]
- permit deny
+ accept reject drop
- permit
- Permit matching entries
+ accept
+ Accept matching entries
- deny
- Deny matching entries
+ reject
+ Reject matching entries
+
+
+ drop
+ Drop matching entries
- ^(permit|deny)$
+ ^(accept|reject|drop)$
diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i
index a59c0b390..415b6bf00 100644
--- a/interface-definitions/include/firewall/common-rule.xml.i
+++ b/interface-definitions/include/firewall/common-rule.xml.i
@@ -55,7 +55,7 @@
Maximum number of packets to allow in excess of rate
u32:0-4294967295
- burst__change_me
+ Maximum number of packets to allow in excess of rate
@@ -67,7 +67,7 @@
Maximum average matching rate
u32:0-4294967295
- rate__change_me
+ Maximum average matching rate
@@ -121,7 +121,6 @@
- all
@@ -285,40 +284,65 @@
Time to match rule
-
-
- Monthdays to match rule on
-
-
Date to start matching rule
+
+ txt
+ Enter date using following notation - YYYY-MM-DD
+
+
+ ^(\d{4}\-\d{2}\-\d{2})$
+
Time of day to start matching rule
+
+ txt
+ Enter time using using 24 hour notation - hh:mm:ss
+
+
+ ^([0-2][0-9](\:[0-5][0-9]){1,2})$
+
Date to stop matching rule
+
+ txt
+ Enter date using following notation - YYYY-MM-DD
+
+
+ ^(\d{4}\-\d{2}\-\d{2})$
+
Time of day to stop matching rule
-
-
-
-
- Interpret times for startdate, stopdate, starttime and stoptime to be UTC
-
+
+ txt
+ Enter time using using 24 hour notation - hh:mm:ss
+
+
+ ^([0-2][0-9](\:[0-5][0-9]){1,2})$
+
- Weekdays to match rule on
+ Comma separated weekdays to match rule on
+
+ txt
+ Name of day (Monday, Tuesday, Wednesday, Thursdays, Friday, Saturday, Sunday)
+
+
+ u32:0-6
+ Day number (0 = Sunday ... 6 = Saturday)
+
diff --git a/interface-definitions/include/firewall/source-destination-group-ipv6.xml.i b/interface-definitions/include/firewall/source-destination-group-ipv6.xml.i
new file mode 100644
index 000000000..7815b78d4
--- /dev/null
+++ b/interface-definitions/include/firewall/source-destination-group-ipv6.xml.i
@@ -0,0 +1,33 @@
+
+
+
+ Group
+
+
+
+
+ Group of addresses
+
+ firewall group ipv6-address-group
+
+
+
+
+
+ Group of networks
+
+ firewall group ipv6-network-group
+
+
+
+
+
+ Group of ports
+
+ firewall group port-group
+
+
+
+
+
+
diff --git a/interface-definitions/include/firewall/source-destination-group.xml.i b/interface-definitions/include/firewall/source-destination-group.xml.i
index 30226b0d8..9a9bed0fe 100644
--- a/interface-definitions/include/firewall/source-destination-group.xml.i
+++ b/interface-definitions/include/firewall/source-destination-group.xml.i
@@ -7,16 +7,25 @@
Group of addresses
+
+ firewall group address-group
+
Group of networks
+
+ firewall group network-group
+
Group of ports
+
+ firewall group port-group
+
--
cgit v1.2.3