From 2ae3de0848dee0f3da28727fc30e2beeecd412e1 Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Wed, 27 Sep 2023 17:41:14 +0000 Subject: T5616: firewall: add option to be able to match firewall marks in firewall filter and in policy route. --- .../include/firewall/common-rule-inet.xml.i | 1 + .../include/firewall/firewall-mark.xml.i | 26 ++++++++++++++++++++++ .../include/policy/route-common.xml.i | 1 + 3 files changed, 28 insertions(+) create mode 100644 interface-definitions/include/firewall/firewall-mark.xml.i (limited to 'interface-definitions/include') diff --git a/interface-definitions/include/firewall/common-rule-inet.xml.i b/interface-definitions/include/firewall/common-rule-inet.xml.i index 872abe6cc..a55a1a551 100644 --- a/interface-definitions/include/firewall/common-rule-inet.xml.i +++ b/interface-definitions/include/firewall/common-rule-inet.xml.i @@ -3,6 +3,7 @@ #include #include #include +#include #include #include #include diff --git a/interface-definitions/include/firewall/firewall-mark.xml.i b/interface-definitions/include/firewall/firewall-mark.xml.i new file mode 100644 index 000000000..36a939ba3 --- /dev/null +++ b/interface-definitions/include/firewall/firewall-mark.xml.i @@ -0,0 +1,26 @@ + + + + Firewall mark + + u32:0-2147483647 + Firewall mark to match + + + !u32:0-2147483647 + Inverted Firewall mark to match + + + <start-end> + Firewall mark range to match + + + !<start-end> + Firewall mark inverted range to match + + + + + + + \ No newline at end of file diff --git a/interface-definitions/include/policy/route-common.xml.i b/interface-definitions/include/policy/route-common.xml.i index 6551d23ab..8eab04d4a 100644 --- a/interface-definitions/include/policy/route-common.xml.i +++ b/interface-definitions/include/policy/route-common.xml.i @@ -1,6 +1,7 @@ #include #include +#include Option to disable firewall rule -- cgit v1.2.3