From df5a862beb84145dfc8434efde7d7fee783199cf Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Thu, 13 Jan 2022 12:58:37 +0100
Subject: firewall: T4178: Use lowercase for TCP flags and add an validator
---
.../include/firewall/common-rule.xml.i | 34 ++++++++++++++++++++--
.../include/policy/route-common-rule-ipv6.xml.i | 34 ++++++++++++++++++++--
.../include/policy/route-common-rule.xml.i | 34 ++++++++++++++++++++--
3 files changed, 96 insertions(+), 6 deletions(-)
(limited to 'interface-definitions/include')
diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i
index 92950cc68..6e8203c88 100644
--- a/interface-definitions/include/firewall/common-rule.xml.i
+++ b/interface-definitions/include/firewall/common-rule.xml.i
@@ -274,12 +274,42 @@
TCP flags to match
txt
- TCP flags to match
+ Multiple comma-separated flags
+
+
+ syn
+ Syncronise flag
+
+
+ ack
+ Acknowledge flag
+
+
+ fin
+ Finish flag
+
+
+ rst
+ Reset flag
+
+
+ urg
+ Urgent flag
+
+
+ psh
+ Push flag
- \n\n Allowed values for TCP flags : SYN ACK FIN RST URG PSH ALL\n When specifying more than one flag, flags should be comma-separated.\n For example : value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset
+ \n When specifying more than one flag, flags should be comma-separated.\n For example: value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset
+
+ syn ack fin rst urg psh
+
+
+
+
diff --git a/interface-definitions/include/policy/route-common-rule-ipv6.xml.i b/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
index 2d6adcd1d..b8fee4b7b 100644
--- a/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
+++ b/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
@@ -330,12 +330,42 @@
TCP flags to match
txt
- TCP flags to match
+ Multiple comma-separated flags
+
+
+ syn
+ Syncronise flag
+
+
+ ack
+ Acknowledge flag
+
+
+ fin
+ Finish flag
+
+
+ rst
+ Reset flag
+
+
+ urg
+ Urgent flag
+
+
+ psh
+ Push flag
- \n\n Allowed values for TCP flags : SYN ACK FIN RST URG PSH ALL\n When specifying more than one flag, flags should be comma-separated.\n For example : value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset
+ \n When specifying more than one flag, flags should be comma-separated.\n For example: value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset
+
+ syn ack fin rst urg psh
+
+
+
+
diff --git a/interface-definitions/include/policy/route-common-rule.xml.i b/interface-definitions/include/policy/route-common-rule.xml.i
index c4deefd2a..17b47474d 100644
--- a/interface-definitions/include/policy/route-common-rule.xml.i
+++ b/interface-definitions/include/policy/route-common-rule.xml.i
@@ -330,12 +330,42 @@
TCP flags to match
txt
- TCP flags to match
+ Multiple comma-separated flags
+
+
+ syn
+ Syncronise flag
+
+
+ ack
+ Acknowledge flag
+
+
+ fin
+ Finish flag
+
+
+ rst
+ Reset flag
+
+
+ urg
+ Urgent flag
+
+
+ psh
+ Push flag
- \n\n Allowed values for TCP flags : SYN ACK FIN RST URG PSH ALL\n When specifying more than one flag, flags should be comma-separated.\n For example : value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset
+ \n When specifying more than one flag, flags should be comma-separated.\n For example: value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset
+
+ syn ack fin rst urg psh
+
+
+
+
--
cgit v1.2.3