diff options
| author | Mohit Mehta <mohit.mehta@vyatta.com> | 2009-05-11 16:54:02 -0700 |
|---|---|---|
| committer | Mohit Mehta <mohit.mehta@vyatta.com> | 2009-05-11 16:54:02 -0700 |
| commit | 7820d87bcf833391f4b2dbbc90bee57dfa91f545 (patch) | |
| tree | 7980e3f82077fae990d804484e7000b10286440b | |
| parent | db4bcb134272a17b7583d1877286c0e412091c6b (diff) | |
| download | vyatta-cfg-firewall-7820d87bcf833391f4b2dbbc90bee57dfa91f545.tar.gz vyatta-cfg-firewall-7820d87bcf833391f4b2dbbc90bee57dfa91f545.zip | |
Add 'reject' as a configurable value for default-policy
under name and ipv6-name rulesets
| -rwxr-xr-x | scripts/firewall/vyatta-firewall.pl | 1 | ||||
| -rw-r--r-- | templates/firewall/ipv6-name/node.tag/default-policy/node.def | 5 | ||||
| -rw-r--r-- | templates/firewall/name/node.tag/default-policy/node.def | 5 |
3 files changed, 7 insertions, 4 deletions
diff --git a/scripts/firewall/vyatta-firewall.pl b/scripts/firewall/vyatta-firewall.pl index 84319fa..08da99d 100755 --- a/scripts/firewall/vyatta-firewall.pl +++ b/scripts/firewall/vyatta-firewall.pl @@ -67,6 +67,7 @@ my %outhook_hash = ( 'filter' => 'FORWARD', # mapping from vyatta 'default-policy' to iptables jump target my %policy_hash = ( 'drop' => 'DROP', + 'reject' => 'REJECT', 'accept' => 'RETURN' ); my %other_tree = ( 'name' => 'modify', diff --git a/templates/firewall/ipv6-name/node.tag/default-policy/node.def b/templates/firewall/ipv6-name/node.tag/default-policy/node.def index d88d82f..e335e94 100644 --- a/templates/firewall/ipv6-name/node.tag/default-policy/node.def +++ b/templates/firewall/ipv6-name/node.tag/default-policy/node.def @@ -4,9 +4,10 @@ help: Set firewall default-policy default: "drop" -syntax:expression: $VAR(@) in "drop", "accept"; - "default-policy must be either drop or accept" +syntax:expression: $VAR(@) in "drop", "accept", "reject"; + "default-policy must be drop, reject or accept" comp_help: possible completions: drop Drop if no prior rules are hit (default) + reject Drop and notify source if no prior rules are hit accept Accept if no prior rules are hit diff --git a/templates/firewall/name/node.tag/default-policy/node.def b/templates/firewall/name/node.tag/default-policy/node.def index d88d82f..e335e94 100644 --- a/templates/firewall/name/node.tag/default-policy/node.def +++ b/templates/firewall/name/node.tag/default-policy/node.def @@ -4,9 +4,10 @@ help: Set firewall default-policy default: "drop" -syntax:expression: $VAR(@) in "drop", "accept"; - "default-policy must be either drop or accept" +syntax:expression: $VAR(@) in "drop", "accept", "reject"; + "default-policy must be drop, reject or accept" comp_help: possible completions: drop Drop if no prior rules are hit (default) + reject Drop and notify source if no prior rules are hit accept Accept if no prior rules are hit |