diff options
| author | Bob Gilligan <gilligan@vyatta.com> | 2008-02-13 17:33:48 -0800 |
|---|---|---|
| committer | Bob Gilligan <gilligan@vyatta.com> | 2008-02-13 17:33:48 -0800 |
| commit | a7ffca8e534152373b3edde31ab8b40e54e0c198 (patch) | |
| tree | 607dae68cc86827440f8ecdc29b2fbc1edc47ab9 | |
| parent | 80d1ffc043e5726e08657b7e93c36a02a605c8ee (diff) | |
| download | vyatta-cfg-firewall-a7ffca8e534152373b3edde31ab8b40e54e0c198.tar.gz vyatta-cfg-firewall-a7ffca8e534152373b3edde31ab8b40e54e0c198.zip | |
Extend firewall support to PPPOE interfaces.
7 files changed, 58 insertions, 0 deletions
diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/in/name/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/in/name/node.def new file mode 100644 index 0000000..3c55b08 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/in/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Inbound interface filter name + +create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/in/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/in/node.def new file mode 100644 index 0000000..7a9f156 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/in/node.def @@ -0,0 +1 @@ +help: Filter forwarded packets on inbound interface diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/local/name/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/local/name/node.def new file mode 100644 index 0000000..0ff302d --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/local/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Local filter name + +create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/local/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/local/node.def new file mode 100644 index 0000000..eb0ccdf --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/local/node.def @@ -0,0 +1 @@ +help: Filter packets destined for this router diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/node.def new file mode 100644 index 0000000..7778775 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/node.def @@ -0,0 +1 @@ +help: Configure firewall options diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/out/name/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/out/name/node.def new file mode 100644 index 0000000..897fdde --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/out/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Outbound interface filter name + +create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/out/node.def b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/out/node.def new file mode 100644 index 0000000..4cf0682 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/pppoe/node.tag/firewall/out/node.def @@ -0,0 +1 @@ +help: Filter forwarded packets on outbound interface |