Add 1st pass of firewall group support (ipset netfilter module

integration).

1 files changed, 24 insertions, 0 deletions

diff --git a/templates/firewall/group/network-group/node.def b/templates/firewall/group/network-group/node.def
new file mode 100644
index 0000000..2d8bf60
--- /dev/null
+++ b/templates/firewall/group/network-group/node.def
@@ -0,0 +1,24 @@
+tag:
+type: txt
+help: Set a firewall network-group
+
+syntax:expression: exec "			        \
+        if [ `echo $VAR(@) | wc -c` -gt 31 ]; then      \
+          echo group name must be 31 characters or less;\
+          exit 1 ;                                      \
+        fi ; "
+
+syntax:expression: pattern $VAR(@) "^[^-]" ; \
+       "Firewall group name cannot start with \"-\""
+
+create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \
+          --action=create-set                 \
+          --set-type=network                  \
+          --set-name="$VAR(@)"
+
+
+delete: sudo /opt/vyatta/sbin/vyatta-ipset.pl \
+          --action=delete-set                 \
+          --set-name="$VAR(@)"
+
+comp_help: Enter the name of the firewall network-group