diff options
| author | Mohit Mehta <mohit.mehta@vyatta.com> | 2010-07-15 10:51:53 -0700 |
|---|---|---|
| committer | Mohit Mehta <mohit.mehta@vyatta.com> | 2010-07-15 10:51:53 -0700 |
| commit | 7cf567cb1538070ea204b64e53135de876c12dd3 (patch) | |
| tree | 1b37f837ac64be8a9e7237b8d1a9736230546575 /templates/firewall | |
| parent | 1eb6d30dae07ef661966d05b681a623ee02a7dda (diff) | |
| download | vyatta-cfg-firewall-7cf567cb1538070ea204b64e53135de876c12dd3.tar.gz vyatta-cfg-firewall-7cf567cb1538070ea204b64e53135de876c12dd3.zip | |
Fix bug 4629 configuration limit of recent count firewall rule is 20
* raise recent count limit to 255. add syntax check to disallow invalid values
Diffstat (limited to 'templates/firewall')
4 files changed, 5 insertions, 0 deletions
diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def index a07010f..7f72b46 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def @@ -1,2 +1,3 @@ type: u32 help: Set to N to only match source addresses seen more than N times +syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def index a07010f..7f72b46 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def @@ -1,2 +1,3 @@ type: u32 help: Set to N to only match source addresses seen more than N times +syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def index a07010f..767f42c 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def @@ -1,2 +1,4 @@ type: u32 help: Set to N to only match source addresses seen more than N times +syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" + diff --git a/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def index a07010f..7f72b46 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def @@ -1,2 +1,3 @@ type: u32 help: Set to N to only match source addresses seen more than N times +syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" |