summaryrefslogtreecommitdiff
path: root/templates/firewall
diff options
context:
space:
mode:
authorMohit Mehta <mohit.mehta@vyatta.com>2009-03-26 11:22:56 -0700
committerMohit Mehta <mohit.mehta@vyatta.com>2009-03-26 11:22:56 -0700
commit52e57dd02b64034e6232e046ee82e93b6709d173 (patch)
tree97f69974cdf1ad3e959c4d4b16dae07666b95286 /templates/firewall
parent5febb22b44a1c93628cf070350770fed55512e4d (diff)
downloadvyatta-cfg-firewall-52e57dd02b64034e6232e046ee82e93b6709d173.tar.gz
vyatta-cfg-firewall-52e57dd02b64034e6232e046ee82e93b6709d173.zip
* add 'redirect' to Valid ICMPv6 Types
* add comp_help for ICMPv4 type-name
Diffstat (limited to 'templates/firewall')
-rw-r--r--templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def7
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def51
2 files changed, 50 insertions, 8 deletions
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def
index 13ff654..b50e31a 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def
@@ -26,6 +26,7 @@ comp_help: Possible completions:
neighbor-solicitation ICMPv6 type/code name
neighbour-advertisement ICMPv6 type/code name
neighbor-advertisement ICMPv6 type/code name
+ redirect ICMPv6 type/code name
<0 - 255> ICMPv6 type number
<0 - 255>/<0 - 255> ICMPv6 type and code numbers
@@ -53,7 +54,8 @@ allowed:
neighbour-solicitation
neighbor-solicitation
neighbour-advertisement
- neighbor-advertisement )
+ neighbor-advertisement
+ redirect )
echo -n ${array[@]}
syntax:expression: exec "
@@ -80,7 +82,8 @@ syntax:expression: exec "
neighbour-solicitation
neighbor-solicitation
neighbour-advertisement
- neighbor-advertisement )
+ neighbor-advertisement
+ redirect )
len=${#array[*]}
i=0
while [ $i -lt $len ]; do
diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def
index f61945c..4669142 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def
@@ -1,28 +1,28 @@
type: txt
help: Set icmp type-name to match
allowed:
-array=(any echo-reply destination-unreachable network-unreachable
+array=(any echo-reply pong destination-unreachable network-unreachable
host-unreachable protocol-unreachable port-unreachable
fragmentation-needed source-route-failed network-unknown host-unknown
network-prohibited host-prohibited TOS-network-unreachable
TOS-host-unreachable communication-prohibited host-precedence-violation
precedence-cutoff source-quench redirect network-redirect host-redirect
- TOS-network-redirect TOS-host-redirect echo-request router-advertisement
- router-solicitation time-exceeded ttl-zero-during-transit
+ TOS-network-redirect TOS-host-redirect echo-request ping router-advertisement
+ router-solicitation time-exceeded ttl-exceeded ttl-zero-during-transit
ttl-zero-during-reassembly parameter-problem ip-header-bad
required-option-missing timestamp-request timestamp-reply
address-mask-request address-mask-reply)
echo -n ${array[@]}
syntax:expression: exec "
-array=(any echo-reply destination-unreachable network-unreachable
+array=(any echo-reply pong destination-unreachable network-unreachable
host-unreachable protocol-unreachable port-unreachable
fragmentation-needed source-route-failed network-unknown host-unknown
network-prohibited host-prohibited TOS-network-unreachable
TOS-host-unreachable communication-prohibited host-precedence-violation
precedence-cutoff source-quench redirect network-redirect host-redirect
- TOS-network-redirect TOS-host-redirect echo-request router-advertisement
- router-solicitation time-exceeded ttl-zero-during-transit
+ TOS-network-redirect TOS-host-redirect echo-request ping router-advertisement
+ router-solicitation time-exceeded ttl-exceeded ttl-zero-during-transit
ttl-zero-during-reassembly parameter-problem ip-header-bad
required-option-missing timestamp-request timestamp-reply
address-mask-request address-mask-reply)
@@ -36,3 +36,42 @@ while [ $i -lt $len ]; do
done
echo Invalid ICMP type-name [$VAR(@)]
exit 1 "
+
+comp_help: Possible completions:
+any
+echo-reply (pong)
+destination-unreachable
+ network-unreachable
+ host-unreachable
+ protocol-unreachable
+ port-unreachable
+ fragmentation-needed
+ source-route-failed
+ network-unknown
+ host-unknown
+ network-prohibited
+ host-prohibited
+ TOS-network-unreachable
+ TOS-host-unreachable
+ communication-prohibited
+ host-precedence-violation
+ precedence-cutoff
+source-quench
+redirect
+ network-redirect
+ host-redirect
+ TOS-network-redirect
+ TOS-host-redirect
+echo-request (ping)
+router-advertisement
+router-solicitation
+time-exceeded (ttl-exceeded)
+ ttl-zero-during-transit
+ ttl-zero-during-reassembly
+parameter-problem
+ ip-header-bad
+ required-option-missing
+timestamp-request
+timestamp-reply
+address-mask-request
+address-mask-reply