Add allow values for firewall groups.

author: Stig Thormodsrud <stig@io.vyatta.com> 2009-02-12 18:06:54 -0800
committer: Stig Thormodsrud <stig@io.vyatta.com> 2009-02-12 18:06:54 -0800
commit: 6c9b63d77208edc15f2c70ffb845662a8a2ab845 (patch)
tree: 970998caeaeca79a36d302e69aea03b27bd7f9ce /templates
parent: c1fcf5f5764e258663e6bc532783fa3c0a29d4a2 (diff)
download: vyatta-cfg-firewall-6c9b63d77208edc15f2c70ffb845662a8a2ab845.tar.gz
vyatta-cfg-firewall-6c9b63d77208edc15f2c70ffb845662a8a2ab845.zip
6 files changed, 19 insertions, 0 deletions
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def
index 6fd918f..89544cf 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def
@@ -5,3 +5,7 @@ syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
                            --action=check-set-type        \
                            --set-name=$VAR(@)             \
                            --set-type=address;"
+
+allowed: local -a array
+         array=( /opt/vyatta/config/active/firewall/group/address-group/* )
+         echo -n ${array[@]##*/}
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def
index 023acbf..30fe5e1 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def
@@ -5,3 +5,6 @@ syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
                            --action=check-set-type        \
                            --set-name=$VAR(@)             \
                            --set-type=network;"
+allowed: local -a array
+         array=( /opt/vyatta/config/active/firewall/group/network-group/* )
+         echo -n ${array[@]##*/}
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def
index f77d45a..6bab1c7 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def
@@ -5,3 +5,6 @@ syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
                            --action=check-set-type        \
                            --set-name=$VAR(@)             \
                            --set-type=port;"
+allowed: local -a array
+         array=( /opt/vyatta/config/active/firewall/group/port-group/* )
+         echo -n ${array[@]##*/}
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def
index 6fd918f..d652898 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def
@@ -5,3 +5,6 @@ syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
                            --action=check-set-type        \
                            --set-name=$VAR(@)             \
                            --set-type=address;"
+allowed: local -a array
+         array=( /opt/vyatta/config/active/firewall/group/address-group/* )
+         echo -n ${array[@]##*/}
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def
index 023acbf..30fe5e1 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def
@@ -5,3 +5,6 @@ syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
                            --action=check-set-type        \
                            --set-name=$VAR(@)             \
                            --set-type=network;"
+allowed: local -a array
+         array=( /opt/vyatta/config/active/firewall/group/network-group/* )
+         echo -n ${array[@]##*/}
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def
index f77d45a..6bab1c7 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def
@@ -5,3 +5,6 @@ syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
                            --action=check-set-type        \
                            --set-name=$VAR(@)             \
                            --set-type=port;"
+allowed: local -a array
+         array=( /opt/vyatta/config/active/firewall/group/port-group/* )
+         echo -n ${array[@]##*/}
author	Stig Thormodsrud <stig@io.vyatta.com>	2009-02-12 18:06:54 -0800
committer	Stig Thormodsrud <stig@io.vyatta.com>	2009-02-12 18:06:54 -0800
commit	6c9b63d77208edc15f2c70ffb845662a8a2ab845 (patch)
tree	970998caeaeca79a36d302e69aea03b27bd7f9ce /templates
parent	c1fcf5f5764e258663e6bc532783fa3c0a29d4a2 (diff)
download	vyatta-cfg-firewall-6c9b63d77208edc15f2c70ffb845662a8a2ab845.tar.gz vyatta-cfg-firewall-6c9b63d77208edc15f2c70ffb845662a8a2ab845.zip