summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
authorAn-Cheng Huang <ancheng@vyatta.com>2008-02-08 16:12:39 -0800
committerAn-Cheng Huang <ancheng@vyatta.com>2008-02-08 16:12:39 -0800
commit5fefd9826bd75dee9f7bd253b69cf5c0259bc269 (patch)
tree0cae8970ab21877fcc65b025bbafb312a8f1f777 /templates
parent4658f6263d756066712e5c0be11a21e5dcc9d774 (diff)
downloadvyatta-cfg-firewall-5fefd9826bd75dee9f7bd253b69cf5c0259bc269.tar.gz
vyatta-cfg-firewall-5fefd9826bd75dee9f7bd253b69cf5c0259bc269.zip
fix for bug 2789: merge port configuration options.
Diffstat (limited to 'templates')
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def10
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def4
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def1
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def3
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def3
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def8
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def10
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def4
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def1
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def3
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def3
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/source/port/node.def8
12 files changed, 16 insertions, 42 deletions
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def
deleted file mode 100644
index c6f72a3..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def
+++ /dev/null
@@ -1,10 +0,0 @@
-multi:
-type: txt
-help: Configure destination port name
-syntax:expression: exec "sh -c 'if grep -q '\\''^$VAR(@)[ \t]'\\'' /etc/services; \
-then exit 0; else \
- if grep -q \
- '\\''^[^ \t]\\+[ \t]\\+[^ \t]\\+[^#]*[ \t]$VAR(@)\\([ \t]\\|$\\)'\\'' \
- /etc/services; then exit 0; else exit 1; \
- fi; \
-fi' " ; "invalid port name $VAR(@)"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def
deleted file mode 100644
index c5199d3..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-multi:
-type: u32; "destination port must be between 1 and 65535"
-help: Configure destination port number
-syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "destination port must be between 1 and 65535"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def
deleted file mode 100644
index b5d29ff..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Configure destination port range
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def
deleted file mode 100644
index b4fe042..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: u32; "destination port start should be between 1 and 65535"
-help: Configure destination port range start
-syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "destination port start should be between 1 and 65535"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def
deleted file mode 100644
index 503715a..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: u32; "destination port stop should be between 1 and 65535"
-help: Configure destination port range start
-syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "destination port stop should be between 1 and 65535"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
new file mode 100644
index 0000000..6f655d7
--- /dev/null
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
@@ -0,0 +1,8 @@
+type: txt
+help: Configure destination port
+comp_help: Destination port(s) can be specified as a comma-separated list of:
+ <port name> Named port (any name in /etc/services, e.g., http)
+ <port number> Numbered port (between 1 and 65535)
+ <start>-<end> Numbered port range (e.g., 1001-1005)
+The whole list can also be "negated" using '!'. For example:
+ '!22,telnet,http,123,1001-1005'
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def
deleted file mode 100644
index 34cded8..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def
+++ /dev/null
@@ -1,10 +0,0 @@
-multi:
-type: txt
-help: Configure source port name
-syntax:expression: exec "sh -c 'if grep -q '\\''^$VAR(@)[ \t]'\\'' /etc/services; \
-then exit 0; else \
- if grep -q \
- '\\''^[^ \t]\\+[ \t]\\+[^ \t]\\+[^#]*[ \t]$VAR(@)\\([ \t]\\|$\\)'\\'' \
- /etc/services; then exit 0; else exit 1; \
- fi; \
-fi' " ; "invalid port name $VAR(@)"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def
deleted file mode 100644
index 658b0b0..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-multi:
-type: u32; "source port must be between 1 and 65535"
-help: Configure source port number
-syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "source port must be between 1 and 65535"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def
deleted file mode 100644
index 810255b..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Configure source port range
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def
deleted file mode 100644
index fcbd38a..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: u32; "source port start should be between 1 and 65535"
-help: Configure source port range start
-syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "source port start should be between 1 and 65535"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def
deleted file mode 100644
index 21fff1a..0000000
--- a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: u32; "source port stop should be between 1 and 65535"
-help: Configure source port range start
-syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "source port stop should be between 1 and 65535"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def
new file mode 100644
index 0000000..1973f1c
--- /dev/null
+++ b/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def
@@ -0,0 +1,8 @@
+type: txt
+help: Configure source port
+comp_help: Source port(s) can be specified as a comma-separated list of:
+ <port name> Named port (any name in /etc/services, e.g., http)
+ <port number> Numbered port (between 1 and 65535)
+ <start>-<end> Numbered port range (e.g., 1001-1005)
+The whole list can also be "negated" using '!'. For example:
+ '!22,telnet,http,123,1001-1005'