diff options
| author | Bob Gilligan <gilligan@vyatta.com> | 2008-04-30 12:21:35 -0700 |
|---|---|---|
| committer | Bob Gilligan <gilligan@vyatta.com> | 2008-04-30 12:21:35 -0700 |
| commit | 1a99f235fd34d2dcf53032a81acb2d9097c4e9dc (patch) | |
| tree | 3e3898310da93eb6f434883d59639907219f006f /templates | |
| parent | 2e5c8068ba4d4868c8527d68699b958bdd83e91e (diff) | |
| download | vyatta-cfg-firewall-1a99f235fd34d2dcf53032a81acb2d9097c4e9dc.tar.gz vyatta-cfg-firewall-1a99f235fd34d2dcf53032a81acb2d9097c4e9dc.zip | |
Add firewall templates for PPPOA, PPPOE, and classical IP over ATM, onhollister
ADSL interfaces.
Diffstat (limited to 'templates')
21 files changed, 174 insertions, 0 deletions
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def new file mode 100644 index 0000000..871d2c4 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set inbound interface filter name + +create:expression: "sh -c \"echo create if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete $VAR(../../../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def new file mode 100644 index 0000000..eccc79b --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on inbound interface diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def new file mode 100644 index 0000000..9a025ec --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set local filter name + +create:expression: "sh -c \"echo create if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete $VAR(../../../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def new file mode 100644 index 0000000..2595835 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def @@ -0,0 +1 @@ +help: Set filter for packets destined for this router diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def new file mode 100644 index 0000000..11748d2 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def @@ -0,0 +1 @@ +help: Set firewall options diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def new file mode 100644 index 0000000..e1a82da --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set outbound interface filter name + +create:expression: "sh -c \"echo create if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete $VAR(../../../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def new file mode 100644 index 0000000..3aec5f0 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on outbound interface diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def new file mode 100644 index 0000000..f56809c --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set inbound interface filter name + +create:expression: "sh -c \"echo create pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def new file mode 100644 index 0000000..eccc79b --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on inbound interface diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def new file mode 100644 index 0000000..6bfd469 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set local filter name + +create:expression: "sh -c \"echo create pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def new file mode 100644 index 0000000..2595835 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def @@ -0,0 +1 @@ +help: Set filter for packets destined for this router diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def new file mode 100644 index 0000000..11748d2 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def @@ -0,0 +1 @@ +help: Set firewall options diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def new file mode 100644 index 0000000..d2000c1 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set outbound interface filter name + +create:expression: "sh -c \"echo create pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def new file mode 100644 index 0000000..3aec5f0 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on outbound interface diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def new file mode 100644 index 0000000..6e629bc --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set inbound interface filter name + +create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def new file mode 100644 index 0000000..eccc79b --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on inbound interface diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def new file mode 100644 index 0000000..44e85d1 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set local filter name + +create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def new file mode 100644 index 0000000..2595835 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def @@ -0,0 +1 @@ +help: Set filter for packets destined for this router diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def new file mode 100644 index 0000000..11748d2 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def @@ -0,0 +1 @@ +help: Set firewall options diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def new file mode 100644 index 0000000..2c37224 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set outbound interface filter name + +create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def new file mode 100644 index 0000000..3aec5f0 --- /dev/null +++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on outbound interface |