Bug #45: add port range validation to firewall templates.

author: Daniil Baturin <daniil@baturin.org> 2014-08-01 22:15:10 +0200
committer: Daniil Baturin <daniil@baturin.org> 2014-08-01 22:15:10 +0200
commit: 16d317735a53cfd444afc867dffa366ee9741e0f (patch)
tree: 9e5db769205629900b3c17e5a4272c2d35737453 /templates
parent: 84aaf425e93b1ff66a4c53df4426972cf26e1df1 (diff)
download: vyatta-cfg-firewall-16d317735a53cfd444afc867dffa366ee9741e0f.tar.gz
vyatta-cfg-firewall-16d317735a53cfd444afc867dffa366ee9741e0f.zip
4 files changed, 4 insertions, 0 deletions
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def
index 2b2d8c7..48d34ac 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def
@@ -8,3 +8,4 @@ val_help: range; Numbered port range (e.g., 1001-1005)
 comp_help: Multiple destination ports can be specified as a comma-separated list.
 The whole list can also be "negated" using '!'. For example:
   '!22,telnet,http,123,1001-1005'
+syntax:expression: exec "${vyatta_sbindir}/valid_port_range.pl $VAR(@)"
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def
index adfae7a..c0d32b9 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def
@@ -6,3 +6,4 @@ val_help: range; Numbered port range (e.g., 1001-1005)
 comp_help: Multiple source ports can be specified as a comma-separated list.
 The whole list can also be "negated" using '!'. For example:
   '!22,telnet,http,123,1001-1005'
+syntax:expression: exec "${vyatta_sbindir}/valid_port_range.pl $VAR(@)"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
index 2b2d8c7..48d34ac 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
@@ -8,3 +8,4 @@ val_help: range; Numbered port range (e.g., 1001-1005)
 comp_help: Multiple destination ports can be specified as a comma-separated list.
 The whole list can also be "negated" using '!'. For example:
   '!22,telnet,http,123,1001-1005'
+syntax:expression: exec "${vyatta_sbindir}/valid_port_range.pl $VAR(@)"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def
index adfae7a..c0d32b9 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def
@@ -6,3 +6,4 @@ val_help: range; Numbered port range (e.g., 1001-1005)
 comp_help: Multiple source ports can be specified as a comma-separated list.
 The whole list can also be "negated" using '!'. For example:
   '!22,telnet,http,123,1001-1005'
+syntax:expression: exec "${vyatta_sbindir}/valid_port_range.pl $VAR(@)"
author	Daniil Baturin <daniil@baturin.org>	2014-08-01 22:15:10 +0200
committer	Daniil Baturin <daniil@baturin.org>	2014-08-01 22:15:10 +0200
commit	16d317735a53cfd444afc867dffa366ee9741e0f (patch)
tree	9e5db769205629900b3c17e5a4272c2d35737453 /templates
parent	84aaf425e93b1ff66a4c53df4426972cf26e1df1 (diff)
download	vyatta-cfg-firewall-16d317735a53cfd444afc867dffa366ee9741e0f.tar.gz vyatta-cfg-firewall-16d317735a53cfd444afc867dffa366ee9741e0f.zip