diff options
59 files changed, 156 insertions, 156 deletions
diff --git a/templates/firewall/broadcast-ping/node.def b/templates/firewall/broadcast-ping/node.def index 5b2dbd5..0a15914 100644 --- a/templates/firewall/broadcast-ping/node.def +++ b/templates/firewall/broadcast-ping/node.def @@ -1,11 +1,11 @@ type: txt -help: "ignore all ICMP ECHO and TIMESTAMP requests sent via broadcast/multicast" +help: ignore all ICMP ECHO and TIMESTAMP requests sent via broadcast/multicast default: "disable" -syntax: $(@) in "enable", "disable"; "broadcast-ping must be enable or disable" -create: "if [ x$(@) == xenable ]; \ +syntax:expression: $VAR(@) in "enable", "disable"; "broadcast-ping must be enable or disable" +create:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts\"; fi" -update: "if [ x$(@) == xenable ]; \ +update:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts\"; fi" -delete: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts\"" +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts\"" diff --git a/templates/firewall/ip-src-route/node.def b/templates/firewall/ip-src-route/node.def index 1eed14d..46ff9f4 100644 --- a/templates/firewall/ip-src-route/node.def +++ b/templates/firewall/ip-src-route/node.def @@ -1,11 +1,11 @@ type: txt -help: "Accept packets with SRR option" +help: Accept packets with SRR option default: "disable" -syntax: $(@) in "enable", "disable"; "ip-src-route must be enable or disable" -create: "if [ x$(@) == xenable ]; \ +syntax:expression: $VAR(@) in "enable", "disable"; "ip-src-route must be enable or disable" +create:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/accept_source_route\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route\"; fi" -update: "if [ x$(@) == xenable ]; \ +update:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/accept_source_route\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route\"; fi" -delete: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route\"" +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route\"" diff --git a/templates/firewall/log-martians/node.def b/templates/firewall/log-martians/node.def index f6a7114..0c107f4 100644 --- a/templates/firewall/log-martians/node.def +++ b/templates/firewall/log-martians/node.def @@ -1,11 +1,11 @@ type: txt -help: "Allow syslog logging of packets with impossible addresses" +help: Allow syslog logging of packets with impossible addresses default: "enable" -syntax: $(@) in "enable", "disable"; "log-martians must be enable or disable" -create: "if [ x$(@) == xenable ]; \ +syntax:expression: $VAR(@) in "enable", "disable"; "log-martians must be enable or disable" +create:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/log_martians\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/log_martians\"; fi" -update: "if [ x$(@) == xenable ]; \ +update:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/log_martians\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/log_martians\"; fi" -delete: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/log_martians\"" +delete:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/log_martians\"" diff --git a/templates/firewall/name/node.def b/templates/firewall/name/node.def index 5591c1f..b43ea95 100644 --- a/templates/firewall/name/node.def +++ b/templates/firewall/name/node.def @@ -1,4 +1,4 @@ tag: type: txt -syntax: pattern $(@) "^[^-]" ; "Firewall rule set name cannot start with \"-\"" -help: "Configure firewall rule set name" +syntax:expression: pattern $VAR(@) "^[^-]" ; "Firewall rule set name cannot start with \"-\"" +help: Configure firewall rule set name diff --git a/templates/firewall/name/node.tag/description/node.def b/templates/firewall/name/node.tag/description/node.def index 3df7bc0..2e61606 100644 --- a/templates/firewall/name/node.tag/description/node.def +++ b/templates/firewall/name/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: "Configure firewall description" +help: Configure firewall description diff --git a/templates/firewall/name/node.tag/rule/node.def b/templates/firewall/name/node.tag/rule/node.def index b7a1c0c..3d8cf02 100644 --- a/templates/firewall/name/node.tag/rule/node.def +++ b/templates/firewall/name/node.tag/rule/node.def @@ -1,4 +1,4 @@ tag: type: u32 -help: "Configure firewall rule number from 1 to 1024" -syntax: $(@) > 0 && $(@) < 1025; "firewall rule number must be between 1 and 1024" +help: Configure firewall rule number from 1 to 1024 +syntax:expression: $VAR(@) > 0 && $VAR(@) < 1025; "firewall rule number must be between 1 and 1024" diff --git a/templates/firewall/name/node.tag/rule/node.tag/action/node.def b/templates/firewall/name/node.tag/rule/node.tag/action/node.def index c8ea6c5..d6a4029 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/action/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/action/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure firewall rule action" -syntax: $(@) in "drop", "reject", "accept"; "action must be one of drop, reject, or accept" +help: Configure firewall rule action +syntax:expression: $VAR(@) in "drop", "reject", "accept"; "action must be one of drop, reject, or accept" diff --git a/templates/firewall/name/node.tag/rule/node.tag/description/node.def b/templates/firewall/name/node.tag/rule/node.tag/description/node.def index 3648c8a..22107f9 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/description/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: "Configure rule description" +help: Configure rule description diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def index 89546fa..61b702a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure firewall destination address" -syntax: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4_negate '$(@)'" ; "invalid destination address \"$(@)\"" +help: Configure firewall destination address +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4_negate '$VAR(@)'" ; "invalid destination address \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/network/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/network/node.def index dfc93f9..9d07028 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/network/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/network/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure firewall destination network" -syntax: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4net_negate '$(@)'" ; "invalid destination network \"$(@)\"" +help: Configure firewall destination network +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4net_negate '$VAR(@)'" ; "invalid destination network \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/node.def index 8b12941..8d56caa 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/node.def @@ -1 +1 @@ -help: "Configure firewall destination parameters" +help: Configure firewall destination parameters diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def index 89c7ee9..c6f72a3 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port-name/node.def @@ -1,10 +1,10 @@ multi: type: txt -help: "Configure destination port name" -syntax: exec "sh -c 'if grep -q '\\''^$(@)[ \t]'\\'' /etc/services; \ +help: Configure destination port name +syntax:expression: exec "sh -c 'if grep -q '\\''^$VAR(@)[ \t]'\\'' /etc/services; \ then exit 0; else \ if grep -q \ - '\\''^[^ \t]\\+[ \t]\\+[^ \t]\\+[^#]*[ \t]$(@)\\([ \t]\\|\\$\\)'\\'' \ + '\\''^[^ \t]\\+[ \t]\\+[^ \t]\\+[^#]*[ \t]$VAR(@)\\([ \t]\\|$\\)'\\'' \ /etc/services; then exit 0; else exit 1; \ fi; \ -fi' " ; "invalid port name $(@)" +fi' " ; "invalid port name $VAR(@)" diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def index 9afe6c8..c5199d3 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port-number/node.def @@ -1,4 +1,4 @@ multi: type: u32; "destination port must be between 1 and 65535" -help: "Configure destination port number" -syntax: $(@) > 0 && $(@) < 65536; "destination port must be between 1 and 65535" +help: Configure destination port number +syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "destination port must be between 1 and 65535" diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def index 2dcf2f4..b5d29ff 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/node.def @@ -1 +1 @@ -help: "Configure destination port range" +help: Configure destination port range diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def index 5e8610d..b4fe042 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/start/node.def @@ -1,3 +1,3 @@ type: u32; "destination port start should be between 1 and 65535" -help: "Configure destination port range start" -syntax: $(@) > 0 && $(@) < 65536; "destination port start should be between 1 and 65535" +help: Configure destination port range start +syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "destination port start should be between 1 and 65535" diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def index 22c5e89..503715a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port-range/stop/node.def @@ -1,3 +1,3 @@ type: u32; "destination port stop should be between 1 and 65535" -help: "Configure destination port range start" -syntax: $(@) > 0 && $(@) < 65536; "destination port stop should be between 1 and 65535" +help: Configure destination port range start +syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "destination port stop should be between 1 and 65535" diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/range/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/range/node.def index 89f6456..7954a1a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/range/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/range/node.def @@ -1 +1 @@ -help: "Configure destination address range" +help: Configure destination address range diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/range/start/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/range/start/node.def index f83ec75..e202887 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/range/start/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/range/start/node.def @@ -1,2 +1,2 @@ type: ipv4; "destination range start should be an IPv4 address" -help: "Configure destination range start" +help: Configure destination range start diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/range/stop/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/range/stop/node.def index 17673c2..a58a3fb 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/range/stop/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/range/stop/node.def @@ -1,2 +1,2 @@ type: ipv4; "destination range stop should be an IPv4 address" -help: "Configure destination range stop" +help: Configure destination range stop diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def index 318b7b5..ef6e79d 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def @@ -1,3 +1,3 @@ type: u32; "ICMP code must be between 0 and 255" -help: "ICMP code must be between 0 and 255" -syntax: $(@) >=0 && $(@) <= 255; "ICMP code must be between 0 and 255" +help: ICMP code must be between 0 and 255 +syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP code must be between 0 and 255" diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def index db820cf..08acb72 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def @@ -1 +1 @@ -help: "Configure rule ICMP type and code settings" +help: Configure rule ICMP type and code settings diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def index cb1043d..18b7740 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def @@ -1,3 +1,3 @@ type: u32; "ICMP type must be between 0 and 255" -help: "ICMP type must be between 0 and 255" -syntax: $(@) >=0 && $(@) <= 255; "ICMP type must be between 0 and 255" +help: ICMP type must be between 0 and 255 +syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP type must be between 0 and 255" diff --git a/templates/firewall/name/node.tag/rule/node.tag/log/node.def b/templates/firewall/name/node.tag/rule/node.tag/log/node.def index dac6966..1e975d7 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/log/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/log/node.def @@ -1,3 +1,3 @@ type: txt; "firwall logging must be enable or disable" -help: "Configure firewall logging" -syntax: $(@) in "enable", "disable"; "firwall logging must be enable or disable" +help: Configure firewall logging +syntax:expression: $VAR(@) in "enable", "disable"; "firwall logging must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def b/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def index 06d0cbe..4ced90a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure which protocol to match (this can be a protocol name in /etc/protocols, a protocol number, or \"all\")" -syntax: exec "/opt/vyatta/sbin/vyatta-validate-type.pl protocol_negate '$(@)'" ; "invalid protocol \"$(@)\"" +help: Configure which protocol to match (this can be a protocol name in /etc/protocols, a protocol number, or "all") +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl protocol_negate '$VAR(@)'" ; "invalid protocol \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def index 13d2813..9304fb2 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure firewall source address" -syntax: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4_negate '$(@)'" ; "invalid source address \"$(@)\"" +help: Configure firewall source address +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4_negate '$VAR(@)'" ; "invalid source address \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def index c72d1c7..dcf5212 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure source MAC address" -syntax: exec "/opt/vyatta/sbin/vyatta-validate-type.pl macaddr_negate '$(@)'" ; "invalid MAC address \"$(@)\"" +help: Configure source MAC address +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl macaddr_negate '$VAR(@)'" ; "invalid MAC address \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/network/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/network/node.def index 141d325..7c9e939 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/network/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/network/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure firewall source network" -syntax: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4net_negate '$(@)'" ; "invalid source network \"$(@)\"" +help: Configure firewall source network +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4net_negate '$VAR(@)'" ; "invalid source network \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/node.def index c2eabc3..08452e8 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/node.def @@ -1 +1 @@ -help: "Configure firewall source parameters" +help: Configure firewall source parameters diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def index b67c597..34cded8 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/port-name/node.def @@ -1,10 +1,10 @@ multi: type: txt -help: "Configure source port name" -syntax: exec "sh -c 'if grep -q '\\''^$(@)[ \t]'\\'' /etc/services; \ +help: Configure source port name +syntax:expression: exec "sh -c 'if grep -q '\\''^$VAR(@)[ \t]'\\'' /etc/services; \ then exit 0; else \ if grep -q \ - '\\''^[^ \t]\\+[ \t]\\+[^ \t]\\+[^#]*[ \t]$(@)\\([ \t]\\|\\$\\)'\\'' \ + '\\''^[^ \t]\\+[ \t]\\+[^ \t]\\+[^#]*[ \t]$VAR(@)\\([ \t]\\|$\\)'\\'' \ /etc/services; then exit 0; else exit 1; \ fi; \ -fi' " ; "invalid port name $(@)" +fi' " ; "invalid port name $VAR(@)" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def index 6440da9..658b0b0 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/port-number/node.def @@ -1,4 +1,4 @@ multi: type: u32; "source port must be between 1 and 65535" -help: "Configure source port number" -syntax: $(@) > 0 && $(@) < 65536; "source port must be between 1 and 65535" +help: Configure source port number +syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "source port must be between 1 and 65535" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def index 0f9e60c..810255b 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/node.def @@ -1 +1 @@ -help: "Configure source port range" +help: Configure source port range diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def index 0835d4c..fcbd38a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/start/node.def @@ -1,3 +1,3 @@ type: u32; "source port start should be between 1 and 65535" -help: "Configure source port range start" -syntax: $(@) > 0 && $(@) < 65536; "source port start should be between 1 and 65535" +help: Configure source port range start +syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "source port start should be between 1 and 65535" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def index e032b60..21fff1a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/port-range/stop/node.def @@ -1,3 +1,3 @@ type: u32; "source port stop should be between 1 and 65535" -help: "Configure source port range start" -syntax: $(@) > 0 && $(@) < 65536; "source port stop should be between 1 and 65535" +help: Configure source port range start +syntax:expression: $VAR(@) > 0 && $VAR(@) < 65536; "source port stop should be between 1 and 65535" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/range/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/range/node.def index b02f8cb..b9a0abd 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/range/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/range/node.def @@ -1 +1 @@ -help: "Configure source address range" +help: Configure source address range diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/range/start/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/range/start/node.def index 01de6f8..8916cd3 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/range/start/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/range/start/node.def @@ -1,2 +1,2 @@ type: ipv4; "source range start should be an IPv4 address" -help: "Configure source range start" +help: Configure source range start diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/range/stop/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/range/stop/node.def index fdec72b..0f7f0e7 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/range/stop/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/range/stop/node.def @@ -1,2 +1,2 @@ type: ipv4; "source range stop should be an IPv4 address" -help: "Configure source range stop" +help: Configure source range stop diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def index 9fa8224..540dae0 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure established state" -syntax: $(@) in "enable", "disable" ; "state value must be enable or disable" +help: Configure established state +syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def index d944257..11cac2d 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure invalid state" -syntax: $(@) in "enable", "disable" ; "state value must be enable or disable" +help: Configure invalid state +syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def index 5d78f83..fe26a5e 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure new state" -syntax: $(@) in "enable", "disable" ; "state value must be enable or disable" +help: Configure new state +syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/node.def index b0b50aa..0e38df4 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/node.def @@ -1 +1 @@ -help: "Session state" +help: Session state diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def index 7ab397a..f792fa6 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def @@ -1,3 +1,3 @@ type: txt -help: "Configure related state" -syntax: $(@) in "enable", "disable" ; "state value must be enable or disable" +help: Configure related state +syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/node.def b/templates/firewall/node.def index 3710efb..ead7027 100644 --- a/templates/firewall/node.def +++ b/templates/firewall/node.def @@ -1,4 +1,4 @@ -help: "Configure firewall" -end: "sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-rules" -create: "sudo /opt/vyatta/sbin/vyatta-firewall.pl --setup" -delete: "sudo /opt/vyatta/sbin/vyatta-firewall.pl --teardown" +help: Configure firewall +end:expression: "sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-rules" +create:expression: "sudo /opt/vyatta/sbin/vyatta-firewall.pl --setup" +delete:expression: "sudo /opt/vyatta/sbin/vyatta-firewall.pl --teardown" diff --git a/templates/firewall/receive-redirects/node.def b/templates/firewall/receive-redirects/node.def index 923b099..bb9d460 100644 --- a/templates/firewall/receive-redirects/node.def +++ b/templates/firewall/receive-redirects/node.def @@ -1,11 +1,11 @@ type: txt -help: "accept redirects" +help: accept redirects default: "disable" -syntax: $(@) in "enable", "disable"; "receive-redirects must be enable or disable" -create: "if [ x$(@) == xenable ]; \ +syntax:expression: $VAR(@) in "enable", "disable"; "receive-redirects must be enable or disable" +create:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects\"; fi" -update: "if [ x$(@) == xenable ]; \ +update:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects\"; fi" -delete: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects\"" +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects\"" diff --git a/templates/firewall/send-redirects/node.def b/templates/firewall/send-redirects/node.def index 533c8e7..db18a50 100644 --- a/templates/firewall/send-redirects/node.def +++ b/templates/firewall/send-redirects/node.def @@ -1,11 +1,11 @@ type: txt -help: "send ICMP redirects" +help: send ICMP redirects default: "disable" -syntax: $(@) in "enable", "disable"; "send-redirects must be enable or disable" -create: "if [ x$(@) == xenable ]; \ +syntax:expression: $VAR(@) in "enable", "disable"; "send-redirects must be enable or disable" +create:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects\"; fi" -update: "if [ x$(@) == xenable ]; \ +update:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects\"; fi" -delete: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects\"" +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects\"" diff --git a/templates/firewall/syn-cookies/node.def b/templates/firewall/syn-cookies/node.def index 93fde14..70b447b 100644 --- a/templates/firewall/syn-cookies/node.def +++ b/templates/firewall/syn-cookies/node.def @@ -1,8 +1,8 @@ type: txt -help: "use TCP syn cookies" +help: use TCP syn cookies default: "enable" -syntax: $(@) in "enable", "disable"; "syn-cookies must be enable or disable" -update: "if [ x$(@) == xenable ]; \ +syntax:expression: $VAR(@) in "enable", "disable"; "syn-cookies must be enable or disable" +update:expression: "if [ x$VAR(@) == xenable ]; \ then sudo sh -c \"echo 1 > /proc/sys/net/ipv4/tcp_syncookies\"; \ else sudo sh -c \"echo 0 > /proc/sys/net/ipv4/tcp_syncookies\"; fi" -delete: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/tcp_syncookies\"" +delete:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/tcp_syncookies\"" diff --git a/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def b/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def index 1ab0702..290e726 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def @@ -1,18 +1,18 @@ type: txt -help: "Inbound interface filter name" +help: Inbound interface filter name -create: "sh -c \"echo create eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " -update: "sh -c \"echo update eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " -delete: "sh -c \"echo delete eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces delete $(../../../@) $(..) $(@)\" " +--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/firewall/in/node.def b/templates/interfaces/ethernet/node.tag/firewall/in/node.def index caa7172..7a9f156 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/in/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/in/node.def @@ -1 +1 @@ -help: "Filter forwarded packets on inbound interface" +help: Filter forwarded packets on inbound interface diff --git a/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def b/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def index 9c25548..5bd9cd6 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def @@ -1,18 +1,18 @@ type: txt -help: "Local filter name" +help: Local filter name -create: "sh -c \"echo create eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " -update: "sh -c \"echo update eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " -delete: "sh -c \"echo delete eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces delete $(../../../@) $(..) $(@)\" " +--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/firewall/local/node.def b/templates/interfaces/ethernet/node.tag/firewall/local/node.def index 5785f8d..eb0ccdf 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/local/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/local/node.def @@ -1 +1 @@ -help: "Filter packets destined for this router" +help: Filter packets destined for this router diff --git a/templates/interfaces/ethernet/node.tag/firewall/node.def b/templates/interfaces/ethernet/node.tag/firewall/node.def index 95ad2ba..7778775 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/node.def @@ -1 +1 @@ -help: "Configure firewall options" +help: Configure firewall options diff --git a/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def b/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def index 23d0525..0086f38 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def @@ -1,18 +1,18 @@ type: txt -help: "Outbound interface filter name" +help: Outbound interface filter name -create: "sh -c \"echo create eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " -update: "sh -c \"echo update eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " -delete: "sh -c \"echo delete eth=[$(../../../@)] dir=[$(..)] name=[$(@)] \ +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces delete $(../../../@) $(..) $(@)\" " +--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/firewall/out/node.def b/templates/interfaces/ethernet/node.tag/firewall/out/node.def index 66f4e6f..4cf0682 100644 --- a/templates/interfaces/ethernet/node.tag/firewall/out/node.def +++ b/templates/interfaces/ethernet/node.tag/firewall/out/node.def @@ -1 +1 @@ -help: "Filter forwarded packets on outbound interface" +help: Filter forwarded packets on outbound interface diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def index 29e4fba..ade7e78 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def @@ -1,18 +1,18 @@ type: txt -help: "Inbound interface filter name" +help: Inbound interface filter name -create: "sh -c \"echo create eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +create:expression: "sh -c \"echo create eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " -update: "sh -c \"echo update eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +update:expression: "sh -c \"echo update eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " -delete: "sh -c \"echo delete eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces delete $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces delete $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def index caa7172..7a9f156 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def @@ -1 +1 @@ -help: "Filter forwarded packets on inbound interface" +help: Filter forwarded packets on inbound interface diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def index 8995e9e..4089ab1 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def @@ -1,17 +1,17 @@ type: txt -help: "Local filter name" +help: Local filter name -create: "sh -c \"echo create eth=[$(../../../../@)] vif=[$(../../../@)] \ dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +create:expression: "sh -c \"echo create eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " -update: "sh -c \"echo update eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +update:expression: "sh -c \"echo update eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " -delete: "sh -c \"echo delete eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces delete $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces delete $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def index 5785f8d..eb0ccdf 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def @@ -1 +1 @@ -help: "Filter packets destined for this router" +help: Filter packets destined for this router diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def index 95ad2ba..7778775 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def @@ -1 +1 @@ -help: "Configure firewall options" +help: Configure firewall options diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def index 51f9b40..22642a2 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def @@ -1,17 +1,17 @@ type: txt -help: "Outbound interface filter name" +help: Outbound interface filter name -create: "sh -c \"echo create eth=[$(../../../../@)] vif=[$(../../../@)] \ dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +create:expression: "sh -c \"echo create eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " -update: "sh -c \"echo update eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +update:expression: "sh -c \"echo update eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces update $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces update $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " -delete: "sh -c \"echo delete eth=[$(../../../../@)] vif=[$(../../../@)] \ -dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \ +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../../@)] vif=[$VAR(../../../@)] \ +dir=[$VAR(..)] name=[$VAR(@)] >> /tmp/cli.log && \ sudo /opt/vyatta/sbin/vyatta-firewall.pl \ ---update-interfaces delete $(../../../../@).$(../../../@) $(..) $(@)\" " +--update-interfaces delete $VAR(../../../../@).$VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def index 66f4e6f..4cf0682 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def @@ -1 +1 @@ -help: "Filter forwarded packets on outbound interface" +help: Filter forwarded packets on outbound interface |