summaryrefslogtreecommitdiff
path: root/templates/firewall/name
diff options
context:
space:
mode:
Diffstat (limited to 'templates/firewall/name')
-rw-r--r--templates/firewall/name/node.def3
-rw-r--r--templates/firewall/name/node.tag/description/node.def1
-rw-r--r--templates/firewall/name/node.tag/rule/node.def3
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/action/node.def2
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/description/node.def1
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def8
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def2
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def2
-rw-r--r--templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def2
9 files changed, 21 insertions, 3 deletions
diff --git a/templates/firewall/name/node.def b/templates/firewall/name/node.def
index 491fe71..b82683d 100644
--- a/templates/firewall/name/node.def
+++ b/templates/firewall/name/node.def
@@ -1,4 +1,7 @@
tag:
+
type: txt
+
syntax:expression: pattern $VAR(@) "^[^-]" ; "Firewall rule set name cannot start with \"-\""
+
help: Set firewall rule set name
diff --git a/templates/firewall/name/node.tag/description/node.def b/templates/firewall/name/node.tag/description/node.def
index 678e325..d181e33 100644
--- a/templates/firewall/name/node.tag/description/node.def
+++ b/templates/firewall/name/node.tag/description/node.def
@@ -1,2 +1,3 @@
type: txt
+
help: Set firewall description
diff --git a/templates/firewall/name/node.tag/rule/node.def b/templates/firewall/name/node.tag/rule/node.def
index 010f808..c3c7b43 100644
--- a/templates/firewall/name/node.tag/rule/node.def
+++ b/templates/firewall/name/node.tag/rule/node.def
@@ -1,4 +1,7 @@
tag:
+
type: u32
+
help: Set firewall rule number (1-1024)
+
syntax:expression: $VAR(@) > 0 && $VAR(@) < 1025; "firewall rule number must be between 1 and 1024"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/action/node.def b/templates/firewall/name/node.tag/rule/node.tag/action/node.def
index 7bb7278..9391bda 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/action/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/action/node.def
@@ -1,4 +1,6 @@
type: txt
+
help: Set firewall rule action
+
syntax:expression: $VAR(@) in "drop", "reject", "accept", "inspect";
"action must be one of drop, reject, accept, or inspect"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/description/node.def b/templates/firewall/name/node.tag/rule/node.tag/description/node.def
index 9c0c2bb..b49b91e 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/description/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/description/node.def
@@ -1,2 +1,3 @@
type: txt
+
help: Set rule description
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def
index e25da77..e78fd70 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def
@@ -1,9 +1,11 @@
type: txt
+
help: Set destination IP address, subnet, or range
+
comp_help: Possible completions:
- <x.x.x.x> IP address to match
- <x.x.x.x/x> Subnet to match
- <x.x.x.x>-<x.x.x.x> IP range to match
+ <x.x.x.x> IPv4 address to match
+ <x.x.x.x/x> IPv4 Subnet to match
+ <x.x.x.x>-<x.x.x.x> IPv4 range to match
!<x.x.x.x> Match everything except the specified address
!<x.x.x.x/x> Match everything except the specified subnet
!<x.x.x.x>-<x.x.x.x> Match everything except the specified range
diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
index 65170b2..b292864 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def
@@ -1,5 +1,7 @@
type: txt
+
help: Set destination port
+
comp_help: Destination port(s) can be specified as a comma-separated list of:
<port name> Named port (any name in /etc/services, e.g., http)
<1-65535> Numbered port
diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def
index 71bacfc..8ff1c09 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def
@@ -1,3 +1,5 @@
type: u32; "ICMP code must be between 0 and 255"
+
help: Set ICMP code (0-255)
+
syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP code must be between 0 and 255"
diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def
index 6275a64..9cd72b3 100644
--- a/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def
+++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def
@@ -1,3 +1,5 @@
type: u32; "ICMP type must be between 0 and 255"
+
help: Set ICMP type (0-255)
+
syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP type must be between 0 and 255"
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 04:55:20 +0000