summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
Diffstat (limited to 'templates')
-rw-r--r--templates/firewall/group/ipv6-address-group/node.def (renamed from templates/firewall/ipv6-group/address-group/node.def)4
-rw-r--r--templates/firewall/group/ipv6-address-group/node.tag/address/node.def (renamed from templates/firewall/ipv6-group/address-group/node.tag/address/node.def)3
-rw-r--r--templates/firewall/group/ipv6-address-group/node.tag/description/node.def2
-rw-r--r--templates/firewall/group/ipv6-network-group/node.def (renamed from templates/firewall/ipv6-group/network-group/node.def)8
-rw-r--r--templates/firewall/group/ipv6-network-group/node.tag/description/node.def2
-rw-r--r--templates/firewall/group/ipv6-network-group/node.tag/network/node.def (renamed from templates/firewall/ipv6-group/network-group/node.tag/network/node.def)0
-rw-r--r--templates/firewall/group/network-group/node.def2
-rw-r--r--templates/firewall/ipv6-group/address-group/node.tag/description/node.def2
-rw-r--r--templates/firewall/ipv6-group/network-group/node.tag/description/node.def2
-rw-r--r--templates/firewall/ipv6-group/node.def1
-rw-r--r--templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/address-group/node.def2
-rw-r--r--templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/network-group/node.def2
-rw-r--r--templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/address-group/node.def2
-rw-r--r--templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/network-group/node.def2
14 files changed, 20 insertions, 14 deletions
diff --git a/templates/firewall/ipv6-group/address-group/node.def b/templates/firewall/group/ipv6-address-group/node.def
index b61f784..20e4430 100644
--- a/templates/firewall/ipv6-group/address-group/node.def
+++ b/templates/firewall/group/ipv6-address-group/node.def
@@ -1,7 +1,7 @@
tag:
priority: 200
type: txt
-help: Firewall address-group
+help: Firewall ipv6-address-group
syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \
"Firewall group name must be 31 characters or less"
@@ -21,5 +21,5 @@ syntax:expression: exec "/opt/vyatta/sbin/vyatta-ipset.pl --action=is-group-defi
end: if sudo /opt/vyatta/sbin/vyatta-ipset.pl --action=update-set \
--set-name="$VAR(@)" --set-type=address --set-family=inet6; then
- ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="firewall group address-group $VAR(@)"
+ ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="firewall group ipv6-address-group $VAR(@)"
fi
diff --git a/templates/firewall/ipv6-group/address-group/node.tag/address/node.def b/templates/firewall/group/ipv6-address-group/node.tag/address/node.def
index ba944e6..5bd948b 100644
--- a/templates/firewall/ipv6-group/address-group/node.tag/address/node.def
+++ b/templates/firewall/group/ipv6-address-group/node.tag/address/node.def
@@ -3,4 +3,7 @@ type: txt
help: Address-group member
val_help: ipv6; IPv6 address to match
+syntax:expression: pattern $VAR(@) "^[^|;&$<>/]*$" ; \
+ "Error [$VAR(@)] isn't valid IPv6 host address"
+
syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type ipv6_addr_param $VAR(@)"
diff --git a/templates/firewall/group/ipv6-address-group/node.tag/description/node.def b/templates/firewall/group/ipv6-address-group/node.tag/description/node.def
new file mode 100644
index 0000000..f630483
--- /dev/null
+++ b/templates/firewall/group/ipv6-address-group/node.tag/description/node.def
@@ -0,0 +1,2 @@
+type: txt
+help: IPv6 Address-group description \ No newline at end of file
diff --git a/templates/firewall/ipv6-group/network-group/node.def b/templates/firewall/group/ipv6-network-group/node.def
index 90383c2..084fdb0 100644
--- a/templates/firewall/ipv6-group/network-group/node.def
+++ b/templates/firewall/group/ipv6-network-group/node.def
@@ -1,7 +1,7 @@
tag:
priority: 200
type: txt
-help: Firewall network-group
+help: Firewall ipv6-network-group
syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \
"Firewall group name must be 31 characters or less"
@@ -15,7 +15,11 @@ syntax:expression: pattern $VAR(@) "^[^!]" ; \
syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \
"Firewall group name cannot contain shell punctuation"
+syntax:expression: exec "/opt/vyatta/sbin/vyatta-ipset.pl --action=is-group-defined --set-name=$VAR(@) \
+ --set-type=network --set-family=inet6"; \
+ "Firewall group name already used as Ipv4 group address"
+
end: if sudo /opt/vyatta/sbin/vyatta-ipset.pl --action=update-set \
--set-name="$VAR(@)" --set-type=network --set-family=inet6; then
- ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="firewall ipv6-group network-group $VAR(@)"
+ ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="firewall group ipv6-network-group $VAR(@)"
fi
diff --git a/templates/firewall/group/ipv6-network-group/node.tag/description/node.def b/templates/firewall/group/ipv6-network-group/node.tag/description/node.def
new file mode 100644
index 0000000..cc905df
--- /dev/null
+++ b/templates/firewall/group/ipv6-network-group/node.tag/description/node.def
@@ -0,0 +1,2 @@
+type: txt
+help: IPv6-network-group description
diff --git a/templates/firewall/ipv6-group/network-group/node.tag/network/node.def b/templates/firewall/group/ipv6-network-group/node.tag/network/node.def
index 879a164..879a164 100644
--- a/templates/firewall/ipv6-group/network-group/node.tag/network/node.def
+++ b/templates/firewall/group/ipv6-network-group/node.tag/network/node.def
diff --git a/templates/firewall/group/network-group/node.def b/templates/firewall/group/network-group/node.def
index ed9810d..14b8366 100644
--- a/templates/firewall/group/network-group/node.def
+++ b/templates/firewall/group/network-group/node.def
@@ -16,7 +16,7 @@ syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \
"Firewall group name cannot contain shell punctuation"
syntax:expression: exec "/opt/vyatta/sbin/vyatta-ipset.pl --action=is-group-defined --set-name=$VAR(@) \
- --set-type=address --set-family=inet"; \
+ --set-type=network --set-family=inet"; \
"Firewall group name already used as Ipv6 group address"
end: if sudo /opt/vyatta/sbin/vyatta-ipset.pl --action=update-set \
diff --git a/templates/firewall/ipv6-group/address-group/node.tag/description/node.def b/templates/firewall/ipv6-group/address-group/node.tag/description/node.def
deleted file mode 100644
index 032553a..0000000
--- a/templates/firewall/ipv6-group/address-group/node.tag/description/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: IPv6 Address-group description
diff --git a/templates/firewall/ipv6-group/network-group/node.tag/description/node.def b/templates/firewall/ipv6-group/network-group/node.tag/description/node.def
deleted file mode 100644
index 52bb8e4..0000000
--- a/templates/firewall/ipv6-group/network-group/node.tag/description/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: Network-group description
diff --git a/templates/firewall/ipv6-group/node.def b/templates/firewall/ipv6-group/node.def
deleted file mode 100644
index 3c87f34..0000000
--- a/templates/firewall/ipv6-group/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: IPv6 Firewall group
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/address-group/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/address-group/node.def
index 71a4326..961663c 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/address-group/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/address-group/node.def
@@ -6,4 +6,4 @@ commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
--set-name=$VAR(@) \
--set-type=address;"
-allowed: cli-shell-api listNodes firewall ipv6-group address-group
+allowed: cli-shell-api listNodes firewall group ipv6-address-group
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/network-group/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/network-group/node.def
index b3e2718..262c4dd 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/network-group/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/group/network-group/node.def
@@ -5,4 +5,4 @@ commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
--action=check-set-type \
--set-name=$VAR(@) \
--set-type=network;"
-allowed: cli-shell-api listNodes firewall ipv6-group network-group
+allowed: cli-shell-api listNodes firewall group ipv6-network-group
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/address-group/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/address-group/node.def
index 63f0540..9323938 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/address-group/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/address-group/node.def
@@ -5,4 +5,4 @@ commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
--action=check-set-type \
--set-name=$VAR(@) \
--set-type=address;"
-allowed: cli-shell-api listNodes firewall ipv6-group address-group
+allowed: cli-shell-api listNodes firewall group ipv6-address-group
diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/network-group/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/network-group/node.def
index b3e2718..262c4dd 100644
--- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/network-group/node.def
+++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/group/network-group/node.def
@@ -5,4 +5,4 @@ commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \
--action=check-set-type \
--set-name=$VAR(@) \
--set-type=network;"
-allowed: cli-shell-api listNodes firewall ipv6-group network-group
+allowed: cli-shell-api listNodes firewall group ipv6-network-group
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 04:15:33 +0000