From 1a99f235fd34d2dcf53032a81acb2d9097c4e9dc Mon Sep 17 00:00:00 2001
From: Bob Gilligan <gilligan@vyatta.com>
Date: Wed, 30 Apr 2008 12:21:35 -0700
Subject: Add firewall templates for PPPOA, PPPOE, and classical IP over ATM,
 on ADSL interfaces.

---
 .../node.tag/classical-ipoa/firewall/in/name/node.def  | 18 ++++++++++++++++++
 .../pvc/node.tag/classical-ipoa/firewall/in/node.def   |  1 +
 .../classical-ipoa/firewall/local/name/node.def        | 18 ++++++++++++++++++
 .../node.tag/classical-ipoa/firewall/local/node.def    |  1 +
 .../pvc/node.tag/classical-ipoa/firewall/node.def      |  1 +
 .../node.tag/classical-ipoa/firewall/out/name/node.def | 18 ++++++++++++++++++
 .../pvc/node.tag/classical-ipoa/firewall/out/node.def  |  1 +
 .../node.tag/pppoa/node.tag/firewall/in/name/node.def  | 18 ++++++++++++++++++
 .../pvc/node.tag/pppoa/node.tag/firewall/in/node.def   |  1 +
 .../pppoa/node.tag/firewall/local/name/node.def        | 18 ++++++++++++++++++
 .../node.tag/pppoa/node.tag/firewall/local/node.def    |  1 +
 .../pvc/node.tag/pppoa/node.tag/firewall/node.def      |  1 +
 .../node.tag/pppoa/node.tag/firewall/out/name/node.def | 18 ++++++++++++++++++
 .../pvc/node.tag/pppoa/node.tag/firewall/out/node.def  |  1 +
 .../node.tag/pppoe/node.tag/firewall/in/name/node.def  | 18 ++++++++++++++++++
 .../pvc/node.tag/pppoe/node.tag/firewall/in/node.def   |  1 +
 .../pppoe/node.tag/firewall/local/name/node.def        | 18 ++++++++++++++++++
 .../node.tag/pppoe/node.tag/firewall/local/node.def    |  1 +
 .../pvc/node.tag/pppoe/node.tag/firewall/node.def      |  1 +
 .../node.tag/pppoe/node.tag/firewall/out/name/node.def | 18 ++++++++++++++++++
 .../pvc/node.tag/pppoe/node.tag/firewall/out/node.def  |  1 +
 21 files changed, 174 insertions(+)
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def
 create mode 100644 templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def

diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def
new file mode 100644
index 0000000..871d2c4
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set inbound interface filter name
+
+create:expression: "sh -c \"echo create if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def
new file mode 100644
index 0000000..eccc79b
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/in/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on inbound interface
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def
new file mode 100644
index 0000000..9a025ec
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set local filter name
+
+create:expression: "sh -c \"echo create if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def
new file mode 100644
index 0000000..2595835
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/local/node.def
@@ -0,0 +1 @@
+help: Set filter for packets destined for this router
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def
new file mode 100644
index 0000000..11748d2
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/node.def
@@ -0,0 +1 @@
+help: Set firewall options
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def
new file mode 100644
index 0000000..e1a82da
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set outbound interface filter name
+
+create:expression: "sh -c \"echo create if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete if=[$VAR(../../../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $VAR(../../../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def
new file mode 100644
index 0000000..3aec5f0
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/out/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on outbound interface
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def
new file mode 100644
index 0000000..f56809c
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set inbound interface filter name
+
+create:expression: "sh -c \"echo create pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def
new file mode 100644
index 0000000..eccc79b
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/in/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on inbound interface
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def
new file mode 100644
index 0000000..6bfd469
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set local filter name
+
+create:expression: "sh -c \"echo create pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def
new file mode 100644
index 0000000..2595835
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/local/node.def
@@ -0,0 +1 @@
+help: Set filter for packets destined for this router
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def
new file mode 100644
index 0000000..11748d2
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/node.def
@@ -0,0 +1 @@
+help: Set firewall options
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def
new file mode 100644
index 0000000..d2000c1
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set outbound interface filter name
+
+create:expression: "sh -c \"echo create pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete pppoa=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete pppoa$VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def
new file mode 100644
index 0000000..3aec5f0
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/out/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on outbound interface
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def
new file mode 100644
index 0000000..6e629bc
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set inbound interface filter name
+
+create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def
new file mode 100644
index 0000000..eccc79b
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/in/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on inbound interface
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def
new file mode 100644
index 0000000..44e85d1
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set local filter name
+
+create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def
new file mode 100644
index 0000000..2595835
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/local/node.def
@@ -0,0 +1 @@
+help: Set filter for packets destined for this router
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def
new file mode 100644
index 0000000..11748d2
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/node.def
@@ -0,0 +1 @@
+help: Set firewall options
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def
new file mode 100644
index 0000000..2c37224
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set outbound interface filter name
+
+create:expression: "sh -c \"echo create pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete pppoe=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete pppoe$VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def
new file mode 100644
index 0000000..3aec5f0
--- /dev/null
+++ b/templates/interfaces/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/out/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on outbound interface
-- 
cgit v1.2.3