From 189566463805d5b45c54129463d8ee00312dc459 Mon Sep 17 00:00:00 2001
From: Bob Gilligan <gilligan@sydney.vyatta.com>
Date: Wed, 12 Dec 2007 14:13:13 -0800
Subject: Add templates for firewall nodes in the "interfaces" tree.

---
 .../interfaces/ethernet/node.tag/firewall/in/name/node.def | 14 ++++++++++++++
 .../interfaces/ethernet/node.tag/firewall/in/node.def      |  1 +
 .../ethernet/node.tag/firewall/local/name/node.def         | 14 ++++++++++++++
 .../interfaces/ethernet/node.tag/firewall/local/node.def   |  1 +
 templates/interfaces/ethernet/node.tag/firewall/node.def   |  1 +
 .../ethernet/node.tag/firewall/out/name/node.def           | 14 ++++++++++++++
 .../interfaces/ethernet/node.tag/firewall/out/node.def     |  1 +
 .../node.tag/vif/node.tag/firewall/in/name/node.def        | 14 ++++++++++++++
 .../ethernet/node.tag/vif/node.tag/firewall/in/node.def    |  1 +
 .../node.tag/vif/node.tag/firewall/local/name/node.def     | 13 +++++++++++++
 .../ethernet/node.tag/vif/node.tag/firewall/local/node.def |  1 +
 .../ethernet/node.tag/vif/node.tag/firewall/node.def       |  1 +
 .../node.tag/vif/node.tag/firewall/out/name/node.def       | 13 +++++++++++++
 .../ethernet/node.tag/vif/node.tag/firewall/out/node.def   |  1 +
 14 files changed, 90 insertions(+)
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/in/name/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/in/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/local/name/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/local/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/out/name/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/firewall/out/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def
 create mode 100644 templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def

(limited to 'templates')

diff --git a/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def b/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def
new file mode 100644
index 0000000..c3e58b7
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/in/name/node.def
@@ -0,0 +1,14 @@
+type: txt
+help: "Inbound interface filter name"
+create: "sh -c \"echo create eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../..) $(..) $(@)\" "
+update: "sh -c \"echo update eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../..) $(..) $(@)\" "
+delete: "sh -c \"echo delete eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $(../../..) $(..) $(@)\" "
diff --git a/templates/interfaces/ethernet/node.tag/firewall/in/node.def b/templates/interfaces/ethernet/node.tag/firewall/in/node.def
new file mode 100644
index 0000000..caa7172
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/in/node.def
@@ -0,0 +1 @@
+help: "Filter forwarded packets on inbound interface"
diff --git a/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def b/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def
new file mode 100644
index 0000000..e0a2fa5
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/local/name/node.def
@@ -0,0 +1,14 @@
+type: txt
+help: "Local filter name"
+create: "sh -c \"echo create eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../..) $(..) $(@)\" "
+update: "sh -c \"echo update eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../..) $(..) $(@)\" "
+delete: "sh -c \"echo delete eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $(../../..) $(..) $(@)\" "
diff --git a/templates/interfaces/ethernet/node.tag/firewall/local/node.def b/templates/interfaces/ethernet/node.tag/firewall/local/node.def
new file mode 100644
index 0000000..5785f8d
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/local/node.def
@@ -0,0 +1 @@
+help: "Filter packets destined for this router"
diff --git a/templates/interfaces/ethernet/node.tag/firewall/node.def b/templates/interfaces/ethernet/node.tag/firewall/node.def
new file mode 100644
index 0000000..95ad2ba
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/node.def
@@ -0,0 +1 @@
+help: "Configure firewall options"
diff --git a/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def b/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def
new file mode 100644
index 0000000..9828c9c
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/out/name/node.def
@@ -0,0 +1,14 @@
+type: txt
+help: "Outbound interface filter name"
+create: "sh -c \"echo create eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../..) $(..) $(@)\" "
+update: "sh -c \"echo update eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../..) $(..) $(@)\" "
+delete: "sh -c \"echo delete eth=[$(../../..)] dir=[$(..)] name=[$(@)] \
+>> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $(../../..) $(..) $(@)\" "
diff --git a/templates/interfaces/ethernet/node.tag/firewall/out/node.def b/templates/interfaces/ethernet/node.tag/firewall/out/node.def
new file mode 100644
index 0000000..66f4e6f
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/firewall/out/node.def
@@ -0,0 +1 @@
+help: "Filter forwarded packets on outbound interface"
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def
new file mode 100644
index 0000000..10ee0bb
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/name/node.def
@@ -0,0 +1,14 @@
+type: txt
+help: "Inbound interface filter name"
+create: "sh -c \"echo create eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../../../..).$(../../..) $(..) $(@)\" "
+update: "sh -c \"echo update eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../../../..).$(../../..) $(..) $(@)\" "
+delete: "sh -c \"echo delete eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $(../../../../..).$(../../..) $(..) $(@)\" "
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def
new file mode 100644
index 0000000..caa7172
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/in/node.def
@@ -0,0 +1 @@
+help: "Filter forwarded packets on inbound interface"
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def
new file mode 100644
index 0000000..d8dfd8b
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/name/node.def
@@ -0,0 +1,13 @@
+type: txt
+help: "Local filter name"
+create: "sh -c \"echo create eth=[$(../../../../..)] vif=[$(../../..)] \        dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../../../..).$(../../..) $(..) $(@)\" "
+update: "sh -c \"echo update eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../../../..).$(../../..) $(..) $(@)\" "
+delete: "sh -c \"echo delete eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $(../../../../..).$(../../..) $(..) $(@)\" "
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def
new file mode 100644
index 0000000..5785f8d
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/local/node.def
@@ -0,0 +1 @@
+help: "Filter packets destined for this router"
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def
new file mode 100644
index 0000000..95ad2ba
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/node.def
@@ -0,0 +1 @@
+help: "Configure firewall options"
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def
new file mode 100644
index 0000000..c3ec18a
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/name/node.def
@@ -0,0 +1,13 @@
+type: txt
+help: "Outbound interface filter name"
+create: "sh -c \"echo create eth=[$(../../../../..)] vif=[$(../../..)] \        dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../../../..).$(../../..) $(..) $(@)\" "
+update: "sh -c \"echo update eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $(../../../../..).$(../../..) $(..) $(@)\" "
+delete: "sh -c \"echo delete eth=[$(../../../../..)] vif=[$(../../..)] \
+dir=[$(..)] name=[$(@)] >> /tmp/cli.log && \
+/opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $(../../../../..).$(../../..) $(..) $(@)\" "
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def
new file mode 100644
index 0000000..66f4e6f
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/firewall/out/node.def
@@ -0,0 +1 @@
+help: "Filter forwarded packets on outbound interface"
-- 
cgit v1.2.3