diff options
Diffstat (limited to 'templates/policy/access-list')
10 files changed, 11 insertions, 11 deletions
diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def index 8828516d..05736a3e 100644 --- a/templates/policy/access-list/node.def +++ b/templates/policy/access-list/node.def @@ -1,6 +1,6 @@ tag: type: u32 -help: IP network access-list +help: IP access-list filter syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 199) || ($VAR(@) >= 1300 && $VAR(@) <= 2699); \ "Access list number must be <1-99>\tIP standard access list diff --git a/templates/policy/access-list/node.tag/description/node.def b/templates/policy/access-list/node.tag/description/node.def index f0292025..77835b24 100644 --- a/templates/policy/access-list/node.tag/description/node.def +++ b/templates/policy/access-list/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: access-list description +help: set a description for this access-list diff --git a/templates/policy/access-list/node.tag/rule/node.def b/templates/policy/access-list/node.tag/rule/node.def index 5e35a0be..4f2ce75c 100644 --- a/templates/policy/access-list/node.tag/rule/node.def +++ b/templates/policy/access-list/node.tag/rule/node.def @@ -1,5 +1,5 @@ tag: type: u32 -help: access-list rule -comp_help: \1 <u32>\t\taccess-list rule number +help: create a rule for this access-list +comp_help: \1 <1-65535>\taccess-list rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/description/node.def b/templates/policy/access-list/node.tag/rule/node.tag/description/node.def index e363cfa9..562ab020 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/description/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: description for this rule +help: set a description for this rule diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def index d66f8363..46cb9007 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def @@ -1,6 +1,6 @@ type: ipv4 help: match a single host IP address -comp_help: \1 <ipv4>\thost address to match +comp_help: \1 <x.x.x.x>\thost address to match commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\ policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches" commit:expression: ($VAR(../any/) == "") && ($VAR(../network/) == ""); "\ diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def index ce30999c..54d9b7fd 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def @@ -1,6 +1,6 @@ type: ipv4 help: match a network/netmask (requires network be defined) -comp_help: \1 <ipv4>\tinverse-mask to match +comp_help: \1 <x.x.x.x>\tinverse-mask to match commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\ policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches" commit:expression: ($VAR(../any/) == "") && ($VAR(../host/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) destination: you may only define one filter type. (host|network|any)" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def index 92f99601..a33d28db 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def @@ -1,6 +1,6 @@ type: ipv4 help: match a network/netmask (requires inverse-mask be defined) -comp_help: \1 <ipv4>\tnetwork to match +comp_help: \1 <x.x.x.x>\tnetwork to match commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\ policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches" commit:expression: ($VAR(../host/) == "") && ($VAR(../any/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) destination: you may only define one filter type. (host|network|any)" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def index c79647fb..94bfd185 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def @@ -1,5 +1,5 @@ type: ipv4 help: match a single host IP address -comp_help: \1 <ipv4>\thost address to match +comp_help: \1 <x.x.x.x>\thost address to match commit:expression: ($VAR(../any/) == "") && ($VAR(../network/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)" commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def index 8c60fcb8..167d292a 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def @@ -1,6 +1,6 @@ type: ipv4 help: match a network/netmask (requires network be defined) -comp_help: \1 <ipv4>\tinverse-mask to match +comp_help: \1 <x.x.x.x>\tinverse-mask to match commit:expression: ($VAR(../any/) == "") && ($VAR(../host/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)" commit:expression: $VAR(../network/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify a network if you configure an inverse-mask" commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def index 7a9d7a97..80508a27 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def @@ -1,6 +1,6 @@ type: ipv4 help: match a network/netmask (requires inverse-mask be defined) -comp_help: \1 <ipv4>\tnetwork to match +comp_help: \1 <x.x.x.x>\tnetwork to match commit:expression: ($VAR(../host/) == "") && ($VAR(../any/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)" commit:expression: $VAR(../inverse-mask/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an inverse-mask if you configure a network" commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action" |