summaryrefslogtreecommitdiff
path: root/templates/policy
diff options
context:
space:
mode:
Diffstat (limited to 'templates/policy')
-rw-r--r--templates/policy/access-list/node.def2
-rw-r--r--templates/policy/access-list/node.tag/description/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.def4
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/description/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def2
-rw-r--r--templates/policy/as-path-list/node.def3
-rw-r--r--templates/policy/as-path-list/node.tag/description/node.def2
-rw-r--r--templates/policy/as-path-list/node.tag/rule/node.def4
-rw-r--r--templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def4
-rw-r--r--templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def2
-rw-r--r--templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def5
-rw-r--r--templates/policy/community-list/node.def14
-rw-r--r--templates/policy/community-list/node.tag/description/node.def2
-rw-r--r--templates/policy/community-list/node.tag/rule/node.def3
-rw-r--r--templates/policy/community-list/node.tag/rule/node.tag/action/node.def4
-rw-r--r--templates/policy/community-list/node.tag/rule/node.tag/description/node.def2
-rw-r--r--templates/policy/community-list/node.tag/rule/node.tag/regex/node.def8
-rw-r--r--templates/policy/prefix-list/node.def3
-rw-r--r--templates/policy/prefix-list/node.tag/description/node.def2
-rw-r--r--templates/policy/prefix-list/node.tag/rule/node.def67
-rw-r--r--templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def4
-rw-r--r--templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def2
-rw-r--r--templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def3
-rw-r--r--templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def3
-rw-r--r--templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def3
30 files changed, 90 insertions, 72 deletions
diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def
index 8828516d..05736a3e 100644
--- a/templates/policy/access-list/node.def
+++ b/templates/policy/access-list/node.def
@@ -1,6 +1,6 @@
tag:
type: u32
-help: IP network access-list
+help: IP access-list filter
syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 199) || ($VAR(@) >= 1300 && $VAR(@) <= 2699); \
"Access list number must be
<1-99>\tIP standard access list
diff --git a/templates/policy/access-list/node.tag/description/node.def b/templates/policy/access-list/node.tag/description/node.def
index f0292025..77835b24 100644
--- a/templates/policy/access-list/node.tag/description/node.def
+++ b/templates/policy/access-list/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: access-list description
+help: set a description for this access-list
diff --git a/templates/policy/access-list/node.tag/rule/node.def b/templates/policy/access-list/node.tag/rule/node.def
index 5e35a0be..4f2ce75c 100644
--- a/templates/policy/access-list/node.tag/rule/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.def
@@ -1,5 +1,5 @@
tag:
type: u32
-help: access-list rule
-comp_help: \1 <u32>\t\taccess-list rule number
+help: create a rule for this access-list
+comp_help: \1 <1-65535>\taccess-list rule number
syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/description/node.def b/templates/policy/access-list/node.tag/rule/node.tag/description/node.def
index e363cfa9..562ab020 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/description/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: description for this rule
+help: set a description for this rule
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def
index d66f8363..46cb9007 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def
@@ -1,6 +1,6 @@
type: ipv4
help: match a single host IP address
-comp_help: \1 <ipv4>\thost address to match
+comp_help: \1 <x.x.x.x>\thost address to match
commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\
policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches"
commit:expression: ($VAR(../any/) == "") && ($VAR(../network/) == ""); "\
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def
index ce30999c..54d9b7fd 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def
@@ -1,6 +1,6 @@
type: ipv4
help: match a network/netmask (requires network be defined)
-comp_help: \1 <ipv4>\tinverse-mask to match
+comp_help: \1 <x.x.x.x>\tinverse-mask to match
commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\
policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches"
commit:expression: ($VAR(../any/) == "") && ($VAR(../host/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) destination: you may only define one filter type. (host|network|any)"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def
index 92f99601..a33d28db 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def
@@ -1,6 +1,6 @@
type: ipv4
help: match a network/netmask (requires inverse-mask be defined)
-comp_help: \1 <ipv4>\tnetwork to match
+comp_help: \1 <x.x.x.x>\tnetwork to match
commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\
policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches"
commit:expression: ($VAR(../host/) == "") && ($VAR(../any/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) destination: you may only define one filter type. (host|network|any)"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def
index c79647fb..94bfd185 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def
@@ -1,5 +1,5 @@
type: ipv4
help: match a single host IP address
-comp_help: \1 <ipv4>\thost address to match
+comp_help: \1 <x.x.x.x>\thost address to match
commit:expression: ($VAR(../any/) == "") && ($VAR(../network/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)"
commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def
index 8c60fcb8..167d292a 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def
@@ -1,6 +1,6 @@
type: ipv4
help: match a network/netmask (requires network be defined)
-comp_help: \1 <ipv4>\tinverse-mask to match
+comp_help: \1 <x.x.x.x>\tinverse-mask to match
commit:expression: ($VAR(../any/) == "") && ($VAR(../host/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)"
commit:expression: $VAR(../network/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify a network if you configure an inverse-mask"
commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def
index 7a9d7a97..80508a27 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def
@@ -1,6 +1,6 @@
type: ipv4
help: match a network/netmask (requires inverse-mask be defined)
-comp_help: \1 <ipv4>\tnetwork to match
+comp_help: \1 <x.x.x.x>\tnetwork to match
commit:expression: ($VAR(../host/) == "") && ($VAR(../any/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)"
commit:expression: $VAR(../inverse-mask/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an inverse-mask if you configure a network"
commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action"
diff --git a/templates/policy/as-path-list/node.def b/templates/policy/as-path-list/node.def
index bda7042e..21285cc4 100644
--- a/templates/policy/as-path-list/node.def
+++ b/templates/policy/as-path-list/node.def
@@ -2,4 +2,5 @@ tag:
type: txt
help: BGP autonomous system path filter
syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "as-path-list name must be alpha-numeric"
-end:expression: "/opt/vyatta/sbin/vyatta-policy.pl --update-aspath-list $VAR(@)"
+end: /opt/vyatta/sbin/vyatta-policy.pl --update-aspath-list $VAR(@)
+comp_help: \1 <txt>\t\tas-path-list name
diff --git a/templates/policy/as-path-list/node.tag/description/node.def b/templates/policy/as-path-list/node.tag/description/node.def
index b45a1767..6790c1bd 100644
--- a/templates/policy/as-path-list/node.tag/description/node.def
+++ b/templates/policy/as-path-list/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: AS path list description
+help: set a description for this as-path-list
diff --git a/templates/policy/as-path-list/node.tag/rule/node.def b/templates/policy/as-path-list/node.tag/rule/node.def
index adac0477..d3fbcfcc 100644
--- a/templates/policy/as-path-list/node.tag/rule/node.def
+++ b/templates/policy/as-path-list/node.tag/rule/node.def
@@ -1,4 +1,6 @@
tag:
type: u32
-help: Specify as-path-list rule number
+help: create a rule for this as-path-list
+comp_help: \1 <1-65535>\tas-path-list rule number
syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535"
+
diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def
index 1b7787c5..437cb686 100644
--- a/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def
+++ b/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def
@@ -1,3 +1,5 @@
type: txt
-help: Action to take on AS paths matching this rule
+help: action to take on AS paths matching this rule
+comp_help: \1 permit\tpermit matching as-paths
+ deny\t\tdeny matching as-paths
syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny"
diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def
index b8e3095b..562ab020 100644
--- a/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def
+++ b/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: Description for this rule
+help: set a description for this rule
diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def
index e84579d8..6afc2c35 100644
--- a/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def
+++ b/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def
@@ -1,5 +1,6 @@
type: txt
-help: AS path regular expression
+help: match against an AS path regular expression
+comp_help: \1 <txt>\t\tas-path regular expression
# TODO: check regex syntax; \
# "invalid chars in regex syntax"
-commit:expression: $VAR(../action/@) != ""; "You must specify an action before committing"
+commit:expression: $VAR(../action/@) != ""; "policy as-path-list $VAR(../../@) rule $VAR(../@): You must specify an action"
diff --git a/templates/policy/community-list/node.def b/templates/policy/community-list/node.def
index c16aac71..69a5cbfc 100644
--- a/templates/policy/community-list/node.def
+++ b/templates/policy/community-list/node.def
@@ -1,8 +1,10 @@
tag:
type: u32
-help: Add a community list entry
-syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 500; " \
-community-list must be \
- <1-99> Community list number (standard) \
- <100-500> Community list number (expanded) "
-end:expression: "/opt/vyatta/sbin/vyatta-policy.pl --update-community-list $VAR(@)"
+help: BGP community-list filter
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 500; "
+community-list must be
+ <1-99>\tBGP community list (standard)
+ <100-500>\tBGP community list (expanded) "
+comp_help: \1 <1-99>\tBGP community list (standard)
+ <100-500>\tBGP community list (expanded)
+end: /opt/vyatta/sbin/vyatta-policy.pl --update-community-list $VAR(@)
diff --git a/templates/policy/community-list/node.tag/description/node.def b/templates/policy/community-list/node.tag/description/node.def
index b29d027a..2ee61758 100644
--- a/templates/policy/community-list/node.tag/description/node.def
+++ b/templates/policy/community-list/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: Community list description
+help: set a description for this community list
diff --git a/templates/policy/community-list/node.tag/rule/node.def b/templates/policy/community-list/node.tag/rule/node.def
index adac0477..94bb576e 100644
--- a/templates/policy/community-list/node.tag/rule/node.def
+++ b/templates/policy/community-list/node.tag/rule/node.def
@@ -1,4 +1,5 @@
tag:
type: u32
-help: Specify as-path-list rule number
+help: create a rule for this BGP community list
+comp_help: \1 <1-65535>\tcommunity-list rule number
syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535"
diff --git a/templates/policy/community-list/node.tag/rule/node.tag/action/node.def b/templates/policy/community-list/node.tag/rule/node.tag/action/node.def
index 545bd4c0..66fabcd0 100644
--- a/templates/policy/community-list/node.tag/rule/node.tag/action/node.def
+++ b/templates/policy/community-list/node.tag/rule/node.tag/action/node.def
@@ -1,3 +1,5 @@
type: txt
-help: Action to take on communities matching this rule
+help: action to take on communities matching this rule
+comp_help: \1 permit\tpermit matching communities
+ deny\t\tdeny matching communities
syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny"
diff --git a/templates/policy/community-list/node.tag/rule/node.tag/description/node.def b/templates/policy/community-list/node.tag/rule/node.tag/description/node.def
index b8e3095b..562ab020 100644
--- a/templates/policy/community-list/node.tag/rule/node.tag/description/node.def
+++ b/templates/policy/community-list/node.tag/rule/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: Description for this rule
+help: set a description for this rule
diff --git a/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def b/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def
index 5639ef67..0a703e0b 100644
--- a/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def
+++ b/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def
@@ -1,11 +1,11 @@
type: txt
-help: Community list regular expression
-# pending bug 2285
+help: match against a community list regular expression
+comp_help: \1 <txt>\t\tcommunity-list regular expression
syntax:expression: exec " \
if [ $VAR(../../@) -ge 1 ] && [ $VAR(../../@) -le 99 ]; then \
if [ -n \"`echo $VAR(@) | sed 's/[0-9]*:[0-9]*//g' | sed -e 's/internet//g' -e 's/local-AS//g' -e 's/no-advertise//g' -e 's/no-export//g'`\" ]; then \
- echo regex $VAR(@) is invalid for a standard community list; \
+ echo policy community-list $VAR(../../@) rule $VAR(../@): regex $VAR(@) is invalid for a standard community list; \
exit 1 ; \
fi ; \
fi ; "
-commit:expression: $VAR(../action/@) != ""; "You must specify an action before committing"
+commit:expression: $VAR(../action/@) != ""; "policy community-list $VAR(../../@) rule $VAR(../@): You must specify an action"
diff --git a/templates/policy/prefix-list/node.def b/templates/policy/prefix-list/node.def
index b1fcc1f9..eec6608e 100644
--- a/templates/policy/prefix-list/node.def
+++ b/templates/policy/prefix-list/node.def
@@ -1,4 +1,5 @@
tag:
type: txt
-help: Add a prefix list entry
+help: IP prefix-list filter
+comp_help: \1 <txt> prefix-list list name
syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "prefix-list name must be alpha-numeric"
diff --git a/templates/policy/prefix-list/node.tag/description/node.def b/templates/policy/prefix-list/node.tag/description/node.def
index 8e10bcb9..8a4ae9fa 100644
--- a/templates/policy/prefix-list/node.tag/description/node.def
+++ b/templates/policy/prefix-list/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: Prefix list description
+help: set a description for this prefix-list
diff --git a/templates/policy/prefix-list/node.tag/rule/node.def b/templates/policy/prefix-list/node.tag/rule/node.def
index 841e824c..4813f596 100644
--- a/templates/policy/prefix-list/node.tag/rule/node.def
+++ b/templates/policy/prefix-list/node.tag/rule/node.def
@@ -1,37 +1,38 @@
tag:
type: u32
-help: Specify prefix-list rule number
-commit:expression: $VAR(./prefix/) != ""; "must set a prefix"
-commit:expression: $VAR(./action/) != ""; "must specify an action before committing"
-delete:expression: "touch /tmp/protocols-$VAR(../@)-$VAR(@).$PPID \
- LEN=`echo $VAR(@) | awk -F/ '{ print $2 }'` ; \
- if [ -n \"$VAR(./ge/@)\" ]; then \
- COND=\"ge $VAR(./ge/@) \";
+help: create a rule for this prefix-list
+comp_help: \1 <1-65535>\tprefix-list rule number
+commit:expression: $VAR(./prefix/) != ""; "policy prefix-list $VAR(../@) rule $VAR(@): You must specify a prefix"
+commit:expression: $VAR(./action/) != ""; "policy prefix-list $VAR(../@) rule $VAR(@): You must specify an action"
+delete: touch /tmp/protocols-$VAR(../@)-$VAR(@).$PPID ;
+ len=`echo $VAR(@) | awk -F/ '{ print $2 }'` ;
+ if [ -n "$VAR(./ge/@)" ]; then
+ cond="ge $VAR(./ge/@) ";
fi;
- if [ -n \"$VAR(./le/@)\" ]; then \
- COND=\"$COND le $VAR(./le/@) \"; \
- fi; \
- ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
- -c \"no ip prefix-list $VAR(../@) seq $VAR(@) $VAR(./action/@) $VAR(./prefix/@) $COND \" "
-end:expression: "LEN=`echo $VAR(./prefix/@) | awk -F/ '{ print $2 }'` ; \
- if [ -n \"$VAR(./ge/@)\" ]; then \
- if [ $LEN -ge $VAR(./ge/@) ]; then \
- echo ge must be greater than prefix length ;\
- exit 1 ; \
- fi ; \
- COND=\"ge $VAR(./ge/@) \";
+ if [ -n "$VAR(./le/@)" ]; then
+ cond="$cond le $VAR(./le/@) ";
+ fi;
+ ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" \
+ -c "no ip prefix-list $VAR(../@) seq $VAR(@) $VAR(./action/@) $VAR(./prefix/@) $cond "
+end: len=`echo $VAR(./prefix/@) | awk -F/ '{ print $2 }'` ;
+ if [ -n "$VAR(./ge/@)" ]; then
+ if [ $len -ge $VAR(./ge/@) ]; then
+ echo "policy prefix-list $VAR(../@) rule $VAR(@): ge must be greater than prefix length";
+ exit 1 ;
+ fi ;
+ cond="ge $VAR(./ge/@) ";
fi;
- if [ -n \"$VAR(./le/@)\" ]; then \
- if [ $VAR(./le/@) -ne 32 ] && [ -n \"$VAR(./ge/@)\" ] && [ $VAR(./le/@) -le $VAR(./ge/@) ]; then \
- echo le must be greater than or equal to ge ; \
- exit 1 ; \
- fi ; \
- COND=\"$COND le $VAR(./le/@) \"; \
- fi; \
- if [ -f \"/tmp/protocols-$VAR(../@)-$VAR(@).$PPID\" ]; then \
- rm -f \"protocols-$VAR(../@)-$VAR(@).$PPID\" ; \
- else \
- ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
- -c \"ip prefix-list $VAR(../@) seq $VAR(@) $VAR(./action/@) $VAR(./prefix/@) $COND \" ; \
- fi ; \
- exit 0 ; "
+ if [ -n "$VAR(./le/@)" ]; then
+ if [ $VAR(./le/@) -ne 32 ] && [ -n "$VAR(./ge/@)" ] && [ $VAR(./le/@) -le $VAR(./ge/@) ]; then
+ echo "policy prefix-list $VAR(../@) rule $VAR(@): le must be greater than or equal to ge";
+ exit 1 ;
+ fi ;
+ cond="$cond le $VAR(./le/@) ";
+ fi;
+ if [ -f "/tmp/protocols-$VAR(../@)-$VAR(@).$PPID" ]; then
+ rm -f "protocols-$VAR(../@)-$VAR(@).$PPID" ;
+ else
+ ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" \
+ -c "ip prefix-list $VAR(../@) seq $VAR(@) $VAR(./action/@) $VAR(./prefix/@) $cond " ;
+ fi ;
+ exit 0 ;
diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def
index 4cdf4170..2b641e7c 100644
--- a/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def
+++ b/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def
@@ -1,3 +1,5 @@
type: txt
-help: Action to take on prefixes matching this rule
+help: action to take on prefixes matching this rule
+comp_help: \1 permit\tpermit matching prefixes
+ deny\t\tdeny matching prefixes
syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny"
diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def
index b8e3095b..562ab020 100644
--- a/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def
+++ b/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def
@@ -1,2 +1,2 @@
type: txt
-help: Description for this rule
+help: set a description for this rule
diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def
index ae818e87..4187034b 100644
--- a/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def
+++ b/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def
@@ -1,3 +1,4 @@
type: u32
-help: Prefix greater than or equal to
+help: match a netmask greater than or equal to prefix length
+comp_help: \1 <0-32>\tnetmask greater than length
syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 32; "ge must be between 0 and 32"
diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def
index e108cd60..4ebe9128 100644
--- a/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def
+++ b/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def
@@ -1,3 +1,4 @@
type: u32
-help: Prefix less than or equal to
+help: match a netmask less than or equal to prefix length
+comp_help: \1 <0-32>\tnetmask less than length
syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 32; "le must be between 0 and 32"
diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def
index 5494d284..7145e0fd 100644
--- a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def
+++ b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def
@@ -1,2 +1,3 @@
type: ipv4net
-help: Prefix to match against this rule
+help: match on a prefix
+comp_help: \1 <x.x.x.x/x>\tprefix to match against