diff options
author | An-Cheng Huang <ancheng@vyatta.com> | 2008-10-24 15:29:54 -0700 |
---|---|---|
committer | An-Cheng Huang <ancheng@vyatta.com> | 2008-10-24 15:29:54 -0700 |
commit | 48bec978b2e2be9327163b8342a253cf69b61c6c (patch) | |
tree | 8b2fd52faa5360d6001acf12dc0fc0b598152e68 | |
parent | fd872e43a5eb9b135912d6653a9fc4be97556a31 (diff) | |
download | vyatta-cfg-system-48bec978b2e2be9327163b8342a253cf69b61c6c.tar.gz vyatta-cfg-system-48bec978b2e2be9327163b8342a253cf69b61c6c.zip |
add firewall configuration to bridge interface
7 files changed, 58 insertions, 0 deletions
diff --git a/templates/interfaces/bridge/node.tag/firewall/in/name/node.def b/templates/interfaces/bridge/node.tag/firewall/in/name/node.def new file mode 100644 index 00000000..45ddefa1 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/in/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set inbound interface filter name + +create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/bridge/node.tag/firewall/in/node.def b/templates/interfaces/bridge/node.tag/firewall/in/node.def new file mode 100644 index 00000000..eccc79b4 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/in/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on inbound interface diff --git a/templates/interfaces/bridge/node.tag/firewall/local/name/node.def b/templates/interfaces/bridge/node.tag/firewall/local/name/node.def new file mode 100644 index 00000000..29082074 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/local/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set local filter name + +create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/bridge/node.tag/firewall/local/node.def b/templates/interfaces/bridge/node.tag/firewall/local/node.def new file mode 100644 index 00000000..25958359 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/local/node.def @@ -0,0 +1 @@ +help: Set filter for packets destined for this router diff --git a/templates/interfaces/bridge/node.tag/firewall/node.def b/templates/interfaces/bridge/node.tag/firewall/node.def new file mode 100644 index 00000000..11748d20 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/node.def @@ -0,0 +1 @@ +help: Set firewall options diff --git a/templates/interfaces/bridge/node.tag/firewall/out/name/node.def b/templates/interfaces/bridge/node.tag/firewall/out/name/node.def new file mode 100644 index 00000000..13a7c312 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/out/name/node.def @@ -0,0 +1,18 @@ +type: txt + +help: Set outbound interface filter name + +create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " + +update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" " + +delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \ +>> /tmp/cli.log && \ +sudo /opt/vyatta/sbin/vyatta-firewall.pl \ +--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" " diff --git a/templates/interfaces/bridge/node.tag/firewall/out/node.def b/templates/interfaces/bridge/node.tag/firewall/out/node.def new file mode 100644 index 00000000..3aec5f05 --- /dev/null +++ b/templates/interfaces/bridge/node.tag/firewall/out/node.def @@ -0,0 +1 @@ +help: Set filter for forwarded packets on outbound interface |