From a3e2cac9bbde2361cdc599a367e7c709d8388086 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Fri, 22 Jul 2011 16:43:52 +0700 Subject: Bug 5681: Templates changed to move NAT out of service branch, "service/nat" -> "nat". --- templates-cfg/nat/node.def | 5 +++++ templates-cfg/nat/rule/node.def | 11 +++++++++++ templates-cfg/nat/rule/node.tag/description/node.def | 3 +++ .../nat/rule/node.tag/destination/address/node.def | 10 ++++++++++ templates-cfg/nat/rule/node.tag/destination/node.def | 1 + .../nat/rule/node.tag/destination/port/node.def | 11 +++++++++++ templates-cfg/nat/rule/node.tag/disable/node.def | 1 + templates-cfg/nat/rule/node.tag/exclude/node.def | 1 + .../nat/rule/node.tag/inbound-interface/node.def | 20 ++++++++++++++++++++ .../rule/node.tag/inside-address/address/node.def | 7 +++++++ .../nat/rule/node.tag/inside-address/node.def | 1 + .../nat/rule/node.tag/inside-address/port/node.def | 6 ++++++ templates-cfg/nat/rule/node.tag/log/node.def | 6 ++++++ .../nat/rule/node.tag/outbound-interface/node.def | 20 ++++++++++++++++++++ .../rule/node.tag/outside-address/address/node.def | 7 +++++++ .../nat/rule/node.tag/outside-address/node.def | 1 + .../nat/rule/node.tag/outside-address/port/node.def | 6 ++++++ templates-cfg/nat/rule/node.tag/protocol/node.def | 15 +++++++++++++++ .../nat/rule/node.tag/source/address/node.def | 10 ++++++++++ templates-cfg/nat/rule/node.tag/source/node.def | 1 + templates-cfg/nat/rule/node.tag/source/port/node.def | 11 +++++++++++ templates-cfg/nat/rule/node.tag/type/node.def | 9 +++++++++ templates-cfg/service/nat/node.def | 5 ----- templates-cfg/service/nat/rule/node.def | 11 ----------- .../service/nat/rule/node.tag/description/node.def | 3 --- .../nat/rule/node.tag/destination/address/node.def | 10 ---------- .../service/nat/rule/node.tag/destination/node.def | 1 - .../nat/rule/node.tag/destination/port/node.def | 11 ----------- .../service/nat/rule/node.tag/disable/node.def | 1 - .../service/nat/rule/node.tag/exclude/node.def | 1 - .../nat/rule/node.tag/inbound-interface/node.def | 20 -------------------- .../rule/node.tag/inside-address/address/node.def | 7 ------- .../nat/rule/node.tag/inside-address/node.def | 1 - .../nat/rule/node.tag/inside-address/port/node.def | 6 ------ templates-cfg/service/nat/rule/node.tag/log/node.def | 6 ------ .../nat/rule/node.tag/outbound-interface/node.def | 20 -------------------- .../rule/node.tag/outside-address/address/node.def | 7 ------- .../nat/rule/node.tag/outside-address/node.def | 1 - .../nat/rule/node.tag/outside-address/port/node.def | 6 ------ .../service/nat/rule/node.tag/protocol/node.def | 15 --------------- .../nat/rule/node.tag/source/address/node.def | 10 ---------- .../service/nat/rule/node.tag/source/node.def | 1 - .../service/nat/rule/node.tag/source/port/node.def | 11 ----------- .../service/nat/rule/node.tag/type/node.def | 9 --------- 44 files changed, 163 insertions(+), 163 deletions(-) create mode 100644 templates-cfg/nat/node.def create mode 100644 templates-cfg/nat/rule/node.def create mode 100644 templates-cfg/nat/rule/node.tag/description/node.def create mode 100644 templates-cfg/nat/rule/node.tag/destination/address/node.def create mode 100644 templates-cfg/nat/rule/node.tag/destination/node.def create mode 100644 templates-cfg/nat/rule/node.tag/destination/port/node.def create mode 100644 templates-cfg/nat/rule/node.tag/disable/node.def create mode 100644 templates-cfg/nat/rule/node.tag/exclude/node.def create mode 100644 templates-cfg/nat/rule/node.tag/inbound-interface/node.def create mode 100644 templates-cfg/nat/rule/node.tag/inside-address/address/node.def create mode 100644 templates-cfg/nat/rule/node.tag/inside-address/node.def create mode 100644 templates-cfg/nat/rule/node.tag/inside-address/port/node.def create mode 100644 templates-cfg/nat/rule/node.tag/log/node.def create mode 100644 templates-cfg/nat/rule/node.tag/outbound-interface/node.def create mode 100644 templates-cfg/nat/rule/node.tag/outside-address/address/node.def create mode 100644 templates-cfg/nat/rule/node.tag/outside-address/node.def create mode 100644 templates-cfg/nat/rule/node.tag/outside-address/port/node.def create mode 100644 templates-cfg/nat/rule/node.tag/protocol/node.def create mode 100644 templates-cfg/nat/rule/node.tag/source/address/node.def create mode 100644 templates-cfg/nat/rule/node.tag/source/node.def create mode 100644 templates-cfg/nat/rule/node.tag/source/port/node.def create mode 100644 templates-cfg/nat/rule/node.tag/type/node.def delete mode 100644 templates-cfg/service/nat/node.def delete mode 100644 templates-cfg/service/nat/rule/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/description/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/destination/address/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/destination/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/destination/port/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/disable/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/exclude/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/inbound-interface/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/inside-address/address/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/inside-address/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/inside-address/port/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/log/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/outbound-interface/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/outside-address/address/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/outside-address/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/outside-address/port/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/protocol/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/source/address/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/source/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/source/port/node.def delete mode 100644 templates-cfg/service/nat/rule/node.tag/type/node.def diff --git a/templates-cfg/nat/node.def b/templates-cfg/nat/node.def new file mode 100644 index 0000000..63f8866 --- /dev/null +++ b/templates-cfg/nat/node.def @@ -0,0 +1,5 @@ +priority: 220 + +help: Network Address Translation (NAT) parameters + +end:expression: "sudo /opt/vyatta/sbin/vyatta-update-nat.pl" diff --git a/templates-cfg/nat/rule/node.def b/templates-cfg/nat/rule/node.def new file mode 100644 index 0000000..c666be9 --- /dev/null +++ b/templates-cfg/nat/rule/node.def @@ -0,0 +1,11 @@ +tag: + +type: u32 + +help: Rule number for NAT + +syntax:expression: ($VAR(@) > 0 && $VAR(@) < 10000) ; \ + "Rule number must be between 1 and 9999." + +val_help: u32:1-9999 ; Number for this NAT rule + diff --git a/templates-cfg/nat/rule/node.tag/description/node.def b/templates-cfg/nat/rule/node.tag/description/node.def new file mode 100644 index 0000000..90bf88b --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/description/node.def @@ -0,0 +1,3 @@ +type: txt + +help: Rule description diff --git a/templates-cfg/nat/rule/node.tag/destination/address/node.def b/templates-cfg/nat/rule/node.tag/destination/address/node.def new file mode 100644 index 0000000..e580b57 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/destination/address/node.def @@ -0,0 +1,10 @@ +type: txt + +help: Destination IP address, subnet, or range + +val_help: ipv4 ; IP address to match +val_help: ipv4net; Subnet to match +val_help: ipv4range ; IP range to match +val_help: !ipv4 ; Match everything except the specified address +val_help: !ipv4net ; Match everything except the specified subnet +val_help: !ipv4range ; Match everything except the specified range diff --git a/templates-cfg/nat/rule/node.tag/destination/node.def b/templates-cfg/nat/rule/node.tag/destination/node.def new file mode 100644 index 0000000..8fc8e75 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/destination/node.def @@ -0,0 +1 @@ +help: NAT destination parameters diff --git a/templates-cfg/nat/rule/node.tag/destination/port/node.def b/templates-cfg/nat/rule/node.tag/destination/port/node.def new file mode 100644 index 0000000..7505487 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/destination/port/node.def @@ -0,0 +1,11 @@ +type: txt + +help: Destination port + +val_help: ; Named port (any name in /etc/services, e.g., http) +val_help: u32:1-65535 ; Numbered port +val_help: - ; Numbered port range (e.g., 1001-1005) + +comp_help: Multiple destination ports can be specified as a comma-separated list. +The whole list can also be "negated" using '!'. +For example: '!22,telnet,http,123,1001-1005' diff --git a/templates-cfg/nat/rule/node.tag/disable/node.def b/templates-cfg/nat/rule/node.tag/disable/node.def new file mode 100644 index 0000000..c23fc5a --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/disable/node.def @@ -0,0 +1 @@ +help: Disable NAT rule diff --git a/templates-cfg/nat/rule/node.tag/exclude/node.def b/templates-cfg/nat/rule/node.tag/exclude/node.def new file mode 100644 index 0000000..3fc118a --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/exclude/node.def @@ -0,0 +1 @@ +help: Exclude packets matching this rule from NAT diff --git a/templates-cfg/nat/rule/node.tag/inbound-interface/node.def b/templates-cfg/nat/rule/node.tag/inbound-interface/node.def new file mode 100644 index 0000000..69913d6 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/inbound-interface/node.def @@ -0,0 +1,20 @@ +type: txt + +help: Inbound interface of NAT traffic + +enumeration: existing-interfaces + +val_help: ; Interface name + +commit:expression: exec " + intf_array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)) + intf_array_len=${#intf_array[*]} + i=0 + while [ $i -lt $intf_array_len ]; do + temp=${intf_array[$i]%:*} + if [ \"$temp\" == \"$VAR(@)\" ] ; then + exit 0 + fi + let i++ + done + echo NAT configuration warning: interface $VAR(@) does not exist on this system " diff --git a/templates-cfg/nat/rule/node.tag/inside-address/address/node.def b/templates-cfg/nat/rule/node.tag/inside-address/address/node.def new file mode 100644 index 0000000..a00b483 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/inside-address/address/node.def @@ -0,0 +1,7 @@ +type: txt + +help: Inside IP address or range for NAT + +val_help: ipv4 ; NAT to the specified IP address +val_help: ipv4range ; NAT to the specified IP range +val_help: ipv4net ; NAT to the specified network address. Host part of the address will remain unchanged diff --git a/templates-cfg/nat/rule/node.tag/inside-address/node.def b/templates-cfg/nat/rule/node.tag/inside-address/node.def new file mode 100644 index 0000000..e13cd32 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/inside-address/node.def @@ -0,0 +1 @@ +help: Inside NAT IP (used by destination NAT only) diff --git a/templates-cfg/nat/rule/node.tag/inside-address/port/node.def b/templates-cfg/nat/rule/node.tag/inside-address/port/node.def new file mode 100644 index 0000000..ab6f9d4 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/inside-address/port/node.def @@ -0,0 +1,6 @@ +type: txt + +help: Inside port + +val_help: u32:1-65535 ; Numbered port +val_help: - ; Numbered port range (e.g., 1001-1005) diff --git a/templates-cfg/nat/rule/node.tag/log/node.def b/templates-cfg/nat/rule/node.tag/log/node.def new file mode 100644 index 0000000..867b471 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/log/node.def @@ -0,0 +1,6 @@ +type: txt + +help: NAT rule logging + +syntax:expression: $VAR(@) in "enable", "disable"; \ + "NAT logging must be enable or disable." diff --git a/templates-cfg/nat/rule/node.tag/outbound-interface/node.def b/templates-cfg/nat/rule/node.tag/outbound-interface/node.def new file mode 100644 index 0000000..28e42e8 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/outbound-interface/node.def @@ -0,0 +1,20 @@ +type: txt + +help: Outbound interface for NAT traffic + +enumeration: existing-interfaces + +val_help: ; Interface name + +commit:expression: exec " + intf_array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)) + intf_array_len=${#intf_array[*]} + i=0 + while [ $i -lt $intf_array_len ]; do + temp=${intf_array[$i]%:*} + if [ \"$temp\" == \"$VAR(@)\" ] ; then + exit 0 + fi + let i++ + done + echo NAT configuration warning: interface $VAR(@) does not exist on this system " diff --git a/templates-cfg/nat/rule/node.tag/outside-address/address/node.def b/templates-cfg/nat/rule/node.tag/outside-address/address/node.def new file mode 100644 index 0000000..abd5d45 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/outside-address/address/node.def @@ -0,0 +1,7 @@ +type: txt + +help: Outside IP address or range for NAT + +val_help: ipv4 ; NAT to the specified IP address +val_help: ipv4range ; NAT to the specified IP range +val_help: ipv4net ; NAT to the specified network address. Host part of the address will remain unchanged diff --git a/templates-cfg/nat/rule/node.tag/outside-address/node.def b/templates-cfg/nat/rule/node.tag/outside-address/node.def new file mode 100644 index 0000000..b8e1e19 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/outside-address/node.def @@ -0,0 +1 @@ +help: Outside NAT IP (used by source NAT only) diff --git a/templates-cfg/nat/rule/node.tag/outside-address/port/node.def b/templates-cfg/nat/rule/node.tag/outside-address/port/node.def new file mode 100644 index 0000000..8e3b331 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/outside-address/port/node.def @@ -0,0 +1,6 @@ +type: txt + +help: Outside port + +val_help: u32:1-65535 ; Numbered port +val_help: - ; Numbered port range (e.g., 1001-1005) diff --git a/templates-cfg/nat/rule/node.tag/protocol/node.def b/templates-cfg/nat/rule/node.tag/protocol/node.def new file mode 100644 index 0000000..882581d --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/protocol/node.def @@ -0,0 +1,15 @@ +type: txt + +help: Protocol to NAT + +val_help: txt ; IP protocol name from /etc/protocols (e.g. "tcp" or "udp") +val_help: u32:0-255 ; IP protocol number +val_help: tcp_udp ; Both TCP and UDP +val_help: all ; All IP protocols +val_help: ! ; All IP protocols except for the specified name or number (negation) + +syntax:expression: exec "if [ -n \"`/opt/vyatta/sbin/vyatta-validate-type.pl protocol_negate '$VAR(@)'`\" ] \ + && [ \"$VAR(@)\" != 'tcp_udp' ]; then \ + echo invalid protocol \"$VAR(@)\" ; \ + exit 1 ; \ + fi ; " diff --git a/templates-cfg/nat/rule/node.tag/source/address/node.def b/templates-cfg/nat/rule/node.tag/source/address/node.def new file mode 100644 index 0000000..08c0b41 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/source/address/node.def @@ -0,0 +1,10 @@ +type: txt + +help: Source IPv4 address, subnet, or range + +val_help: ipv4 ; IP address to match +val_help: ipv4net ; Subnet to match +val_help: ipv4range ; IP range to match +val_help: !ipv4 ; Match everything except the specified address +val_help: !ipv4net ; Match everything except the specified subnet +val_help: !ipv4range ; Match everything except the specified range diff --git a/templates-cfg/nat/rule/node.tag/source/node.def b/templates-cfg/nat/rule/node.tag/source/node.def new file mode 100644 index 0000000..299f6e5 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/source/node.def @@ -0,0 +1 @@ +help: NAT source parameters diff --git a/templates-cfg/nat/rule/node.tag/source/port/node.def b/templates-cfg/nat/rule/node.tag/source/port/node.def new file mode 100644 index 0000000..d0e9de6 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/source/port/node.def @@ -0,0 +1,11 @@ +type: txt + +help: Source port + +val_help: ; Named port (any name in /etc/services, e.g., http) +val_help: u32:1-65535 ; Numbered port +val_help: - ; Numbered port range (e.g., 1001-1005) + +comp_help: Multiple source ports can be specified as a comma-separated list. +The whole list can also be "negated" using '!'. +For example: '!22,telnet,http,123,1001-1005' diff --git a/templates-cfg/nat/rule/node.tag/type/node.def b/templates-cfg/nat/rule/node.tag/type/node.def new file mode 100644 index 0000000..3f65d88 --- /dev/null +++ b/templates-cfg/nat/rule/node.tag/type/node.def @@ -0,0 +1,9 @@ +type: txt + +help: Type of NAT [REQUIRED] + +syntax:expression: $VAR(@) in "source", "destination", "masquerade"; "invalid type $VAR(@)" + +val_help: source ; Source NAT +val_help: destination ; Destination NAT +val_help: masquerade ; Masquerade NAT diff --git a/templates-cfg/service/nat/node.def b/templates-cfg/service/nat/node.def deleted file mode 100644 index 63f8866..0000000 --- a/templates-cfg/service/nat/node.def +++ /dev/null @@ -1,5 +0,0 @@ -priority: 220 - -help: Network Address Translation (NAT) parameters - -end:expression: "sudo /opt/vyatta/sbin/vyatta-update-nat.pl" diff --git a/templates-cfg/service/nat/rule/node.def b/templates-cfg/service/nat/rule/node.def deleted file mode 100644 index c666be9..0000000 --- a/templates-cfg/service/nat/rule/node.def +++ /dev/null @@ -1,11 +0,0 @@ -tag: - -type: u32 - -help: Rule number for NAT - -syntax:expression: ($VAR(@) > 0 && $VAR(@) < 10000) ; \ - "Rule number must be between 1 and 9999." - -val_help: u32:1-9999 ; Number for this NAT rule - diff --git a/templates-cfg/service/nat/rule/node.tag/description/node.def b/templates-cfg/service/nat/rule/node.tag/description/node.def deleted file mode 100644 index 90bf88b..0000000 --- a/templates-cfg/service/nat/rule/node.tag/description/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt - -help: Rule description diff --git a/templates-cfg/service/nat/rule/node.tag/destination/address/node.def b/templates-cfg/service/nat/rule/node.tag/destination/address/node.def deleted file mode 100644 index e580b57..0000000 --- a/templates-cfg/service/nat/rule/node.tag/destination/address/node.def +++ /dev/null @@ -1,10 +0,0 @@ -type: txt - -help: Destination IP address, subnet, or range - -val_help: ipv4 ; IP address to match -val_help: ipv4net; Subnet to match -val_help: ipv4range ; IP range to match -val_help: !ipv4 ; Match everything except the specified address -val_help: !ipv4net ; Match everything except the specified subnet -val_help: !ipv4range ; Match everything except the specified range diff --git a/templates-cfg/service/nat/rule/node.tag/destination/node.def b/templates-cfg/service/nat/rule/node.tag/destination/node.def deleted file mode 100644 index 8fc8e75..0000000 --- a/templates-cfg/service/nat/rule/node.tag/destination/node.def +++ /dev/null @@ -1 +0,0 @@ -help: NAT destination parameters diff --git a/templates-cfg/service/nat/rule/node.tag/destination/port/node.def b/templates-cfg/service/nat/rule/node.tag/destination/port/node.def deleted file mode 100644 index 7505487..0000000 --- a/templates-cfg/service/nat/rule/node.tag/destination/port/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt - -help: Destination port - -val_help: ; Named port (any name in /etc/services, e.g., http) -val_help: u32:1-65535 ; Numbered port -val_help: - ; Numbered port range (e.g., 1001-1005) - -comp_help: Multiple destination ports can be specified as a comma-separated list. -The whole list can also be "negated" using '!'. -For example: '!22,telnet,http,123,1001-1005' diff --git a/templates-cfg/service/nat/rule/node.tag/disable/node.def b/templates-cfg/service/nat/rule/node.tag/disable/node.def deleted file mode 100644 index c23fc5a..0000000 --- a/templates-cfg/service/nat/rule/node.tag/disable/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Disable NAT rule diff --git a/templates-cfg/service/nat/rule/node.tag/exclude/node.def b/templates-cfg/service/nat/rule/node.tag/exclude/node.def deleted file mode 100644 index 3fc118a..0000000 --- a/templates-cfg/service/nat/rule/node.tag/exclude/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Exclude packets matching this rule from NAT diff --git a/templates-cfg/service/nat/rule/node.tag/inbound-interface/node.def b/templates-cfg/service/nat/rule/node.tag/inbound-interface/node.def deleted file mode 100644 index 69913d6..0000000 --- a/templates-cfg/service/nat/rule/node.tag/inbound-interface/node.def +++ /dev/null @@ -1,20 +0,0 @@ -type: txt - -help: Inbound interface of NAT traffic - -enumeration: existing-interfaces - -val_help: ; Interface name - -commit:expression: exec " - intf_array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)) - intf_array_len=${#intf_array[*]} - i=0 - while [ $i -lt $intf_array_len ]; do - temp=${intf_array[$i]%:*} - if [ \"$temp\" == \"$VAR(@)\" ] ; then - exit 0 - fi - let i++ - done - echo NAT configuration warning: interface $VAR(@) does not exist on this system " diff --git a/templates-cfg/service/nat/rule/node.tag/inside-address/address/node.def b/templates-cfg/service/nat/rule/node.tag/inside-address/address/node.def deleted file mode 100644 index a00b483..0000000 --- a/templates-cfg/service/nat/rule/node.tag/inside-address/address/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: txt - -help: Inside IP address or range for NAT - -val_help: ipv4 ; NAT to the specified IP address -val_help: ipv4range ; NAT to the specified IP range -val_help: ipv4net ; NAT to the specified network address. Host part of the address will remain unchanged diff --git a/templates-cfg/service/nat/rule/node.tag/inside-address/node.def b/templates-cfg/service/nat/rule/node.tag/inside-address/node.def deleted file mode 100644 index e13cd32..0000000 --- a/templates-cfg/service/nat/rule/node.tag/inside-address/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Inside NAT IP (used by destination NAT only) diff --git a/templates-cfg/service/nat/rule/node.tag/inside-address/port/node.def b/templates-cfg/service/nat/rule/node.tag/inside-address/port/node.def deleted file mode 100644 index ab6f9d4..0000000 --- a/templates-cfg/service/nat/rule/node.tag/inside-address/port/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt - -help: Inside port - -val_help: u32:1-65535 ; Numbered port -val_help: - ; Numbered port range (e.g., 1001-1005) diff --git a/templates-cfg/service/nat/rule/node.tag/log/node.def b/templates-cfg/service/nat/rule/node.tag/log/node.def deleted file mode 100644 index 867b471..0000000 --- a/templates-cfg/service/nat/rule/node.tag/log/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt - -help: NAT rule logging - -syntax:expression: $VAR(@) in "enable", "disable"; \ - "NAT logging must be enable or disable." diff --git a/templates-cfg/service/nat/rule/node.tag/outbound-interface/node.def b/templates-cfg/service/nat/rule/node.tag/outbound-interface/node.def deleted file mode 100644 index 28e42e8..0000000 --- a/templates-cfg/service/nat/rule/node.tag/outbound-interface/node.def +++ /dev/null @@ -1,20 +0,0 @@ -type: txt - -help: Outbound interface for NAT traffic - -enumeration: existing-interfaces - -val_help: ; Interface name - -commit:expression: exec " - intf_array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)) - intf_array_len=${#intf_array[*]} - i=0 - while [ $i -lt $intf_array_len ]; do - temp=${intf_array[$i]%:*} - if [ \"$temp\" == \"$VAR(@)\" ] ; then - exit 0 - fi - let i++ - done - echo NAT configuration warning: interface $VAR(@) does not exist on this system " diff --git a/templates-cfg/service/nat/rule/node.tag/outside-address/address/node.def b/templates-cfg/service/nat/rule/node.tag/outside-address/address/node.def deleted file mode 100644 index abd5d45..0000000 --- a/templates-cfg/service/nat/rule/node.tag/outside-address/address/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: txt - -help: Outside IP address or range for NAT - -val_help: ipv4 ; NAT to the specified IP address -val_help: ipv4range ; NAT to the specified IP range -val_help: ipv4net ; NAT to the specified network address. Host part of the address will remain unchanged diff --git a/templates-cfg/service/nat/rule/node.tag/outside-address/node.def b/templates-cfg/service/nat/rule/node.tag/outside-address/node.def deleted file mode 100644 index b8e1e19..0000000 --- a/templates-cfg/service/nat/rule/node.tag/outside-address/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Outside NAT IP (used by source NAT only) diff --git a/templates-cfg/service/nat/rule/node.tag/outside-address/port/node.def b/templates-cfg/service/nat/rule/node.tag/outside-address/port/node.def deleted file mode 100644 index 8e3b331..0000000 --- a/templates-cfg/service/nat/rule/node.tag/outside-address/port/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: txt - -help: Outside port - -val_help: u32:1-65535 ; Numbered port -val_help: - ; Numbered port range (e.g., 1001-1005) diff --git a/templates-cfg/service/nat/rule/node.tag/protocol/node.def b/templates-cfg/service/nat/rule/node.tag/protocol/node.def deleted file mode 100644 index 882581d..0000000 --- a/templates-cfg/service/nat/rule/node.tag/protocol/node.def +++ /dev/null @@ -1,15 +0,0 @@ -type: txt - -help: Protocol to NAT - -val_help: txt ; IP protocol name from /etc/protocols (e.g. "tcp" or "udp") -val_help: u32:0-255 ; IP protocol number -val_help: tcp_udp ; Both TCP and UDP -val_help: all ; All IP protocols -val_help: ! ; All IP protocols except for the specified name or number (negation) - -syntax:expression: exec "if [ -n \"`/opt/vyatta/sbin/vyatta-validate-type.pl protocol_negate '$VAR(@)'`\" ] \ - && [ \"$VAR(@)\" != 'tcp_udp' ]; then \ - echo invalid protocol \"$VAR(@)\" ; \ - exit 1 ; \ - fi ; " diff --git a/templates-cfg/service/nat/rule/node.tag/source/address/node.def b/templates-cfg/service/nat/rule/node.tag/source/address/node.def deleted file mode 100644 index 08c0b41..0000000 --- a/templates-cfg/service/nat/rule/node.tag/source/address/node.def +++ /dev/null @@ -1,10 +0,0 @@ -type: txt - -help: Source IPv4 address, subnet, or range - -val_help: ipv4 ; IP address to match -val_help: ipv4net ; Subnet to match -val_help: ipv4range ; IP range to match -val_help: !ipv4 ; Match everything except the specified address -val_help: !ipv4net ; Match everything except the specified subnet -val_help: !ipv4range ; Match everything except the specified range diff --git a/templates-cfg/service/nat/rule/node.tag/source/node.def b/templates-cfg/service/nat/rule/node.tag/source/node.def deleted file mode 100644 index 299f6e5..0000000 --- a/templates-cfg/service/nat/rule/node.tag/source/node.def +++ /dev/null @@ -1 +0,0 @@ -help: NAT source parameters diff --git a/templates-cfg/service/nat/rule/node.tag/source/port/node.def b/templates-cfg/service/nat/rule/node.tag/source/port/node.def deleted file mode 100644 index d0e9de6..0000000 --- a/templates-cfg/service/nat/rule/node.tag/source/port/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt - -help: Source port - -val_help: ; Named port (any name in /etc/services, e.g., http) -val_help: u32:1-65535 ; Numbered port -val_help: - ; Numbered port range (e.g., 1001-1005) - -comp_help: Multiple source ports can be specified as a comma-separated list. -The whole list can also be "negated" using '!'. -For example: '!22,telnet,http,123,1001-1005' diff --git a/templates-cfg/service/nat/rule/node.tag/type/node.def b/templates-cfg/service/nat/rule/node.tag/type/node.def deleted file mode 100644 index 3f65d88..0000000 --- a/templates-cfg/service/nat/rule/node.tag/type/node.def +++ /dev/null @@ -1,9 +0,0 @@ -type: txt - -help: Type of NAT [REQUIRED] - -syntax:expression: $VAR(@) in "source", "destination", "masquerade"; "invalid type $VAR(@)" - -val_help: source ; Source NAT -val_help: destination ; Destination NAT -val_help: masquerade ; Masquerade NAT -- cgit v1.2.3