summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMohit Mehta <mohit.mehta@vyatta.com>2009-02-04 14:45:46 -0800
committerMohit Mehta <mohit.mehta@vyatta.com>2009-02-04 14:45:46 -0800
commit6e2fad213bc2eec10bde64ebc1cc8c5bdcf7dc3e (patch)
tree9f200f966172b9021f73442fa3c62a39bd590f86
parent54f1819713821759cf7348dac5ba3c9b31664515 (diff)
downloadvyatta-op-firewall-6e2fad213bc2eec10bde64ebc1cc8c5bdcf7dc3e.tar.gz
vyatta-op-firewall-6e2fad213bc2eec10bde64ebc1cc8c5bdcf7dc3e.zip
modify 'show firewall' hierarchy per config mode cli
-rwxr-xr-xscripts/firewall/vyatta-show-firewall.pl74
-rw-r--r--templates/show/firewall/ipv6-modify/node.def2
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/detail/node.def3
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.def1
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/node.def7
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/rule/node.def1
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/ipv6-modify/node.tag/statistics/node.def2
-rw-r--r--templates/show/firewall/ipv6-name/node.def2
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/detail/node.def3
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/detail/rule/node.def1
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/detail/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/node.def7
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/rule/node.def1
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/ipv6-name/node.tag/statistics/node.def2
-rw-r--r--templates/show/firewall/modify/node.def2
-rw-r--r--templates/show/firewall/modify/node.tag/detail/node.def3
-rw-r--r--templates/show/firewall/modify/node.tag/detail/rule/node.def1
-rw-r--r--templates/show/firewall/modify/node.tag/detail/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/modify/node.tag/node.def7
-rw-r--r--templates/show/firewall/modify/node.tag/rule/node.def1
-rw-r--r--templates/show/firewall/modify/node.tag/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/modify/node.tag/statistics/node.def2
-rw-r--r--templates/show/firewall/name/node.def2
-rw-r--r--templates/show/firewall/name/node.tag/detail/node.def3
-rw-r--r--templates/show/firewall/name/node.tag/detail/rule/node.def1
-rw-r--r--templates/show/firewall/name/node.tag/detail/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/name/node.tag/node.def7
-rw-r--r--templates/show/firewall/name/node.tag/rule/node.def1
-rw-r--r--templates/show/firewall/name/node.tag/rule/node.tag/node.def5
-rw-r--r--templates/show/firewall/name/node.tag/statistics/node.def2
-rw-r--r--templates/show/firewall/node.def3
-rw-r--r--templates/show/firewall/node.tag/detail/node.def4
-rw-r--r--templates/show/firewall/node.tag/detail/rule/node.def1
-rw-r--r--templates/show/firewall/node.tag/detail/rule/node.tag/node.def6
-rw-r--r--templates/show/firewall/node.tag/node.def11
-rw-r--r--templates/show/firewall/node.tag/rule/node.def1
-rw-r--r--templates/show/firewall/node.tag/rule/node.tag/node.def6
-rw-r--r--templates/show/firewall/node.tag/statistics/node.def4
41 files changed, 159 insertions, 55 deletions
diff --git a/scripts/firewall/vyatta-show-firewall.pl b/scripts/firewall/vyatta-show-firewall.pl
index 754cd92..f4a161a 100755
--- a/scripts/firewall/vyatta-show-firewall.pl
+++ b/scripts/firewall/vyatta-show-firewall.pl
@@ -6,7 +6,7 @@ use Vyatta::IpTables::Rule;
use Vyatta::IpTables::AddressFilter;
exit 1 if ($#ARGV < 1);
-my $chain_name = $ARGV[0];
+my $tree_chain = $ARGV[0];
my $xsl_file = $ARGV[1];
my $rule_num = $ARGV[2]; # rule number to match (optional)
@@ -33,6 +33,7 @@ sub numerically { $a <=> $b; }
#/serial/node.tag/cisco-hdlc/vif/node.tag/firewall/<dir>/name/node.def
#/serial/node.tag/frame-relay/vif/node.tag/firewall/<dir>/name/node.def
#/serial/node.tag/ppp/vif/node.tag/firewall/<dir>/name/node.def
+#/wirelessmodem/node.tag/firewall/<dir>/name/node.def
sub show_interfaces {
my $chain = shift;
@@ -150,17 +151,30 @@ sub show_chain($$$) {
print $fh "</format></opcommand>\n";
}
+#
+# main
+#
+
my $tree;
my $config = new Vyatta::Config;
my @chains;
+my @tree_chain_name = split('_', $tree_chain);
+my $tree_name = $tree_chain_name[0];
+my $chain_name = $tree_chain_name[1];
+
+# check if table-name is either 'all' or one of four keys in %table_hash
+if (!($tree_name eq "all" || (scalar(grep(/^$tree_name$/, (keys %table_hash))) > 0))) {
+ print "Invalid firewall type name [$tree_name]\n";
+ exit 1;
+}
-if ($chain_name eq "-all") {
+if ($tree_name eq "all") {
# Print all rule sets in all four trees
- foreach $tree (keys %table_hash) {
+ foreach $tree (reverse(sort(keys %table_hash))) {
my $description = $description_hash{$tree};
$config->setLevel("firewall $tree");
@chains = $config->listOrigNodes();
- foreach (@chains) {
+ foreach (sort @chains) {
print "$description Firewall \"$_\":\n";
show_interfaces($_);
open(RENDER, "| /opt/vyatta/sbin/render_xml $xsl_file") or exit 1;
@@ -169,29 +183,49 @@ if ($chain_name eq "-all") {
print "-" x 80 . "\n";
}
}
- exit 0
-} else {
- # Look through all four trees trying to find the rule set name passed in
- foreach $tree (keys %table_hash) {
+} elsif ($chain_name eq "all") {
+ # Print all rule sets in specified tree
+ $tree = $tree_name;
+ my $description = $description_hash{$tree};
$config->setLevel("firewall $tree");
@chains = $config->listOrigNodes();
- if (scalar(grep(/^$chain_name$/, @chains)) > 0) {
- # Found it!
- my $description = $description_hash{$tree};
- print "$description Firewall \"$chain_name\":\n";
- show_interfaces($chain_name);
+ foreach (sort @chains) {
+ print "$description Firewall \"$_\":\n";
+ show_interfaces($_);
open(RENDER, "| /opt/vyatta/sbin/render_xml $xsl_file") or exit 1;
- show_chain($chain_name, *RENDER{IO}, $tree);
+ show_chain($_, *RENDER{IO}, $tree);
close RENDER;
- exit 0
+ print "-" x 80 . "\n";
}
- }
-
- # Didn't find matching rule
- print "Invalid firewall name \"$chain_name\"\n";
- exit 1;
+} else {
+ # Print given rule set in specified tree
+ $tree = $tree_name;
+ $config->setLevel("firewall $tree");
+ @chains = $config->listOrigNodes();
+ # validate chain-name
+ if (!(scalar(grep(/^$chain_name$/, @chains)) > 0)) {
+ print "Invalid firewall instance [$chain_name] \n";
+ exit 1;
+ }
+ if (defined $rule_num) {
+ #validate rule-num for given chain
+ $config->setLevel("firewall $tree $chain_name rule");
+ my @rules = $config->listOrigNodes();
+ if (!(scalar(grep(/^$rule_num$/, @rules)) > 0)) {
+ print "Invalid rule $rule_num under firewall instance [$chain_name] \n";
+ exit 1;
+ }
+ }
+ my $description = $description_hash{$tree};
+ print "$description Firewall \"$chain_name\":\n";
+ show_interfaces($chain_name);
+ open(RENDER, "| /opt/vyatta/sbin/render_xml $xsl_file") or exit 1;
+ show_chain($chain_name, *RENDER{IO}, $tree);
+ close RENDER;
+ print "-" x 80 . "\n";
}
+exit 0;
# Local Variables:
# mode: perl
diff --git a/templates/show/firewall/ipv6-modify/node.def b/templates/show/firewall/ipv6-modify/node.def
new file mode 100644
index 0000000..124ca92
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.def
@@ -0,0 +1,2 @@
+help: Show IPv6 firewall modify chains
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_all" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/ipv6-modify/node.tag/detail/node.def b/templates/show/firewall/ipv6-modify/node.tag/detail/node.def
new file mode 100644
index 0000000..01c34a1
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/detail/node.def
@@ -0,0 +1,3 @@
+help: Show detailed IPv6 firewall modify rules information
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl
diff --git a/templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.def b/templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.def
new file mode 100644
index 0000000..a4f9757
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.def
@@ -0,0 +1 @@
+help: Show detailed IPv6 firewall modify rules information
diff --git a/templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.tag/node.def
new file mode 100644
index 0000000..e2cf0a6
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/detail/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show detailed information for specified IPv6 firewall modify rule
+
+allowed: ls /opt/vyatta/config/active/firewall/ipv6-modify/${COMP_WORDS[COMP_CWORD-3]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$7"
diff --git a/templates/show/firewall/ipv6-modify/node.tag/node.def b/templates/show/firewall/ipv6-modify/node.tag/node.def
new file mode 100644
index 0000000..5fea204
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/node.def
@@ -0,0 +1,7 @@
+help: Show rules for given IPv6 firewall modify chain
+
+allowed:
+ l1=`ls /opt/vyatta/config/active/firewall/ipv6-modify/ 2>/dev/null`
+ echo $l1
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/ipv6-modify/node.tag/rule/node.def b/templates/show/firewall/ipv6-modify/node.tag/rule/node.def
new file mode 100644
index 0000000..b4face1
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/rule/node.def
@@ -0,0 +1 @@
+help: Show summary of IPv6 firewall modify rules
diff --git a/templates/show/firewall/ipv6-modify/node.tag/rule/node.tag/node.def b/templates/show/firewall/ipv6-modify/node.tag/rule/node.tag/node.def
new file mode 100644
index 0000000..3fff5e7
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show summary of IPv6 firewall modify rules
+
+allowed: ls /opt/vyatta/config/active/firewall/ipv6-modify/${COMP_WORDS[COMP_CWORD-2]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl "$6"
diff --git a/templates/show/firewall/ipv6-modify/node.tag/statistics/node.def b/templates/show/firewall/ipv6-modify/node.tag/statistics/node.def
new file mode 100644
index 0000000..707efa3
--- /dev/null
+++ b/templates/show/firewall/ipv6-modify/node.tag/statistics/node.def
@@ -0,0 +1,2 @@
+help: Show IPv6 firewall modify counter information
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_statistics.xsl
diff --git a/templates/show/firewall/ipv6-name/node.def b/templates/show/firewall/ipv6-name/node.def
new file mode 100644
index 0000000..b14bdec
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.def
@@ -0,0 +1,2 @@
+help: Show IPv6 firewall chains
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_all" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/ipv6-name/node.tag/detail/node.def b/templates/show/firewall/ipv6-name/node.tag/detail/node.def
new file mode 100644
index 0000000..6ef355e
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/detail/node.def
@@ -0,0 +1,3 @@
+help: Show detailed IPv6 firewall rules information
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl
diff --git a/templates/show/firewall/ipv6-name/node.tag/detail/rule/node.def b/templates/show/firewall/ipv6-name/node.tag/detail/rule/node.def
new file mode 100644
index 0000000..345643e
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/detail/rule/node.def
@@ -0,0 +1 @@
+help: Show detailed IPv6 firewall rules information
diff --git a/templates/show/firewall/ipv6-name/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/ipv6-name/node.tag/detail/rule/node.tag/node.def
new file mode 100644
index 0000000..8ace257
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/detail/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show detailed information for specified IPv6 firewall rule
+
+allowed: ls /opt/vyatta/config/active/firewall/ipv6-name/${COMP_WORDS[COMP_CWORD-3]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$7"
diff --git a/templates/show/firewall/ipv6-name/node.tag/node.def b/templates/show/firewall/ipv6-name/node.tag/node.def
new file mode 100644
index 0000000..d59127c
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/node.def
@@ -0,0 +1,7 @@
+help: Show rules for given IPv6 firewall chain
+
+allowed:
+ l1=`ls /opt/vyatta/config/active/firewall/ipv6-name/ 2>/dev/null`
+ echo $l1
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/ipv6-name/node.tag/rule/node.def b/templates/show/firewall/ipv6-name/node.tag/rule/node.def
new file mode 100644
index 0000000..6044fcc
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/rule/node.def
@@ -0,0 +1 @@
+help: Show summary of IPv6 firewall rules
diff --git a/templates/show/firewall/ipv6-name/node.tag/rule/node.tag/node.def b/templates/show/firewall/ipv6-name/node.tag/rule/node.tag/node.def
new file mode 100644
index 0000000..7870797
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show summary of IPv6 firewall rules
+
+allowed: ls /opt/vyatta/config/active/firewall/ipv6-name/${COMP_WORDS[COMP_CWORD-2]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl "$6"
diff --git a/templates/show/firewall/ipv6-name/node.tag/statistics/node.def b/templates/show/firewall/ipv6-name/node.tag/statistics/node.def
new file mode 100644
index 0000000..435d507
--- /dev/null
+++ b/templates/show/firewall/ipv6-name/node.tag/statistics/node.def
@@ -0,0 +1,2 @@
+help: Show IPv6 firewall counter information
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_statistics.xsl
diff --git a/templates/show/firewall/modify/node.def b/templates/show/firewall/modify/node.def
new file mode 100644
index 0000000..cbd2fc6
--- /dev/null
+++ b/templates/show/firewall/modify/node.def
@@ -0,0 +1,2 @@
+help: Show IPv4 firewall modify chains
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_all" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/modify/node.tag/detail/node.def b/templates/show/firewall/modify/node.tag/detail/node.def
new file mode 100644
index 0000000..3e11efe
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/detail/node.def
@@ -0,0 +1,3 @@
+help: Show detailed IPv4 firewall modify rules information
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl
diff --git a/templates/show/firewall/modify/node.tag/detail/rule/node.def b/templates/show/firewall/modify/node.tag/detail/rule/node.def
new file mode 100644
index 0000000..b67d3eb
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/detail/rule/node.def
@@ -0,0 +1 @@
+help: Show detailed IPv4 firewall modify rules information
diff --git a/templates/show/firewall/modify/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/modify/node.tag/detail/rule/node.tag/node.def
new file mode 100644
index 0000000..bc451e3
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/detail/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show detailed information for specified IPv4 firewall modify rule
+
+allowed: ls /opt/vyatta/config/active/firewall/modify/${COMP_WORDS[COMP_CWORD-3]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$7"
diff --git a/templates/show/firewall/modify/node.tag/node.def b/templates/show/firewall/modify/node.tag/node.def
new file mode 100644
index 0000000..1bdce47
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/node.def
@@ -0,0 +1,7 @@
+help: Show rules for given IPv4 firewall modify chain
+
+allowed:
+ l1=`ls /opt/vyatta/config/active/firewall/modify/ 2>/dev/null`
+ echo $l1
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/modify/node.tag/rule/node.def b/templates/show/firewall/modify/node.tag/rule/node.def
new file mode 100644
index 0000000..44a9e1a
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/rule/node.def
@@ -0,0 +1 @@
+help: Show summary of IPv4 firewall modify rules
diff --git a/templates/show/firewall/modify/node.tag/rule/node.tag/node.def b/templates/show/firewall/modify/node.tag/rule/node.tag/node.def
new file mode 100644
index 0000000..be74324
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show summary of IPv4 firewall modify rules
+
+allowed: ls /opt/vyatta/config/active/firewall/modify/${COMP_WORDS[COMP_CWORD-2]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl "$6"
diff --git a/templates/show/firewall/modify/node.tag/statistics/node.def b/templates/show/firewall/modify/node.tag/statistics/node.def
new file mode 100644
index 0000000..a96479b
--- /dev/null
+++ b/templates/show/firewall/modify/node.tag/statistics/node.def
@@ -0,0 +1,2 @@
+help: Show IPv4 firewall modify counter information
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_statistics.xsl
diff --git a/templates/show/firewall/name/node.def b/templates/show/firewall/name/node.def
new file mode 100644
index 0000000..f164f73
--- /dev/null
+++ b/templates/show/firewall/name/node.def
@@ -0,0 +1,2 @@
+help: Show IPv4 firewall chains
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_all" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/name/node.tag/detail/node.def b/templates/show/firewall/name/node.tag/detail/node.def
new file mode 100644
index 0000000..0af8d69
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/detail/node.def
@@ -0,0 +1,3 @@
+help: Show detailed IPv4 firewall rules information
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl
diff --git a/templates/show/firewall/name/node.tag/detail/rule/node.def b/templates/show/firewall/name/node.tag/detail/rule/node.def
new file mode 100644
index 0000000..13fe7fc
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/detail/rule/node.def
@@ -0,0 +1 @@
+help: Show detailed IPv4 firewall rules information
diff --git a/templates/show/firewall/name/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/name/node.tag/detail/rule/node.tag/node.def
new file mode 100644
index 0000000..8b6adc2
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/detail/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show detailed information for specified IPv4 firewall rule
+
+allowed: ls /opt/vyatta/config/active/firewall/name/${COMP_WORDS[COMP_CWORD-3]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$7"
diff --git a/templates/show/firewall/name/node.tag/node.def b/templates/show/firewall/name/node.tag/node.def
new file mode 100644
index 0000000..0557c38
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/node.def
@@ -0,0 +1,7 @@
+help: Show rules for given IPv4 firewall chain
+
+allowed:
+ l1=`ls /opt/vyatta/config/active/firewall/name/ 2>/dev/null`
+ echo $l1
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/name/node.tag/rule/node.def b/templates/show/firewall/name/node.tag/rule/node.def
new file mode 100644
index 0000000..324d702
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/rule/node.def
@@ -0,0 +1 @@
+help: Show summary of IPv4 firewall rules
diff --git a/templates/show/firewall/name/node.tag/rule/node.tag/node.def b/templates/show/firewall/name/node.tag/rule/node.tag/node.def
new file mode 100644
index 0000000..6a21197
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/rule/node.tag/node.def
@@ -0,0 +1,5 @@
+help: Show summary of IPv4 firewall rules
+
+allowed: ls /opt/vyatta/config/active/firewall/name/${COMP_WORDS[COMP_CWORD-2]}/rule/ 2>/dev/null
+
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall.xsl "$6"
diff --git a/templates/show/firewall/name/node.tag/statistics/node.def b/templates/show/firewall/name/node.tag/statistics/node.def
new file mode 100644
index 0000000..6ee18d0
--- /dev/null
+++ b/templates/show/firewall/name/node.tag/statistics/node.def
@@ -0,0 +1,2 @@
+help: Show IPv4 firewall counter information
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3_$4" /opt/vyatta/share/xsl/show_firewall_statistics.xsl
diff --git a/templates/show/firewall/node.def b/templates/show/firewall/node.def
index dcce274..e179c45 100644
--- a/templates/show/firewall/node.def
+++ b/templates/show/firewall/node.def
@@ -1,4 +1,3 @@
help: Show firewall information
-
-run: ${vyatta_bindir}/vyatta-show-firewall.pl -all /opt/vyatta/share/xsl/show_firewall.xsl
+run: ${vyatta_bindir}/vyatta-show-firewall.pl "all_all" /opt/vyatta/share/xsl/show_firewall.xsl
diff --git a/templates/show/firewall/node.tag/detail/node.def b/templates/show/firewall/node.tag/detail/node.def
deleted file mode 100644
index 636dae0..0000000
--- a/templates/show/firewall/node.tag/detail/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-help: Show detailed firewall rules inforamtion
-
-run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl
-
diff --git a/templates/show/firewall/node.tag/detail/rule/node.def b/templates/show/firewall/node.tag/detail/rule/node.def
deleted file mode 100644
index 50746e0..0000000
--- a/templates/show/firewall/node.tag/detail/rule/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show detailed firewall rules information
diff --git a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def b/templates/show/firewall/node.tag/detail/rule/node.tag/node.def
deleted file mode 100644
index 525035b..0000000
--- a/templates/show/firewall/node.tag/detail/rule/node.tag/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-help: Show detailed information for specified firewall rule
-
-allowed: echo -n "<NUMBER>"
-
-run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_detail.xsl "$6"
-
diff --git a/templates/show/firewall/node.tag/node.def b/templates/show/firewall/node.tag/node.def
deleted file mode 100644
index 78c9857..0000000
--- a/templates/show/firewall/node.tag/node.def
+++ /dev/null
@@ -1,11 +0,0 @@
-help: Show firewall rules for given chain
-
-allowed:
- l1=`ls /opt/vyatta/config/active/firewall/name/ 2>/dev/null`
- l2=`ls /opt/vyatta/config/active/firewall/ipv6-name/ 2>/dev/null`
- l3=`ls /opt/vyatta/config/active/firewall/modify/ 2>/dev/null`
- l4=`ls /opt/vyatta/config/active/firewall/ipv6-modify/ 2>/dev/null`
- echo $l1 $l2 $l3 $l3
-
-run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl
-
diff --git a/templates/show/firewall/node.tag/rule/node.def b/templates/show/firewall/node.tag/rule/node.def
deleted file mode 100644
index bc086b5..0000000
--- a/templates/show/firewall/node.tag/rule/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show summary of firewall rules
diff --git a/templates/show/firewall/node.tag/rule/node.tag/node.def b/templates/show/firewall/node.tag/rule/node.tag/node.def
deleted file mode 100644
index 931c15d..0000000
--- a/templates/show/firewall/node.tag/rule/node.tag/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-help: Show summary of firewall rules
-
-allowed: echo -n "<NUMBER>"
-
-run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall.xsl "$5"
-
diff --git a/templates/show/firewall/node.tag/statistics/node.def b/templates/show/firewall/node.tag/statistics/node.def
deleted file mode 100644
index 515ab2c..0000000
--- a/templates/show/firewall/node.tag/statistics/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-help: Show firewall counter information
-run: ${vyatta_bindir}/vyatta-show-firewall.pl "$3" /opt/vyatta/share/xsl/show_firewall_statistics.xsl
-
-