T5600: firewall: change constraints for inbound|outbound interface-name. Now user can use VRF, and negated VRF, and configuration wonn't be broken after reboot.

2 files changed, 3 insertions, 5 deletions

diff --git a/interface-definitions/include/constraint/interface-name-with-wildcard-and-inverted.xml.i b/interface-definitions/include/constraint/interface-name-with-wildcard-and-inverted.xml.i
deleted file mode 100644
index 6a39041a3..000000000
--- a/interface-definitions/include/constraint/interface-name-with-wildcard-and-inverted.xml.i
+++ /dev/null
@@ -1,4 +0,0 @@
-<!-- include start from constraint/interface-name-with-wildcard-and-inverted.xml.i -->
-<regex>(\!?)(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)([0-9]?)(\*?)(.+)?|(\!?)lo</regex>
-<validator name="file-path --lookup-path /sys/class/net --directory"/>
-<!-- include end -->
\ No newline at end of file
diff --git a/interface-definitions/include/firewall/match-interface.xml.i b/interface-definitions/include/firewall/match-interface.xml.i
index 7810f88ab..1cd9f8c4a 100644
--- a/interface-definitions/include/firewall/match-interface.xml.i
+++ b/interface-definitions/include/firewall/match-interface.xml.i
@@ -4,6 +4,7 @@
     <help>Match interface</help>
     <completionHelp>
       <script>${vyos_completion_dir}/list_interfaces</script>
+      <path>vrf name</path>
     </completionHelp>
     <valueHelp>
       <format>txt</format>
@@ -18,7 +19,8 @@
       <description>Inverted interface name to match</description>
     </valueHelp>
     <constraint>
-      #include <include/constraint/interface-name-with-wildcard-and-inverted.xml.i>
+      <regex>(\!?)(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)([0-9]?)(\*?)(.+)?|(\!?)lo</regex>
+      <validator name="vrf-name"/>
     </constraint>
   </properties>
 </leafNode>