diff options
author | Christian Poessinger <christian@poessinger.com> | 2019-12-03 22:01:19 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2019-12-06 20:58:56 +0100 |
commit | 0d4d4dd840e06c18250d73f27de61261ff141944 (patch) | |
tree | 5c515082495983658e22d27b1a838b2598e3ecd8 /interface-definitions/firewall-options.xml.in | |
parent | 1ac177febfdd0dfc5a5b40a1b30294de0e2a45e0 (diff) | |
download | vyos-1x-0d4d4dd840e06c18250d73f27de61261ff141944.tar.gz vyos-1x-0d4d4dd840e06c18250d73f27de61261ff141944.zip |
T1843: run interface-definitions though GCC preprocessor
A lot of XML code is duplicated (VLAN, interface address) for instance. Such
XML definitions should be moved to feature.xml.i files and then just pulled in
via GCC preprocessor #include definition in e.g. bond or ethernet definitions.
This will give us the ability to single-source repeating node definitions as:
* Interface Address
* Interface Description
* Interface Disable
* VLAN (both vif-s and vif-c)
The .in suffix of the interface-definitions is a marker that those files are
input files to the GCC preprocessor. They will be rendered into proper XML
files in the build directory.
Some node definitions have been reworder to remove escaped double quote
occurances which would have been warned about by the GCC preprocessor.
Diffstat (limited to 'interface-definitions/firewall-options.xml.in')
-rw-r--r-- | interface-definitions/firewall-options.xml.in | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/interface-definitions/firewall-options.xml.in b/interface-definitions/firewall-options.xml.in new file mode 100644 index 000000000..2936cc703 --- /dev/null +++ b/interface-definitions/firewall-options.xml.in @@ -0,0 +1,55 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="firewall"> + <children> + <node name="options"> + <properties> + <help>Firewall options/Packet manipulation</help> + <priority>990</priority> + </properties> + <children> + <tagNode name="interface" owner="sudo ${vyos_conf_scripts_dir}/firewall_options.py"> + <properties> + <help>Interface clamping options</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py</script> + </completionHelp> + </properties> + <children> + <leafNode name="disable"> + <properties> + <help>Disable this rule</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="adjust-mss"> + <properties> + <help>Adjust MSS for IPv4 transit packets</help> + <valueHelp> + <format>500-1460</format> + <description>TCP Maximum segment size in bytes</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 500-1460"/> + </constraint> + </properties> + </leafNode> + <leafNode name="adjust-mss6"> + <properties> + <help>Adjust MSS for IPv6 transit packets</help> + <valueHelp> + <format>1280-1492</format> + <description>TCP Maximum segment size in bytes</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1280-1492"/> + </constraint> + </properties> + </leafNode> + </children> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> |