firewall: T4612: Support arbitrary netmasks

Add support for arbitrary netmasks on source/destination addresses in firewall rules. This is particularly useful with DHCPv6-PD when the delegated prefix changes periodically.
author: Rain <6818611+Rain@users.noreply.github.com> 2022-10-08 18:04:01 -0400
committer: Rain <6818611+Rain@users.noreply.github.com> 2022-10-08 18:04:01 -0400
commit: ca6b7340714c6161337f508978b9834722be58dc (patch)
tree: 349bbc00ff73a84851960a6fca7a40c38ba6de2d /interface-definitions/firewall.xml.in
parent: 8248aaaa7952db580a199bd36202e7f26c19ec88 (diff)
download: vyos-1x-ca6b7340714c6161337f508978b9834722be58dc.tar.gz
vyos-1x-ca6b7340714c6161337f508978b9834722be58dc.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index 773e86f00..2ac9ca31b 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -411,6 +411,7 @@
                   #include <include/firewall/geoip.xml.i>
                   #include <include/firewall/source-destination-group-ipv6.xml.i>
                   #include <include/firewall/port.xml.i>
+                  #include <include/firewall/address-mask-ipv6.xml.i>
                 </children>
               </node>
               <node name="source">
@@ -422,6 +423,7 @@
                   #include <include/firewall/geoip.xml.i>
                   #include <include/firewall/source-destination-group-ipv6.xml.i>
                   #include <include/firewall/port.xml.i>
+                  #include <include/firewall/address-mask-ipv6.xml.i>
                 </children>
               </node>
               #include <include/firewall/common-rule.xml.i>
@@ -575,6 +577,7 @@
                   #include <include/firewall/geoip.xml.i>
                   #include <include/firewall/source-destination-group.xml.i>
                   #include <include/firewall/port.xml.i>
+                  #include <include/firewall/address-mask.xml.i>
                 </children>
               </node>
               <node name="source">
@@ -586,6 +589,7 @@
                   #include <include/firewall/geoip.xml.i>
                   #include <include/firewall/source-destination-group.xml.i>
                   #include <include/firewall/port.xml.i>
+                  #include <include/firewall/address-mask.xml.i>
                 </children>
               </node>
               #include <include/firewall/common-rule.xml.i>
author	Rain <6818611+Rain@users.noreply.github.com>	2022-10-08 18:04:01 -0400
committer	Rain <6818611+Rain@users.noreply.github.com>	2022-10-08 18:04:01 -0400
commit	ca6b7340714c6161337f508978b9834722be58dc (patch)
tree	349bbc00ff73a84851960a6fca7a40c38ba6de2d /interface-definitions/firewall.xml.in
parent	8248aaaa7952db580a199bd36202e7f26c19ec88 (diff)
download	vyos-1x-ca6b7340714c6161337f508978b9834722be58dc.tar.gz vyos-1x-ca6b7340714c6161337f508978b9834722be58dc.zip