diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-09-08 17:36:17 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-08 17:36:17 +0200 |
| commit | a12559a728310f0e3bf6dc18f7bd2a0ba444b890 (patch) | |
| tree | 88d443e9961763c5ee0f922e9f68433d24f76e1e /interface-definitions/include/firewall/common-rule-bridge.xml.i | |
| parent | 28ccebeac2ee4390d7c109a8a2da6b24769ab113 (diff) | |
| parent | 1772c0a7232789e6eeb0caa78fe630fab899522d (diff) | |
| download | vyos-1x-a12559a728310f0e3bf6dc18f7bd2a0ba444b890.tar.gz vyos-1x-a12559a728310f0e3bf6dc18f7bd2a0ba444b890.zip | |
Merge pull request #2222 from nicolas-fort/T4072-fwall-bridge
T4072: add firewall bridge filtering.
Diffstat (limited to 'interface-definitions/include/firewall/common-rule-bridge.xml.i')
| -rw-r--r-- | interface-definitions/include/firewall/common-rule-bridge.xml.i | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/common-rule-bridge.xml.i b/interface-definitions/include/firewall/common-rule-bridge.xml.i new file mode 100644 index 000000000..381e04b1e --- /dev/null +++ b/interface-definitions/include/firewall/common-rule-bridge.xml.i @@ -0,0 +1,57 @@ +<!-- include start from firewall/common-rule-bridge.xml.i --> +#include <include/firewall/action-l2.xml.i> +#include <include/firewall/nft-queue.xml.i> +<node name="destination"> + <properties> + <help>Destination parameters</help> + </properties> + <children> + #include <include/firewall/mac-address.xml.i> + </children> +</node> +<leafNode name="disable"> + <properties> + <help>Option to disable firewall rule</help> + <valueless/> + </properties> +</leafNode> +<leafNode name="jump-target"> + <properties> + <help>Set jump target. Action jump must be defined to use this setting</help> + <completionHelp> + <path>firewall bridge name</path> + </completionHelp> + </properties> +</leafNode> +<leafNode name="log"> + <properties> + <help>Option to log packets matching rule</help> + <completionHelp> + <list>enable disable</list> + </completionHelp> + <valueHelp> + <format>enable</format> + <description>Enable log</description> + </valueHelp> + <valueHelp> + <format>disable</format> + <description>Disable log</description> + </valueHelp> + <constraint> + <regex>(enable|disable)</regex> + </constraint> + </properties> +</leafNode> +#include <include/firewall/rule-log-options.xml.i> +<node name="source"> + <properties> + <help>Source parameters</help> + </properties> + <children> + #include <include/firewall/mac-address.xml.i> + </children> +</node> +#include <include/firewall/inbound-interface.xml.i> +#include <include/firewall/outbound-interface.xml.i> +#include <include/firewall/match-vlan.xml.i> +<!-- include end -->
\ No newline at end of file |