T4839: firewall: Add dynamic address group in firewall configuration, and appropiate commands to populate such groups using source and destination address of the packet.

(cherry picked from commit 6ce5fedb602c5ea0df52049a5e9c4fb4f5a86122)
author: Nicolas Fort <nicolasfort1988@gmail.com> 2024-01-05 12:13:17 +0000
committer: Mergify <37929162+mergify[bot]@users.noreply.github.com> 2024-02-01 20:22:26 +0000
commit: 3ce9583b9420ed72cf45728f439f00b1c4cf5800 (patch)
tree: fa903955d30ca32944bf0b89daf33f928760eb23 /interface-definitions/include/firewall/common-rule-ipv6.xml.i
parent: 9109a5603963216180f6d6fe09820ee1ba227ade (diff)
download: vyos-1x-3ce9583b9420ed72cf45728f439f00b1c4cf5800.tar.gz
vyos-1x-3ce9583b9420ed72cf45728f439f00b1c4cf5800.zip
1 files changed, 25 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/common-rule-ipv6.xml.i b/interface-definitions/include/firewall/common-rule-ipv6.xml.i
index 6219557db..78eeb361e 100644
--- a/interface-definitions/include/firewall/common-rule-ipv6.xml.i
+++ b/interface-definitions/include/firewall/common-rule-ipv6.xml.i
@@ -1,6 +1,29 @@
 <!-- include start from firewall/common-rule-ipv6.xml.i -->
 #include <include/firewall/common-rule-inet.xml.i>
 #include <include/firewall/hop-limit.xml.i>
+<node name="add-address-to-group">
+  <properties>
+    <help>Add ipv6 address to dynamic ipv6-address-group</help>
+  </properties>
+  <children>
+    <node name="source-address">
+      <properties>
+        <help>Add source ipv6 addresses to dynamic ipv6-address-group</help>
+      </properties>
+      <children>
+        #include <include/firewall/add-dynamic-ipv6-address-groups.xml.i>
+      </children>
+    </node>
+    <node name="destination-address">
+      <properties>
+        <help>Add destination ipv6 addresses to dynamic ipv6-address-group</help>
+      </properties>
+      <children>
+        #include <include/firewall/add-dynamic-ipv6-address-groups.xml.i>
+      </children>
+    </node>
+  </children>
+</node>
 <node name="destination">
   <properties>
     <help>Destination parameters</help>
@@ -13,6 +36,7 @@
     #include <include/firewall/mac-address.xml.i>
     #include <include/firewall/port.xml.i>
     #include <include/firewall/source-destination-group-ipv6.xml.i>
+    #include <include/firewall/source-destination-dynamic-group-ipv6.xml.i>
   </children>
 </node>
 <node name="icmpv6">
@@ -67,6 +91,7 @@
     #include <include/firewall/mac-address.xml.i>
     #include <include/firewall/port.xml.i>
     #include <include/firewall/source-destination-group-ipv6.xml.i>
+    #include <include/firewall/source-destination-dynamic-group-ipv6.xml.i>
   </children>
 </node>
 <!-- include end -->
 \ No newline at end of file
author	Nicolas Fort <nicolasfort1988@gmail.com>	2024-01-05 12:13:17 +0000
committer	Mergify <37929162+mergify[bot]@users.noreply.github.com>	2024-02-01 20:22:26 +0000
commit	3ce9583b9420ed72cf45728f439f00b1c4cf5800 (patch)
tree	fa903955d30ca32944bf0b89daf33f928760eb23 /interface-definitions/include/firewall/common-rule-ipv6.xml.i
parent	9109a5603963216180f6d6fe09820ee1ba227ade (diff)
download	vyos-1x-3ce9583b9420ed72cf45728f439f00b1c4cf5800.tar.gz vyos-1x-3ce9583b9420ed72cf45728f439f00b1c4cf5800.zip