diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-03-10 21:22:46 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-03-10 21:22:46 +0100 |
| commit | 5d4908288931c9c319eb428e99a35f8dc4a7b9d6 (patch) | |
| tree | 5349f494b8534cd3ace8e97d4d208da78de6a406 /interface-definitions/include/firewall/packet-options.xml.i | |
| parent | fe82d86d3e87cb8d92ebc9d0652c08e3dd79a12c (diff) | |
| parent | 16c494c2f1364283988b52e35faf6b01745bbed4 (diff) | |
| download | vyos-1x-5d4908288931c9c319eb428e99a35f8dc4a7b9d6.tar.gz vyos-1x-5d4908288931c9c319eb428e99a35f8dc4a7b9d6.zip | |
Merge pull request #1871 from nicolas-fort/T5055
T5055: Firewall: add packet-type matcher in firewall and route policy
Diffstat (limited to 'interface-definitions/include/firewall/packet-options.xml.i')
| -rw-r--r-- | interface-definitions/include/firewall/packet-options.xml.i | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/packet-options.xml.i b/interface-definitions/include/firewall/packet-options.xml.i new file mode 100644 index 000000000..cd94e69c2 --- /dev/null +++ b/interface-definitions/include/firewall/packet-options.xml.i @@ -0,0 +1,63 @@ +<!-- include start from firewall/packet-options.xml.i --> +<leafNode name="packet-length"> + <properties> + <help>Payload size in bytes, including header and data to match</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Packet length to match</description> + </valueHelp> + <valueHelp> + <format><start-end></format> + <description>Packet length range to match</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--allow-range --range 1-65535"/> + </constraint> + <multi/> + </properties> +</leafNode> +<leafNode name="packet-length-exclude"> + <properties> + <help>Payload size in bytes, including header and data not to match</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Packet length not to match</description> + </valueHelp> + <valueHelp> + <format><start-end></format> + <description>Packet length range not to match</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--allow-range --range 1-65535"/> + </constraint> + <multi/> + </properties> +</leafNode> +<leafNode name="packet-type"> + <properties> + <help>Packet type</help> + <completionHelp> + <list>broadcast host multicast other</list> + </completionHelp> + <valueHelp> + <format>broadcast</format> + <description>Match broadcast packet type</description> + </valueHelp> + <valueHelp> + <format>host</format> + <description>Match host packet type, addressed to local host</description> + </valueHelp> + <valueHelp> + <format>multicast</format> + <description>Match multicast packet type</description> + </valueHelp> + <valueHelp> + <format>other</format> + <description>Match packet addressed to another host</description> + </valueHelp> + <constraint> + <regex>(broadcast|host|multicast|other)</regex> + </constraint> + </properties> +</leafNode> +<!-- include end --> |