summaryrefslogtreecommitdiff
path: root/interface-definitions/include/firewall/packet-options.xml.i
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-03-10 21:22:46 +0100
committerGitHub <noreply@github.com>2023-03-10 21:22:46 +0100
commit5d4908288931c9c319eb428e99a35f8dc4a7b9d6 (patch)
tree5349f494b8534cd3ace8e97d4d208da78de6a406 /interface-definitions/include/firewall/packet-options.xml.i
parentfe82d86d3e87cb8d92ebc9d0652c08e3dd79a12c (diff)
parent16c494c2f1364283988b52e35faf6b01745bbed4 (diff)
downloadvyos-1x-5d4908288931c9c319eb428e99a35f8dc4a7b9d6.tar.gz
vyos-1x-5d4908288931c9c319eb428e99a35f8dc4a7b9d6.zip
Merge pull request #1871 from nicolas-fort/T5055
T5055: Firewall: add packet-type matcher in firewall and route policy
Diffstat (limited to 'interface-definitions/include/firewall/packet-options.xml.i')
-rw-r--r--interface-definitions/include/firewall/packet-options.xml.i63
1 files changed, 63 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/packet-options.xml.i b/interface-definitions/include/firewall/packet-options.xml.i
new file mode 100644
index 000000000..cd94e69c2
--- /dev/null
+++ b/interface-definitions/include/firewall/packet-options.xml.i
@@ -0,0 +1,63 @@
+<!-- include start from firewall/packet-options.xml.i -->
+<leafNode name="packet-length">
+ <properties>
+ <help>Payload size in bytes, including header and data to match</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Packet length to match</description>
+ </valueHelp>
+ <valueHelp>
+ <format>&lt;start-end&gt;</format>
+ <description>Packet length range to match</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--allow-range --range 1-65535"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<leafNode name="packet-length-exclude">
+ <properties>
+ <help>Payload size in bytes, including header and data not to match</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Packet length not to match</description>
+ </valueHelp>
+ <valueHelp>
+ <format>&lt;start-end&gt;</format>
+ <description>Packet length range not to match</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--allow-range --range 1-65535"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<leafNode name="packet-type">
+ <properties>
+ <help>Packet type</help>
+ <completionHelp>
+ <list>broadcast host multicast other</list>
+ </completionHelp>
+ <valueHelp>
+ <format>broadcast</format>
+ <description>Match broadcast packet type</description>
+ </valueHelp>
+ <valueHelp>
+ <format>host</format>
+ <description>Match host packet type, addressed to local host</description>
+ </valueHelp>
+ <valueHelp>
+ <format>multicast</format>
+ <description>Match multicast packet type</description>
+ </valueHelp>
+ <valueHelp>
+ <format>other</format>
+ <description>Match packet addressed to another host</description>
+ </valueHelp>
+ <constraint>
+ <regex>(broadcast|host|multicast|other)</regex>
+ </constraint>
+ </properties>
+</leafNode>
+<!-- include end -->