T5055: Firewall: add packet-type matcher in firewall and route policy

author: Nicolas Fort <nicolasfort1988@gmail.com> 2023-03-06 18:30:55 +0000
committer: Nicolas Fort <nicolasfort1988@gmail.com> 2023-03-06 19:15:15 +0000
commit: 16c494c2f1364283988b52e35faf6b01745bbed4 (patch)
tree: 7f30a99dd31d0aa3a519d5c89cf2f45dbd326776 /interface-definitions/include/firewall/packet-options.xml.i
parent: 14bca4e80c4d0773ada6862f732c2f1495594239 (diff)
download: vyos-1x-16c494c2f1364283988b52e35faf6b01745bbed4.tar.gz
vyos-1x-16c494c2f1364283988b52e35faf6b01745bbed4.zip
1 files changed, 63 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/packet-options.xml.i b/interface-definitions/include/firewall/packet-options.xml.i
new file mode 100644
index 000000000..cd94e69c2
--- /dev/null
+++ b/interface-definitions/include/firewall/packet-options.xml.i
@@ -0,0 +1,63 @@
+<!-- include start from firewall/packet-options.xml.i -->
+<leafNode name="packet-length">
+  <properties>
+    <help>Payload size in bytes, including header and data to match</help>
+    <valueHelp>
+      <format>u32:1-65535</format>
+      <description>Packet length to match</description>
+    </valueHelp>
+    <valueHelp>
+      <format>&lt;start-end&gt;</format>
+      <description>Packet length range to match</description>
+    </valueHelp>
+    <constraint>
+      <validator name="numeric" argument="--allow-range --range 1-65535"/>
+    </constraint>
+    <multi/>
+  </properties>
+</leafNode>
+<leafNode name="packet-length-exclude">
+  <properties>
+    <help>Payload size in bytes, including header and data not to match</help>
+    <valueHelp>
+      <format>u32:1-65535</format>
+      <description>Packet length not to match</description>
+    </valueHelp>
+    <valueHelp>
+      <format>&lt;start-end&gt;</format>
+      <description>Packet length range not to match</description>
+    </valueHelp>
+    <constraint>
+      <validator name="numeric" argument="--allow-range --range 1-65535"/>
+    </constraint>
+    <multi/>
+  </properties>
+</leafNode>
+<leafNode name="packet-type">
+  <properties>
+    <help>Packet type</help>
+    <completionHelp>
+      <list>broadcast host multicast other</list>
+    </completionHelp>
+    <valueHelp>
+      <format>broadcast</format>
+      <description>Match broadcast packet type</description>
+    </valueHelp>
+    <valueHelp>
+      <format>host</format>
+      <description>Match host packet type, addressed to local host</description>
+    </valueHelp>
+    <valueHelp>
+      <format>multicast</format>
+      <description>Match multicast packet type</description>
+    </valueHelp>
+    <valueHelp>
+      <format>other</format>
+      <description>Match packet addressed to another host</description>
+    </valueHelp>
+    <constraint>
+      <regex>(broadcast|host|multicast|other)</regex>
+    </constraint>
+  </properties>
+</leafNode>
+<!-- include end -->
author	Nicolas Fort <nicolasfort1988@gmail.com>	2023-03-06 18:30:55 +0000
committer	Nicolas Fort <nicolasfort1988@gmail.com>	2023-03-06 19:15:15 +0000
commit	16c494c2f1364283988b52e35faf6b01745bbed4 (patch)
tree	7f30a99dd31d0aa3a519d5c89cf2f45dbd326776 /interface-definitions/include/firewall/packet-options.xml.i
parent	14bca4e80c4d0773ada6862f732c2f1495594239 (diff)
download	vyos-1x-16c494c2f1364283988b52e35faf6b01745bbed4.tar.gz vyos-1x-16c494c2f1364283988b52e35faf6b01745bbed4.zip