diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-01-16 15:13:22 +0000 |
---|---|---|
committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-01-21 22:35:30 +0100 |
commit | 3e4f2f577746608de6944d18d2b827811c81f70c (patch) | |
tree | 834a2a4e2fba64d84e212fd5bfe2a2c5010b343d /interface-definitions/include/firewall | |
parent | e31493c32d0e95ef14c627d0bf181efbb81ef062 (diff) | |
download | vyos-1x-3e4f2f577746608de6944d18d2b827811c81f70c.tar.gz vyos-1x-3e4f2f577746608de6944d18d2b827811c81f70c.zip |
Firewall: T4186: Correct icmp type-name options for firewall rules
Diffstat (limited to 'interface-definitions/include/firewall')
-rw-r--r-- | interface-definitions/include/firewall/icmp-type-name.xml.i | 142 |
1 files changed, 21 insertions, 121 deletions
diff --git a/interface-definitions/include/firewall/icmp-type-name.xml.i b/interface-definitions/include/firewall/icmp-type-name.xml.i index b45fb619b..585b387e2 100644 --- a/interface-definitions/include/firewall/icmp-type-name.xml.i +++ b/interface-definitions/include/firewall/icmp-type-name.xml.i @@ -3,170 +3,70 @@ <properties> <help>ICMP type-name</help> <completionHelp> - <list>any echo-reply pong destination-unreachable network-unreachable host-unreachable protocol-unreachable port-unreachable fragmentation-needed source-route-failed network-unknown host-unknown network-prohibited host-prohibited TOS-network-unreachable TOS-host-unreachable communication-prohibited host-precedence-violation precedence-cutoff source-quench redirect network-redirect host-redirect TOS-network-redirect TOS host-redirect echo-request ping router-advertisement router-solicitation time-exceeded ttl-exceeded ttl-zero-during-transit ttl-zero-during-reassembly parameter-problem ip-header-bad required-option-missing timestamp-request timestamp-reply address-mask-request address-mask-reply</list> + <list>echo-reply destination-unreachable source-quench redirect echo-request router-advertisement router-solicitation time-exceeded parameter-problem timestamp-request timestamp-reply info-request info-reply address-mask-request address-mask-reply</list> </completionHelp> <valueHelp> - <format>any</format> - <description>Any ICMP type/code</description> - </valueHelp> - <valueHelp> <format>echo-reply</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>pong</format> - <description>ICMP type/code name</description> + <description>ICMP type 0: echo-reply</description> </valueHelp> <valueHelp> <format>destination-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>network-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>host-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>protocol-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>port-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>fragmentation-needed</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>source-route-failed</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>network-unknown</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>host-unknown</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>network-prohibited</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>host-prohibited</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>TOS-network-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>TOS-host-unreachable</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>communication-prohibited</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>host-precedence-violation</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>precedence-cutoff</format> - <description>ICMP type/code name</description> + <description>ICMP type 3: destination-unreachable</description> </valueHelp> <valueHelp> <format>source-quench</format> - <description>ICMP type/code name</description> + <description>ICMP type 4: source-quench</description> </valueHelp> <valueHelp> <format>redirect</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>network-redirect</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>host-redirect</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>TOS-network-redirect</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>TOS host-redirect</format> - <description>ICMP type/code name</description> + <description>ICMP type 5: redirect</description> </valueHelp> <valueHelp> <format>echo-request</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>ping</format> - <description>ICMP type/code name</description> + <description>ICMP type 8: echo-request</description> </valueHelp> <valueHelp> <format>router-advertisement</format> - <description>ICMP type/code name</description> + <description>ICMP type 9: router-advertisement</description> </valueHelp> <valueHelp> <format>router-solicitation</format> - <description>ICMP type/code name</description> + <description>ICMP type 10: router-solicitation</description> </valueHelp> <valueHelp> <format>time-exceeded</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>ttl-exceeded</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>ttl-zero-during-transit</format> - <description>ICMP type/code name</description> - </valueHelp> - <valueHelp> - <format>ttl-zero-during-reassembly</format> - <description>ICMP type/code name</description> + <description>ICMP type 11: time-exceeded</description> </valueHelp> <valueHelp> <format>parameter-problem</format> - <description>ICMP type/code name</description> + <description>ICMP type 12: parameter-problem</description> </valueHelp> <valueHelp> - <format>ip-header-bad</format> - <description>ICMP type/code name</description> + <format>timestamp-request</format> + <description>ICMP type 13: timestamp-request</description> </valueHelp> <valueHelp> - <format>required-option-missing</format> - <description>ICMP type/code name</description> + <format>timestamp-reply</format> + <description>ICMP type 14: timestamp-reply</description> </valueHelp> <valueHelp> - <format>timestamp-request</format> - <description>ICMP type/code name</description> + <format>info-request</format> + <description>ICMP type 15: info-request</description> </valueHelp> <valueHelp> - <format>timestamp-reply</format> - <description>ICMP type/code name</description> + <format>info-reply</format> + <description>ICMP type 16: info-reply</description> </valueHelp> <valueHelp> <format>address-mask-request</format> - <description>ICMP type/code name</description> + <description>ICMP type 17: address-mask-request</description> </valueHelp> <valueHelp> <format>address-mask-reply</format> - <description>ICMP type/code name</description> + <description>ICMP type 18: address-mask-replye</description> </valueHelp> <constraint> - <regex>^(any|echo-reply|pong|destination-unreachable|network-unreachable|host-unreachable|protocol-unreachable|port-unreachable|fragmentation-needed|source-route-failed|network-unknown|host-unknown|network-prohibited|host-prohibited|TOS-network-unreachable|TOS-host-unreachable|communication-prohibited|host-precedence-violation|precedence-cutoff|source-quench|redirect|network-redirect|host-redirect|TOS-network-redirect|TOS host-redirect|echo-request|ping|router-advertisement|router-solicitation|time-exceeded|ttl-exceeded|ttl-zero-during-transit|ttl-zero-during-reassembly|parameter-problem|ip-header-bad|required-option-missing|timestamp-request|timestamp-reply|address-mask-request|address-mask-reply)$</regex> + <regex>^(echo-reply|destination-unreachable|source-quench|redirect|echo-request|router-advertisement|router-solicitation|time-exceeded|parameter-problem|timestamp-request|timestamp-reply|info-request|info-reply|address-mask-request|address-mask-reply)$</regex> </constraint> </properties> </leafNode> |