diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2023-07-28 20:29:01 +0000 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2023-07-31 12:47:13 +0000 |
commit | b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a (patch) | |
tree | 9d199fbc4d1f5b31a81f3ec1a68fc6d8dfc0f27d /interface-definitions/include/firewall | |
parent | 26af45a61bbe8b219b57127a869e723b11886522 (diff) | |
download | vyos-1x-b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a.tar.gz vyos-1x-b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a.zip |
T5014: nat: add source and destination nat options for configuring load balance within a single rule.
Diffstat (limited to 'interface-definitions/include/firewall')
-rw-r--r-- | interface-definitions/include/firewall/firewall-hashing-parameters.xml.i | 35 | ||||
-rw-r--r-- | interface-definitions/include/firewall/nat-balance.xml.i | 28 |
2 files changed, 63 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/firewall-hashing-parameters.xml.i b/interface-definitions/include/firewall/firewall-hashing-parameters.xml.i new file mode 100644 index 000000000..7f34de3ba --- /dev/null +++ b/interface-definitions/include/firewall/firewall-hashing-parameters.xml.i @@ -0,0 +1,35 @@ +<!-- include start from firewall/firewall-hashing-parameters.xml.i --> +<leafNode name="hash"> + <properties> + <help>Define the parameters of the packet header to apply the hashing</help> + <completionHelp> + <list>source-address destination-address source-port destination-port random</list> + </completionHelp> + <valueHelp> + <format>source-address</format> + <description>Use source IP address for hashing</description> + </valueHelp> + <valueHelp> + <format>destination-address</format> + <description>Use destination IP address for hashing</description> + </valueHelp> + <valueHelp> + <format>source-port</format> + <description>Use source port for hashing</description> + </valueHelp> + <valueHelp> + <format>destination-port</format> + <description>Use destination port for hashing</description> + </valueHelp> + <valueHelp> + <format>random</format> + <description>Do not use information from ip header. Use random value.</description> + </valueHelp> + <constraint> + <regex>(source-address|destination-address|source-port|destination-port|random)</regex> + </constraint> + <multi/> + </properties> + <defaultValue>random</defaultValue> +</leafNode> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/firewall/nat-balance.xml.i b/interface-definitions/include/firewall/nat-balance.xml.i new file mode 100644 index 000000000..ac60a2545 --- /dev/null +++ b/interface-definitions/include/firewall/nat-balance.xml.i @@ -0,0 +1,28 @@ +<!-- include start from firewall/nat-balance.xml.i --> +<tagNode name="member"> + <properties> + <help>Translated IP address</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address to match</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + </constraint> + </properties> + <children> + <leafNode name="weight"> + <properties> + <help>Set probability for this output value</help> + <valueHelp> + <format>u32:1-100</format> + <description>Set probability for this output value</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--allow-range --range 1-100"/> + </constraint> + </properties> + </leafNode> + </children> +</tagNode> +<!-- include end -->
\ No newline at end of file |