firewall: policy: T4178: Migrate and refactor tcp flags

* Add support for ECN and CWR flags
author: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-01-15 12:48:48 +0100
committer: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-01-17 12:28:12 +0100
commit: 64668771d5f14fc4b68fff382d166238c164bdde (patch)
tree: 8138b4ae97d8edaf0ddf227b20cabb5c28af57f2 /interface-definitions/include/policy
parent: df5a862beb84145dfc8434efde7d7fee783199cf (diff)
download: vyos-1x-64668771d5f14fc4b68fff382d166238c164bdde.tar.gz
vyos-1x-64668771d5f14fc4b68fff382d166238c164bdde.zip
2 files changed, 2 insertions, 100 deletions
diff --git a/interface-definitions/include/policy/route-common-rule-ipv6.xml.i b/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
index b8fee4b7b..735edbd48 100644
--- a/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
+++ b/interface-definitions/include/policy/route-common-rule-ipv6.xml.i
@@ -320,56 +320,7 @@
     </leafNode>
   </children>
 </node>
-<node name="tcp">
-  <properties>
-    <help>TCP flags to match</help>
-  </properties>
-  <children>
-    <leafNode name="flags">
-      <properties>
-        <help>TCP flags to match</help>
-        <valueHelp>
-          <format>txt</format>
-          <description>Multiple comma-separated flags</description>
-        </valueHelp>
-        <valueHelp>
-          <format>syn</format>
-          <description>Syncronise flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>ack</format>
-          <description>Acknowledge flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>fin</format>
-          <description>Finish flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>rst</format>
-          <description>Reset flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>urg</format>
-          <description>Urgent flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>psh</format>
-          <description>Push flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format> </format>
-          <description>\n When specifying more than one flag, flags should be comma-separated.\n For example: value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset</description>
-        </valueHelp>
-        <completionHelp>
-          <list>syn ack fin rst urg psh</list>
-        </completionHelp>
-        <constraint>
-          <validator name="tcp-flag"/>
-        </constraint>
-      </properties>
-    </leafNode>
-  </children>
-</node>
+#include <include/firewall/tcp-flags.xml.i>
 <node name="time">
   <properties>
     <help>Time to match rule</help>
diff --git a/interface-definitions/include/policy/route-common-rule.xml.i b/interface-definitions/include/policy/route-common-rule.xml.i
index 17b47474d..4452f78fc 100644
--- a/interface-definitions/include/policy/route-common-rule.xml.i
+++ b/interface-definitions/include/policy/route-common-rule.xml.i
@@ -320,56 +320,7 @@
     </leafNode>
   </children>
 </node>
-<node name="tcp">
-  <properties>
-    <help>TCP flags to match</help>
-  </properties>
-  <children>
-    <leafNode name="flags">
-      <properties>
-        <help>TCP flags to match</help>
-        <valueHelp>
-          <format>txt</format>
-          <description>Multiple comma-separated flags</description>
-        </valueHelp>
-        <valueHelp>
-          <format>syn</format>
-          <description>Syncronise flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>ack</format>
-          <description>Acknowledge flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>fin</format>
-          <description>Finish flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>rst</format>
-          <description>Reset flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>urg</format>
-          <description>Urgent flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format>psh</format>
-          <description>Push flag</description>
-        </valueHelp>
-        <valueHelp>
-          <format> </format>
-          <description>\n When specifying more than one flag, flags should be comma-separated.\n For example: value of 'SYN,!ACK,!FIN,!RST' will only match packets with\n the SYN flag set, and the ACK, FIN and RST flags unset</description>
-        </valueHelp>
-        <completionHelp>
-          <list>syn ack fin rst urg psh</list>
-        </completionHelp>
-        <constraint>
-          <validator name="tcp-flag"/>
-        </constraint>
-      </properties>
-    </leafNode>
-  </children>
-</node>
+#include <include/firewall/tcp-flags.xml.i>
 <node name="time">
   <properties>
     <help>Time to match rule</help>
author	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-01-15 12:48:48 +0100
committer	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-01-17 12:28:12 +0100
commit	64668771d5f14fc4b68fff382d166238c164bdde (patch)
tree	8138b4ae97d8edaf0ddf227b20cabb5c28af57f2 /interface-definitions/include/policy
parent	df5a862beb84145dfc8434efde7d7fee783199cf (diff)
download	vyos-1x-64668771d5f14fc4b68fff382d166238c164bdde.tar.gz vyos-1x-64668771d5f14fc4b68fff382d166238c164bdde.zip