diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2023-11-13 18:36:04 +0000 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2023-11-14 11:23:40 +0000 |
commit | 9e053268355f16b9aba6a551febc1e8902cf20c9 (patch) | |
tree | 0147d681b5242e0fe6ffe8aff0d2822593bb2535 /interface-definitions/include/policy | |
parent | 9f92b9ff69477fa93a87f49666a1f7b79949d585 (diff) | |
download | vyos-1x-9e053268355f16b9aba6a551febc1e8902cf20c9.tar.gz vyos-1x-9e053268355f16b9aba6a551febc1e8902cf20c9.zip |
T5729: T5590: T5616: backport to sagita fwall marks, fix on firewall logs parsing, and migration to valueless node for log and state matchers
Diffstat (limited to 'interface-definitions/include/policy')
-rw-r--r-- | interface-definitions/include/policy/route-common.xml.i | 105 |
1 files changed, 3 insertions, 102 deletions
diff --git a/interface-definitions/include/policy/route-common.xml.i b/interface-definitions/include/policy/route-common.xml.i index 216ec9bea..e68c18eef 100644 --- a/interface-definitions/include/policy/route-common.xml.i +++ b/interface-definitions/include/policy/route-common.xml.i @@ -1,6 +1,7 @@ <!-- include start from policy/route-common.xml.i -->
#include <include/policy/route-rule-action.xml.i>
#include <include/generic-description.xml.i>
+#include <include/firewall/firewall-mark.xml.i>
<leafNode name="disable">
<properties>
<help>Option to disable firewall rule</help>
@@ -76,25 +77,7 @@ </leafNode>
</children>
</node>
-<leafNode name="log">
- <properties>
- <help>Option to log packets matching rule</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable log</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable log</description>
- </valueHelp>
- <constraint>
- <regex>(enable|disable)</regex>
- </constraint>
- </properties>
-</leafNode>
+#include <include/firewall/log.xml.i>
<leafNode name="protocol">
<properties>
<help>Protocol to match (protocol name, number, or "all")</help>
@@ -230,89 +213,7 @@ </leafNode>
</children>
</node>
-<node name="state">
- <properties>
- <help>Session state</help>
- </properties>
- <children>
- <leafNode name="established">
- <properties>
- <help>Established state</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable</description>
- </valueHelp>
- <constraint>
- <regex>(enable|disable)</regex>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="invalid">
- <properties>
- <help>Invalid state</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable</description>
- </valueHelp>
- <constraint>
- <regex>(enable|disable)</regex>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="new">
- <properties>
- <help>New state</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable</description>
- </valueHelp>
- <constraint>
- <regex>(enable|disable)</regex>
- </constraint>
- </properties>
- </leafNode>
- <leafNode name="related">
- <properties>
- <help>Related state</help>
- <completionHelp>
- <list>enable disable</list>
- </completionHelp>
- <valueHelp>
- <format>enable</format>
- <description>Enable</description>
- </valueHelp>
- <valueHelp>
- <format>disable</format>
- <description>Disable</description>
- </valueHelp>
- <constraint>
- <regex>(enable|disable)</regex>
- </constraint>
- </properties>
- </leafNode>
- </children>
-</node>
+#include <include/firewall/state.xml.i>
#include <include/firewall/tcp-flags.xml.i>
<node name="time">
<properties>
|