summaryrefslogtreecommitdiff
path: root/interface-definitions/include
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-09-14 07:55:54 +0200
committerGitHub <noreply@github.com>2022-09-14 07:55:54 +0200
commite5c9f290b70c700fbec5acdb3a90bf0c67edd091 (patch)
tree531a8c025b5115b443e780c659a1e4973659a4ec /interface-definitions/include
parent24fc5a832dbdc3cb592674afd89bc72a22496713 (diff)
parent30945f39d6d1f0fdba34ce1c2d887a1a6823ecbe (diff)
downloadvyos-1x-e5c9f290b70c700fbec5acdb3a90bf0c67edd091.tar.gz
vyos-1x-e5c9f290b70c700fbec5acdb3a90bf0c67edd091.zip
Merge pull request #1534 from sarthurdev/firewall_interfaces
firewall: zone-policy: T2199: T4605: Refactor firewall, migrate zone-policy
Diffstat (limited to 'interface-definitions/include')
-rw-r--r--interface-definitions/include/firewall/name.xml.i18
-rw-r--r--interface-definitions/include/interface/interface-firewall-vif-c.xml.i79
-rw-r--r--interface-definitions/include/interface/interface-firewall-vif.xml.i79
-rw-r--r--interface-definitions/include/interface/interface-firewall.xml.i79
-rw-r--r--interface-definitions/include/interface/vif-s.xml.i2
-rw-r--r--interface-definitions/include/interface/vif.xml.i1
-rw-r--r--interface-definitions/include/version/firewall-version.xml.i2
7 files changed, 19 insertions, 241 deletions
diff --git a/interface-definitions/include/firewall/name.xml.i b/interface-definitions/include/firewall/name.xml.i
new file mode 100644
index 000000000..231b9b144
--- /dev/null
+++ b/interface-definitions/include/firewall/name.xml.i
@@ -0,0 +1,18 @@
+<!-- include start from firewall/name.xml.i -->
+<leafNode name="name">
+ <properties>
+ <help>Local IPv4 firewall ruleset name for interface</help>
+ <completionHelp>
+ <path>firewall name</path>
+ </completionHelp>
+ </properties>
+</leafNode>
+<leafNode name="ipv6-name">
+ <properties>
+ <help>Local IPv6 firewall ruleset name for interface</help>
+ <completionHelp>
+ <path>firewall ipv6-name</path>
+ </completionHelp>
+ </properties>
+</leafNode>
+<!-- include end from firewall/name.xml.i --> \ No newline at end of file
diff --git a/interface-definitions/include/interface/interface-firewall-vif-c.xml.i b/interface-definitions/include/interface/interface-firewall-vif-c.xml.i
deleted file mode 100644
index 1bc235fcb..000000000
--- a/interface-definitions/include/interface/interface-firewall-vif-c.xml.i
+++ /dev/null
@@ -1,79 +0,0 @@
-<!-- include start from interface/interface-firewall-vif-c.xml.i -->
-<node name="firewall" owner="${vyos_conf_scripts_dir}/firewall-interface.py $VAR(../../../@).$VAR(../../@).$VAR(../@)">
- <properties>
- <priority>615</priority>
- <help>Firewall options</help>
- </properties>
- <children>
- <node name="in">
- <properties>
- <help>forwarded packets on inbound interface</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Inbound IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Inbound IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="out">
- <properties>
- <help>forwarded packets on outbound interface</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Outbound IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Outbound IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="local">
- <properties>
- <help>packets destined for this router</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Local IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Local IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- </children>
-</node>
-<!-- include end -->
diff --git a/interface-definitions/include/interface/interface-firewall-vif.xml.i b/interface-definitions/include/interface/interface-firewall-vif.xml.i
deleted file mode 100644
index a37ac5c4a..000000000
--- a/interface-definitions/include/interface/interface-firewall-vif.xml.i
+++ /dev/null
@@ -1,79 +0,0 @@
-<!-- include start from interface/interface-firewall-vif.xml.i -->
-<node name="firewall" owner="${vyos_conf_scripts_dir}/firewall-interface.py $VAR(../../@).$VAR(../@)">
- <properties>
- <priority>615</priority>
- <help>Firewall options</help>
- </properties>
- <children>
- <node name="in">
- <properties>
- <help>forwarded packets on inbound interface</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Inbound IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Inbound IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="out">
- <properties>
- <help>forwarded packets on outbound interface</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Outbound IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Outbound IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="local">
- <properties>
- <help>packets destined for this router</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Local IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Local IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- </children>
-</node>
-<!-- include end -->
diff --git a/interface-definitions/include/interface/interface-firewall.xml.i b/interface-definitions/include/interface/interface-firewall.xml.i
deleted file mode 100644
index b3f20c3bf..000000000
--- a/interface-definitions/include/interface/interface-firewall.xml.i
+++ /dev/null
@@ -1,79 +0,0 @@
-<!-- include start from interface/interface-firewall.xml.i -->
-<node name="firewall" owner="${vyos_conf_scripts_dir}/firewall-interface.py $VAR(../@)">
- <properties>
- <priority>615</priority>
- <help>Firewall options</help>
- </properties>
- <children>
- <node name="in">
- <properties>
- <help>forwarded packets on inbound interface</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Inbound IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Inbound IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="out">
- <properties>
- <help>forwarded packets on outbound interface</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Outbound IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Outbound IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- <node name="local">
- <properties>
- <help>packets destined for this router</help>
- </properties>
- <children>
- <leafNode name="name">
- <properties>
- <help>Local IPv4 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall name</path>
- </completionHelp>
- </properties>
- </leafNode>
- <leafNode name="ipv6-name">
- <properties>
- <help>Local IPv6 firewall ruleset name for interface</help>
- <completionHelp>
- <path>firewall ipv6-name</path>
- </completionHelp>
- </properties>
- </leafNode>
- </children>
- </node>
- </children>
-</node>
-<!-- include end -->
diff --git a/interface-definitions/include/interface/vif-s.xml.i b/interface-definitions/include/interface/vif-s.xml.i
index c1af9f9e3..916349ade 100644
--- a/interface-definitions/include/interface/vif-s.xml.i
+++ b/interface-definitions/include/interface/vif-s.xml.i
@@ -18,7 +18,6 @@
#include <include/interface/dhcpv6-options.xml.i>
#include <include/interface/disable-link-detect.xml.i>
#include <include/interface/disable.xml.i>
- #include <include/interface/interface-firewall-vif.xml.i>
#include <include/interface/interface-policy-vif.xml.i>
<leafNode name="protocol">
<properties>
@@ -68,7 +67,6 @@
#include <include/interface/mtu-68-16000.xml.i>
#include <include/interface/redirect.xml.i>
#include <include/interface/vrf.xml.i>
- #include <include/interface/interface-firewall-vif-c.xml.i>
#include <include/interface/interface-policy-vif-c.xml.i>
</children>
</tagNode>
diff --git a/interface-definitions/include/interface/vif.xml.i b/interface-definitions/include/interface/vif.xml.i
index 57ef8d64c..73a8c98ff 100644
--- a/interface-definitions/include/interface/vif.xml.i
+++ b/interface-definitions/include/interface/vif.xml.i
@@ -18,7 +18,6 @@
#include <include/interface/dhcpv6-options.xml.i>
#include <include/interface/disable-link-detect.xml.i>
#include <include/interface/disable.xml.i>
- #include <include/interface/interface-firewall-vif.xml.i>
#include <include/interface/interface-policy-vif.xml.i>
<leafNode name="egress-qos">
<properties>
diff --git a/interface-definitions/include/version/firewall-version.xml.i b/interface-definitions/include/version/firewall-version.xml.i
index 059a89f24..065925319 100644
--- a/interface-definitions/include/version/firewall-version.xml.i
+++ b/interface-definitions/include/version/firewall-version.xml.i
@@ -1,3 +1,3 @@
<!-- include start from include/version/firewall-version.xml.i -->
-<syntaxVersion component='firewall' version='7'></syntaxVersion>
+<syntaxVersion component='firewall' version='8'></syntaxVersion>
<!-- include end -->