summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2023-09-18 21:44:29 +0300
committerGitHub <noreply@github.com>2023-09-18 21:44:29 +0300
commitcf4759be20c475bd34edab9604f7371ff5857723 (patch)
tree36fc16b2ca818110bbbe4c144be5380b7bb0fa90 /interface-definitions
parent404fc9090629a61bc2110af7a2ec80ff30ec3608 (diff)
parentfb3ef9af5e394aa25692003fb3c185bfedefe3cb (diff)
downloadvyos-1x-cf4759be20c475bd34edab9604f7371ff5857723.tar.gz
vyos-1x-cf4759be20c475bd34edab9604f7371ff5857723.zip
Merge pull request #2276 from sarthurdev/conntrack
conntrack: T5571: Refactor conntrack using vyos.configdep
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/firewall/common-rule-inet.xml.i1
-rw-r--r--interface-definitions/include/firewall/common-rule-ipv4-raw.xml.i1
-rw-r--r--interface-definitions/include/firewall/common-rule.xml.i1
-rw-r--r--interface-definitions/include/firewall/tcp-flags.xml.i18
-rw-r--r--interface-definitions/include/firewall/tcp-mss.xml.i25
-rw-r--r--interface-definitions/include/policy/route-common.xml.i1
-rw-r--r--interface-definitions/system-conntrack.xml.in2
7 files changed, 32 insertions, 17 deletions
diff --git a/interface-definitions/include/firewall/common-rule-inet.xml.i b/interface-definitions/include/firewall/common-rule-inet.xml.i
index 7a2eb86d4..e51dd0056 100644
--- a/interface-definitions/include/firewall/common-rule-inet.xml.i
+++ b/interface-definitions/include/firewall/common-rule-inet.xml.i
@@ -303,6 +303,7 @@
</children>
</node>
#include <include/firewall/tcp-flags.xml.i>
+#include <include/firewall/tcp-mss.xml.i>
<node name="time">
<properties>
<help>Time to match rule</help>
diff --git a/interface-definitions/include/firewall/common-rule-ipv4-raw.xml.i b/interface-definitions/include/firewall/common-rule-ipv4-raw.xml.i
index a1071a09a..e040c9b13 100644
--- a/interface-definitions/include/firewall/common-rule-ipv4-raw.xml.i
+++ b/interface-definitions/include/firewall/common-rule-ipv4-raw.xml.i
@@ -260,6 +260,7 @@
</children>
</node>
#include <include/firewall/tcp-flags.xml.i>
+#include <include/firewall/tcp-mss.xml.i>
<node name="time">
<properties>
<help>Time to match rule</help>
diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i
index 7417a3c58..c62bf2c5f 100644
--- a/interface-definitions/include/firewall/common-rule.xml.i
+++ b/interface-definitions/include/firewall/common-rule.xml.i
@@ -315,6 +315,7 @@
</children>
</node>
#include <include/firewall/tcp-flags.xml.i>
+#include <include/firewall/tcp-mss.xml.i>
<node name="time">
<properties>
<help>Time to match rule</help>
diff --git a/interface-definitions/include/firewall/tcp-flags.xml.i b/interface-definitions/include/firewall/tcp-flags.xml.i
index e2ce7b9fd..36546c2e4 100644
--- a/interface-definitions/include/firewall/tcp-flags.xml.i
+++ b/interface-definitions/include/firewall/tcp-flags.xml.i
@@ -1,7 +1,7 @@
<!-- include start from firewall/tcp-flags.xml.i -->
<node name="tcp">
<properties>
- <help>TCP flags to match</help>
+ <help>TCP options to match</help>
</properties>
<children>
<node name="flags">
@@ -114,22 +114,6 @@
</node>
</children>
</node>
- <leafNode name="mss">
- <properties>
- <help>Maximum segment size (MSS)</help>
- <valueHelp>
- <format>u32:1-16384</format>
- <description>Maximum segment size</description>
- </valueHelp>
- <valueHelp>
- <format>&lt;min&gt;-&lt;max&gt;</format>
- <description>TCP MSS range (use '-' as delimiter)</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--allow-range --range 1-16384"/>
- </constraint>
- </properties>
- </leafNode>
</children>
</node>
<!-- include end -->
diff --git a/interface-definitions/include/firewall/tcp-mss.xml.i b/interface-definitions/include/firewall/tcp-mss.xml.i
new file mode 100644
index 000000000..dc49b4272
--- /dev/null
+++ b/interface-definitions/include/firewall/tcp-mss.xml.i
@@ -0,0 +1,25 @@
+<!-- include start from firewall/tcp-mss.xml.i -->
+<node name="tcp">
+ <properties>
+ <help>TCP options to match</help>
+ </properties>
+ <children>
+ <leafNode name="mss">
+ <properties>
+ <help>Maximum segment size (MSS)</help>
+ <valueHelp>
+ <format>u32:1-16384</format>
+ <description>Maximum segment size</description>
+ </valueHelp>
+ <valueHelp>
+ <format>&lt;min&gt;-&lt;max&gt;</format>
+ <description>TCP MSS range (use '-' as delimiter)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--allow-range --range 1-16384"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/include/policy/route-common.xml.i b/interface-definitions/include/policy/route-common.xml.i
index 216ec9bea..6551d23ab 100644
--- a/interface-definitions/include/policy/route-common.xml.i
+++ b/interface-definitions/include/policy/route-common.xml.i
@@ -314,6 +314,7 @@
</children>
</node>
#include <include/firewall/tcp-flags.xml.i>
+#include <include/firewall/tcp-mss.xml.i>
<node name="time">
<properties>
<help>Time to match rule</help>
diff --git a/interface-definitions/system-conntrack.xml.in b/interface-definitions/system-conntrack.xml.in
index 78d19090c..4452f1a74 100644
--- a/interface-definitions/system-conntrack.xml.in
+++ b/interface-definitions/system-conntrack.xml.in
@@ -127,6 +127,7 @@
#include <include/nat-port.xml.i>
</children>
</node>
+ #include <include/firewall/tcp-flags.xml.i>
</children>
</tagNode>
</children>
@@ -212,6 +213,7 @@
#include <include/nat-port.xml.i>
</children>
</node>
+ #include <include/firewall/tcp-flags.xml.i>
</children>
</tagNode>
</children>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 06:43:02 +0000