summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2022-09-07 14:16:49 +0000
committerNicolas Fort <nicolasfort1988@gmail.com>2022-09-07 14:16:49 +0000
commit1eb71e8e80a30c559932690470791cdf10ac5c76 (patch)
tree8e7cae59241bf57575bff671546b591f03652ffd /interface-definitions
parentbdd7f6be4afae6dd8ccefede5de809f9bb73ee1d (diff)
downloadvyos-1x-1eb71e8e80a30c559932690470791cdf10ac5c76.tar.gz
vyos-1x-1eb71e8e80a30c559932690470791cdf10ac5c76.zip
T1024: Firewall and Policy route: add option to match dscp value, both on firewall and in policy route
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/firewall.xml.in2
-rw-r--r--interface-definitions/include/firewall/dscp.xml.i38
-rw-r--r--interface-definitions/policy-route.xml.in2
3 files changed, 42 insertions, 0 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index 0ab9d6a66..d1497d572 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -383,6 +383,7 @@
</children>
</node>
#include <include/firewall/common-rule.xml.i>
+ #include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
#include <include/firewall/hop-limit.xml.i>
<node name="icmpv6">
@@ -530,6 +531,7 @@
</children>
</node>
#include <include/firewall/common-rule.xml.i>
+ #include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
<node name="icmp">
<properties>
diff --git a/interface-definitions/include/firewall/dscp.xml.i b/interface-definitions/include/firewall/dscp.xml.i
new file mode 100644
index 000000000..642212d7e
--- /dev/null
+++ b/interface-definitions/include/firewall/dscp.xml.i
@@ -0,0 +1,38 @@
+<!-- include start from firewall/dscp.xml.i -->
+<leafNode name="dscp">
+ <properties>
+ <help>DSCP value</help>
+ <valueHelp>
+ <format>u32:0-63</format>
+ <description>DSCP value to match</description>
+ </valueHelp>
+ <valueHelp>
+ <format>&lt;start-end&gt;</format>
+ <description>DSCP range to match</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-63"/>
+ <validator name="range" argument="--min=0 --max=63"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<leafNode name="dscp-exclude">
+ <properties>
+ <help>DSCP value not to match</help>
+ <valueHelp>
+ <format>u32:0-63</format>
+ <description>DSCP value not to match</description>
+ </valueHelp>
+ <valueHelp>
+ <format>&lt;start-end&gt;</format>
+ <description>DSCP range not to match</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-63"/>
+ <validator name="range" argument="--min=0 --max=63"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<!-- include end --> \ No newline at end of file
diff --git a/interface-definitions/policy-route.xml.in b/interface-definitions/policy-route.xml.in
index ba1371fab..f480f3bd5 100644
--- a/interface-definitions/policy-route.xml.in
+++ b/interface-definitions/policy-route.xml.in
@@ -47,6 +47,7 @@
</children>
</node>
#include <include/policy/route-common-rule-ipv6.xml.i>
+ #include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
#include <include/firewall/hop-limit.xml.i>
</children>
@@ -98,6 +99,7 @@
</children>
</node>
#include <include/policy/route-common-rule.xml.i>
+ #include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
#include <include/firewall/ttl.xml.i>
</children>