diff options
| author | hagbard <vyosdev@derith.de> | 2018-12-11 14:06:43 -0800 |
|---|---|---|
| committer | hagbard <vyosdev@derith.de> | 2018-12-11 14:06:43 -0800 |
| commit | 51f61991092a163f680e4ec8f122e73f4074ddf9 (patch) | |
| tree | 9daeccc59aa4b86337917f8c0b485f1d291aff2f /interface-definitions | |
| parent | f968d0846abc416c0eac51aeff55551f9df2dea0 (diff) | |
| download | vyos-1x-51f61991092a163f680e4ec8f122e73f4074ddf9.tar.gz vyos-1x-51f61991092a163f680e4ec8f122e73f4074ddf9.zip | |
T1087: Firewall on Wireguard Interface implementation
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/wireguard.xml | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/interface-definitions/wireguard.xml b/interface-definitions/wireguard.xml index 8bfffac9d..b7a76eedb 100644 --- a/interface-definitions/wireguard.xml +++ b/interface-definitions/wireguard.xml @@ -73,6 +73,82 @@ </constraint> </properties> </leafNode> + <node name="firewall" owner="${vyatta_sbindir}/vyatta-firewall-trap.pl --level='interfaces wireguard $VAR(../@) firewall'"> + <properties> + <help>Firewall options</help> + </properties> + <children> + <node name="in"> + <properties> + <help>Ruleset for forwarded packets on inbound interface</help> + </properties> + <children> + <leafNode name="name"> + <properties> + <help>Inbound IPv4 firewall ruleset name for interface</help> + <completionHelp> + <path>firewall name</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="ipv6-name"> + <properties> + <help>Inbound IPv6 firewall ruleset name for interface</help> + <completionHelp> + <path>firewall ipv6-name</path> + </completionHelp> + </properties> + </leafNode> + </children> + </node> + <node name="local"> + <properties> + <help>Ruleset for packets destined for this router</help> + </properties> + <children> + <leafNode name="name"> + <properties> + <help>Local IPv4 firewall ruleset name for interface</help> + <completionHelp> + <path>firewall name</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="ipv6-name"> + <properties> + <help>Local IPv4 firewall ruleset name for interface</help> + <completionHelp> + <path>firewall ipv6-name</path> + </completionHelp> + </properties> + </leafNode> + </children> + </node> + <node name="out"> + <properties> + <help>Ruleset for forwarded packets on outbound interface</help> + </properties> + <children> + <leafNode name="name"> + <properties> + <help>Outbound IPv4 firewall ruleset name for interface</help> + <completionHelp> + <path>firewall name</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="ipv6-name"> + <properties> + <help>Outbound IPv6 firewall ruleset name for interface</help> + <completionHelp> + <path>firewall ipv6-name</path> + </completionHelp> + </properties> + </leafNode> + </children> + </node> + </children> + </node> <tagNode name="peer"> <properties> <help>peer alias</help> |