diff options
author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-06-01 11:53:18 +0200 |
---|---|---|
committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-06-11 15:08:45 +0200 |
commit | 8ba45cfcc1cc3fba57e1f82fa1299b7c253ba5ea (patch) | |
tree | 37068db2932e20ed4aec01329c9e60d16eb769ed /interface-definitions | |
parent | fe18efba34c5d95d3052c9e6fda69668bbfe63f3 (diff) | |
download | vyos-1x-8ba45cfcc1cc3fba57e1f82fa1299b7c253ba5ea.tar.gz vyos-1x-8ba45cfcc1cc3fba57e1f82fa1299b7c253ba5ea.zip |
firewall: T4299: Add support for GeoIP filtering
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/firewall.xml.in | 4 | ||||
-rw-r--r-- | interface-definitions/include/firewall/geoip.xml.i | 22 |
2 files changed, 26 insertions, 0 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index 719088d03..2e9452dfd 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -366,6 +366,7 @@ </properties> <children> #include <include/firewall/address-ipv6.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group-ipv6.xml.i> #include <include/firewall/port.xml.i> </children> @@ -376,6 +377,7 @@ </properties> <children> #include <include/firewall/address-ipv6.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group-ipv6.xml.i> #include <include/firewall/port.xml.i> </children> @@ -552,6 +554,7 @@ </properties> <children> #include <include/firewall/address.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group.xml.i> #include <include/firewall/port.xml.i> </children> @@ -562,6 +565,7 @@ </properties> <children> #include <include/firewall/address.xml.i> + #include <include/firewall/geoip.xml.i> #include <include/firewall/source-destination-group.xml.i> #include <include/firewall/port.xml.i> </children> diff --git a/interface-definitions/include/firewall/geoip.xml.i b/interface-definitions/include/firewall/geoip.xml.i new file mode 100644 index 000000000..f6208f718 --- /dev/null +++ b/interface-definitions/include/firewall/geoip.xml.i @@ -0,0 +1,22 @@ +<!-- include start from firewall/geoip.xml.i --> +<node name="geoip"> + <properties> + <help>GeoIP options - Data provided by DB-IP.com</help> + </properties> + <children> + <leafNode name="country-code"> + <properties> + <help>GeoIP country code</help> + <valueHelp> + <format><country></format> + <description>Country code (2 characters)</description> + </valueHelp> + <constraint> + <regex>^(ad|ae|af|ag|ai|al|am|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bl|bm|bn|bo|bq|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cu|cv|cw|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|me|mf|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|ss|st|sv|sx|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tr|tt|tv|tw|tz|ua|ug|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|za|zm|zw)$</regex> + </constraint> + <multi /> + </properties> + </leafNode> + </children> +</node> +<!-- include end --> |