summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2023-10-25 11:59:01 +0000
committerNicolas Fort <nicolasfort1988@gmail.com>2023-10-25 11:59:01 +0000
commit51abbc0f1b2ccf4785cf7f29f1fe6f4af6007ee6 (patch)
tree0a00a858b06b89abccf9d736d2a7d3ff6f35bc31 /interface-definitions
parent90bcb2f96f32f20c355ce4223d0afe89fb12271f (diff)
downloadvyos-1x-51abbc0f1b2ccf4785cf7f29f1fe6f4af6007ee6.tar.gz
vyos-1x-51abbc0f1b2ccf4785cf7f29f1fe6f4af6007ee6.zip
T5681: Firewall,Nat and Nat66: simplified and standarize interface matcher (valid for interfaces and groups) in firewal, nat and nat66.
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/firewall/inbound-interface-no-group.xml.i34
-rw-r--r--interface-definitions/include/firewall/match-interface.xml.i4
-rw-r--r--interface-definitions/include/firewall/outbound-interface-no-group.xml.i34
-rw-r--r--interface-definitions/nat66.xml.in19
4 files changed, 72 insertions, 19 deletions
diff --git a/interface-definitions/include/firewall/inbound-interface-no-group.xml.i b/interface-definitions/include/firewall/inbound-interface-no-group.xml.i
new file mode 100644
index 000000000..bcd4c9570
--- /dev/null
+++ b/interface-definitions/include/firewall/inbound-interface-no-group.xml.i
@@ -0,0 +1,34 @@
+<!-- include start from firewall/inbound-interface-no-group.xml.i -->
+<node name="inbound-interface">
+ <properties>
+ <help>Match inbound-interface</help>
+ </properties>
+ <children>
+ <leafNode name="name">
+ <properties>
+ <help>Match interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces</script>
+ <path>vrf name</path>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Interface name</description>
+ </valueHelp>
+ <valueHelp>
+ <format>txt*</format>
+ <description>Interface name with wildcard</description>
+ </valueHelp>
+ <valueHelp>
+ <format>!txt</format>
+ <description>Inverted interface name to match</description>
+ </valueHelp>
+ <constraint>
+ <regex>(\!?)(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)([0-9]?)(\*?)(.+)?|(\!?)lo</regex>
+ <validator name="vrf-name"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<!-- include end --> \ No newline at end of file
diff --git a/interface-definitions/include/firewall/match-interface.xml.i b/interface-definitions/include/firewall/match-interface.xml.i
index 1cd9f8c4a..5da6f51fb 100644
--- a/interface-definitions/include/firewall/match-interface.xml.i
+++ b/interface-definitions/include/firewall/match-interface.xml.i
@@ -1,5 +1,5 @@
<!-- include start from firewall/match-interface.xml.i -->
-<leafNode name="interface-name">
+<leafNode name="name">
<properties>
<help>Match interface</help>
<completionHelp>
@@ -24,7 +24,7 @@
</constraint>
</properties>
</leafNode>
-<leafNode name="interface-group">
+<leafNode name="group">
<properties>
<help>Match interface-group</help>
<completionHelp>
diff --git a/interface-definitions/include/firewall/outbound-interface-no-group.xml.i b/interface-definitions/include/firewall/outbound-interface-no-group.xml.i
new file mode 100644
index 000000000..e3bace42d
--- /dev/null
+++ b/interface-definitions/include/firewall/outbound-interface-no-group.xml.i
@@ -0,0 +1,34 @@
+<!-- include start from firewall/outbound-interface-no-group.xml.i -->
+<node name="outbound-interface">
+ <properties>
+ <help>Match outbound-interface</help>
+ </properties>
+ <children>
+ <leafNode name="name">
+ <properties>
+ <help>Match interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces</script>
+ <path>vrf name</path>
+ </completionHelp>
+ <valueHelp>
+ <format>txt</format>
+ <description>Interface name</description>
+ </valueHelp>
+ <valueHelp>
+ <format>txt*</format>
+ <description>Interface name with wildcard</description>
+ </valueHelp>
+ <valueHelp>
+ <format>!txt</format>
+ <description>Inverted interface name to match</description>
+ </valueHelp>
+ <constraint>
+ <regex>(\!?)(bond|br|dum|en|ersp|eth|gnv|ifb|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)([0-9]?)(\*?)(.+)?|(\!?)lo</regex>
+ <validator name="vrf-name"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+</node>
+<!-- include end --> \ No newline at end of file
diff --git a/interface-definitions/nat66.xml.in b/interface-definitions/nat66.xml.in
index 7a8970bdf..a657535ba 100644
--- a/interface-definitions/nat66.xml.in
+++ b/interface-definitions/nat66.xml.in
@@ -38,14 +38,7 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="outbound-interface">
- <properties>
- <help>Outbound interface of NAT66 traffic</help>
- <completionHelp>
- <script>${vyos_completion_dir}/list_interfaces</script>
- </completionHelp>
- </properties>
- </leafNode>
+ #include <include/firewall/outbound-interface-no-group.xml.i>
#include <include/nat/protocol.xml.i>
<node name="destination">
<properties>
@@ -166,15 +159,7 @@
<valueless/>
</properties>
</leafNode>
- <leafNode name="inbound-interface">
- <properties>
- <help>Inbound interface of NAT66 traffic</help>
- <completionHelp>
- <list>any</list>
- <script>${vyos_completion_dir}/list_interfaces</script>
- </completionHelp>
- </properties>
- </leafNode>
+ #include <include/firewall/inbound-interface-no-group.xml.i>
#include <include/nat/protocol.xml.i>
<node name="destination">
<properties>