diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-12-23 13:21:43 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-12-24 09:26:37 +0000 |
commit | 8e1e79cfa24c155c8d504822fbbd3c20f890fb70 (patch) | |
tree | 5621b54f317486306339dee76b0a2ceff555ddb4 /interface-definitions | |
parent | 4393a2fb056574f5079270554d30751d11bf5a9a (diff) | |
download | vyos-1x-8e1e79cfa24c155c8d504822fbbd3c20f890fb70.tar.gz vyos-1x-8e1e79cfa24c155c8d504822fbbd3c20f890fb70.zip |
T160: NAT64 add match firewall mark feature
Match mark allows to use firewall marks of packet to use
a specific pool
Example of instance config /run/jool/instance-100.json
```
...
"pool4": [
{
"protocol": "TCP",
"prefix": "192.0.2.10",
"port range": "1-65535",
"mark": 23
},
...
```
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/nat64.xml.in | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/interface-definitions/nat64.xml.in b/interface-definitions/nat64.xml.in index baf13e6cb..dfdd295d2 100644 --- a/interface-definitions/nat64.xml.in +++ b/interface-definitions/nat64.xml.in @@ -26,6 +26,25 @@ <children> #include <include/generic-description.xml.i> #include <include/generic-disable-node.xml.i> + <node name="match"> + <properties> + <help>Match</help> + </properties> + <children> + <leafNode name="mark"> + <properties> + <help>Match fwmark value</help> + <valueHelp> + <format>u32:1-2147483647</format> + <description>Fwmark value to match against</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-2147483647"/> + </constraint> + </properties> + </leafNode> + </children> + </node> <node name="source"> <properties> <help>IPv6 source prefix options</help> |