diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-09-05 19:23:52 +0000 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-09-06 12:48:32 +0000 |
commit | 17c660a88d8f340d9acbcaf2a9bede937adb196f (patch) | |
tree | 0ed7ea513d510925888644c003c064c5d64456b9 /interface-definitions | |
parent | 31138f43f4a5714077adbbd22ff774b2d4ce37f8 (diff) | |
download | vyos-1x-17c660a88d8f340d9acbcaf2a9bede937adb196f.tar.gz vyos-1x-17c660a88d8f340d9acbcaf2a9bede937adb196f.zip |
T4670: policy route: extend matching criteria for policy route and route6. Matching criteria added: ttl/hoplimit and packet-length
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/firewall.xml.in | 22 | ||||
-rw-r--r-- | interface-definitions/include/firewall/hop-limit.xml.i | 12 | ||||
-rw-r--r-- | interface-definitions/include/firewall/ttl.xml.i | 12 | ||||
-rw-r--r-- | interface-definitions/policy-route.xml.in | 4 |
4 files changed, 30 insertions, 20 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index c2d652278..0ab9d6a66 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -384,16 +384,7 @@ </node> #include <include/firewall/common-rule.xml.i> #include <include/firewall/packet-length.xml.i> - <node name="hop-limit"> - <properties> - <help>Hop Limit</help> - </properties> - <children> - #include <include/firewall/eq.xml.i> - #include <include/firewall/gt.xml.i> - #include <include/firewall/lt.xml.i> - </children> - </node> + #include <include/firewall/hop-limit.xml.i> <node name="icmpv6"> <properties> <help>ICMPv6 type and code information</help> @@ -572,16 +563,7 @@ #include <include/firewall/icmp-type-name.xml.i> </children> </node> - <node name="ttl"> - <properties> - <help>Time to live limit</help> - </properties> - <children> - #include <include/firewall/eq.xml.i> - #include <include/firewall/gt.xml.i> - #include <include/firewall/lt.xml.i> - </children> - </node> + #include <include/firewall/ttl.xml.i> </children> </tagNode> </children> diff --git a/interface-definitions/include/firewall/hop-limit.xml.i b/interface-definitions/include/firewall/hop-limit.xml.i new file mode 100644 index 000000000..d375dc985 --- /dev/null +++ b/interface-definitions/include/firewall/hop-limit.xml.i @@ -0,0 +1,12 @@ +<!-- include start from firewall/hop-limit.xml.i --> +<node name="hop-limit"> + <properties> + <help>Hop limit</help> + </properties> + <children> + #include <include/firewall/eq.xml.i> + #include <include/firewall/gt.xml.i> + #include <include/firewall/lt.xml.i> + </children> +</node> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/firewall/ttl.xml.i b/interface-definitions/include/firewall/ttl.xml.i new file mode 100644 index 000000000..9c782a9a5 --- /dev/null +++ b/interface-definitions/include/firewall/ttl.xml.i @@ -0,0 +1,12 @@ +<!-- include start from firewall/ttl.xml.i --> +<node name="ttl"> + <properties> + <help>Time to live limit</help> + </properties> + <children> + #include <include/firewall/eq.xml.i> + #include <include/firewall/gt.xml.i> + #include <include/firewall/lt.xml.i> + </children> +</node> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/policy-route.xml.in b/interface-definitions/policy-route.xml.in index c2a9a8d94..ba1371fab 100644 --- a/interface-definitions/policy-route.xml.in +++ b/interface-definitions/policy-route.xml.in @@ -47,6 +47,8 @@ </children> </node> #include <include/policy/route-common-rule-ipv6.xml.i> + #include <include/firewall/packet-length.xml.i> + #include <include/firewall/hop-limit.xml.i> </children> </tagNode> </children> @@ -96,6 +98,8 @@ </children> </node> #include <include/policy/route-common-rule.xml.i> + #include <include/firewall/packet-length.xml.i> + #include <include/firewall/ttl.xml.i> </children> </tagNode> </children> |