summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2022-12-19 15:33:59 +0000
committerNicolas Fort <nicolasfort1988@gmail.com>2022-12-19 15:33:59 +0000
commitd9c9092dcdc430b26a326345934c4513534bff9b (patch)
tree0ca393b67a022cba84ec3aee90a3df24e93958b2 /interface-definitions
parentd9ab07c3d7d988706cbdfc4fac16f7e2ca264f72 (diff)
downloadvyos-1x-d9c9092dcdc430b26a326345934c4513534bff9b.tar.gz
vyos-1x-d9c9092dcdc430b26a326345934c4513534bff9b.zip
T4886: Firewall and route policy: Add connection-mark feature to vyos.
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/firewall.xml.in2
-rw-r--r--interface-definitions/include/firewall/connection-mark.xml.i15
-rw-r--r--interface-definitions/include/policy/route-common.xml.i12
-rw-r--r--interface-definitions/policy-route.xml.in2
4 files changed, 31 insertions, 0 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index c964abb41..7d7e0a38f 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -461,6 +461,7 @@
#include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
#include <include/firewall/hop-limit.xml.i>
+ #include <include/firewall/connection-mark.xml.i>
<node name="icmpv6">
<properties>
<help>ICMPv6 type and code information</help>
@@ -628,6 +629,7 @@
#include <include/firewall/common-rule.xml.i>
#include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
+ #include <include/firewall/connection-mark.xml.i>
<node name="icmp">
<properties>
<help>ICMP type and code information</help>
diff --git a/interface-definitions/include/firewall/connection-mark.xml.i b/interface-definitions/include/firewall/connection-mark.xml.i
new file mode 100644
index 000000000..2cb826635
--- /dev/null
+++ b/interface-definitions/include/firewall/connection-mark.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from firewall/connection-mark.xml.i -->
+<leafNode name="connection-mark">
+ <properties>
+ <help>Connection mark</help>
+ <valueHelp>
+ <format>u32:1-2147483647</format>
+ <description>Connection-mark to match</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2147483647"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/policy/route-common.xml.i b/interface-definitions/include/policy/route-common.xml.i
index 8b959c2a4..6973d7a8f 100644
--- a/interface-definitions/include/policy/route-common.xml.i
+++ b/interface-definitions/include/policy/route-common.xml.i
@@ -159,6 +159,18 @@
<help>Packet modifications</help>
</properties>
<children>
+ <leafNode name="connection-mark">
+ <properties>
+ <help>Connection marking</help>
+ <valueHelp>
+ <format>u32:1-2147483647</format>
+ <description>Connection marking</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2147483647"/>
+ </constraint>
+ </properties>
+ </leafNode>
<leafNode name="dscp">
<properties>
<help>Packet Differentiated Services Codepoint (DSCP)</help>
diff --git a/interface-definitions/policy-route.xml.in b/interface-definitions/policy-route.xml.in
index 48a5bf7d1..d7b159839 100644
--- a/interface-definitions/policy-route.xml.in
+++ b/interface-definitions/policy-route.xml.in
@@ -52,6 +52,7 @@
#include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
#include <include/firewall/hop-limit.xml.i>
+ #include <include/firewall/connection-mark.xml.i>
</children>
</tagNode>
</children>
@@ -106,6 +107,7 @@
#include <include/firewall/dscp.xml.i>
#include <include/firewall/packet-length.xml.i>
#include <include/firewall/ttl.xml.i>
+ #include <include/firewall/connection-mark.xml.i>
</children>
</tagNode>
</children>