diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-12-23 13:21:43 +0000 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2023-12-24 10:11:39 +0000 |
| commit | cd3cfd2ad5c3201b0a1f9acc283ba2631420e723 (patch) | |
| tree | f11ccdf29a76cb6944fb51f59a8cf5b3d42925e9 /interface-definitions | |
| parent | 04e24e89623620466b56b432c36f727768e5dcb7 (diff) | |
| download | vyos-1x-cd3cfd2ad5c3201b0a1f9acc283ba2631420e723.tar.gz vyos-1x-cd3cfd2ad5c3201b0a1f9acc283ba2631420e723.zip | |
T160: NAT64 add match firewall mark feature
Match mark allows to use firewall marks of packet to use
a specific pool
Example of instance config /run/jool/instance-100.json
```
...
"pool4": [
{
"protocol": "TCP",
"prefix": "192.0.2.10",
"port range": "1-65535",
"mark": 23
},
...
```
(cherry picked from commit 8e1e79cfa24c155c8d504822fbbd3c20f890fb70)
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/nat64.xml.in | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/interface-definitions/nat64.xml.in b/interface-definitions/nat64.xml.in index baf13e6cb..dfdd295d2 100644 --- a/interface-definitions/nat64.xml.in +++ b/interface-definitions/nat64.xml.in @@ -26,6 +26,25 @@ <children> #include <include/generic-description.xml.i> #include <include/generic-disable-node.xml.i> + <node name="match"> + <properties> + <help>Match</help> + </properties> + <children> + <leafNode name="mark"> + <properties> + <help>Match fwmark value</help> + <valueHelp> + <format>u32:1-2147483647</format> + <description>Fwmark value to match against</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-2147483647"/> + </constraint> + </properties> + </leafNode> + </children> + </node> <node name="source"> <properties> <help>IPv6 source prefix options</help> |