summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorJohn Estabrook <jestabro@vyos.io>2023-03-29 19:48:52 -0500
committerJohn Estabrook <jestabro@vyos.io>2023-03-31 12:14:56 -0500
commit11b1d043310833447ddeea3b68fba2a1d1f5799d (patch)
tree2789494d62355cdd0648a0084b7a97aa70d8bea1 /interface-definitions
parent11ace86f58261908f1ab15366b73aeddb14745c9 (diff)
downloadvyos-1x-11b1d043310833447ddeea3b68fba2a1d1f5799d.tar.gz
vyos-1x-11b1d043310833447ddeea3b68fba2a1d1f5799d.zip
http-api: T5126: allow restricting client IP address
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/https.xml.in1
-rw-r--r--interface-definitions/include/allow-client.xml.i33
2 files changed, 34 insertions, 0 deletions
diff --git a/interface-definitions/https.xml.in b/interface-definitions/https.xml.in
index 6adb07598..cf30ab2be 100644
--- a/interface-definitions/https.xml.in
+++ b/interface-definitions/https.xml.in
@@ -60,6 +60,7 @@
<multi/>
</properties>
</leafNode>
+ #include <include/allow-client.xml.i>
</children>
</tagNode>
<node name="api" owner="${vyos_conf_scripts_dir}/http-api.py">
diff --git a/interface-definitions/include/allow-client.xml.i b/interface-definitions/include/allow-client.xml.i
new file mode 100644
index 000000000..03a0b3ff8
--- /dev/null
+++ b/interface-definitions/include/allow-client.xml.i
@@ -0,0 +1,33 @@
+ <node name="allow-client">
+ <properties>
+ <help>Restrict to allowed IP client addresses</help>
+ </properties>
+ <children>
+ <leafNode name="address">
+ <properties>
+ <help>Allowed IP client addresses</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 address</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 address</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>IPv4 address and prefix length</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>IPv6 address and prefix length</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-address"/>
+ <validator name="ip-cidr"/>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>