summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-05-16 17:21:21 +0200
committerChristian Poessinger <christian@poessinger.com>2020-05-16 18:25:58 +0200
commit2a0d1e77e650bd3e8cdff29ac62a3b23c41c85af (patch)
tree4977831bbf89f0ddd8edde1d08e05c68ed1be596 /interface-definitions
parent6f349ee3b4d3da731ca22a70db6650848a0c28d9 (diff)
downloadvyos-1x-2a0d1e77e650bd3e8cdff29ac62a3b23c41c85af.tar.gz
vyos-1x-2a0d1e77e650bd3e8cdff29ac62a3b23c41c85af.zip
nat: T2198: add common ip-protocol validator
It allows IP protocol numbers 0-255, protocol names e.g. tcp, ip, ipv6 and the negated form with a leading "!".
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/nat-rule.xml.i2
1 files changed, 1 insertions, 1 deletions
diff --git a/interface-definitions/include/nat-rule.xml.i b/interface-definitions/include/nat-rule.xml.i
index b52eb86c3..f62a08987 100644
--- a/interface-definitions/include/nat-rule.xml.i
+++ b/interface-definitions/include/nat-rule.xml.i
@@ -286,7 +286,7 @@
<description>IP protocol number</description>
</valueHelp>
<constraint>
- <regex>!?(all|ip|hopopt|icmp|igmp|ggp|ipencap|st|tcp|egp|igp|pup|udp|tcp_udp|hmp|xns-idp|rdp|iso-tp4|dccp|xtp|ddp|idpr-cmtp|ipv6|ipv6-route|ipv6-frag|idrp|rsvp|gre|esp|ah|skip|ipv6-icmp|ipv6-nonxt|ipv6-opts|rspf|vmtp|eigrp|ospf|ax.25|ipip|etherip|encap|99|pim|ipcomp|vrrp|l2tp|isis|sctp|fc|mobility-header|udplite|mpls-in-ip|manet|hip|shim6|wesp|rohc|[01]?[0-9][0-9]?)</regex>
+ <validator name="ip-protocol"/>
</constraint>
</properties>
</leafNode>