diff options
author | Christian Breunig <christian@breunig.cc> | 2023-08-11 22:14:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-11 22:14:10 +0200 |
commit | 482f7e352272b6ec16ba5d1ac7d9d7ea51d10f1d (patch) | |
tree | 3706181d305db9ef4727d7017c5fe7687ad3f8ad /op-mode-definitions/firewall.xml.in | |
parent | 142ace2a16fc9d2a0291db1ff27676a4691c1562 (diff) | |
parent | 4e07fa25f551325fd90b92426e4693107090d346 (diff) | |
download | vyos-1x-482f7e352272b6ec16ba5d1ac7d9d7ea51d10f1d.tar.gz vyos-1x-482f7e352272b6ec16ba5d1ac7d9d7ea51d10f1d.zip |
Merge pull request #2016 from nicolas-fort/T5160
T5160: Firewall refactor
Diffstat (limited to 'op-mode-definitions/firewall.xml.in')
-rw-r--r-- | op-mode-definitions/firewall.xml.in | 204 |
1 files changed, 182 insertions, 22 deletions
diff --git a/op-mode-definitions/firewall.xml.in b/op-mode-definitions/firewall.xml.in index b5dee7c9e..164ce6b60 100644 --- a/op-mode-definitions/firewall.xml.in +++ b/op-mode-definitions/firewall.xml.in @@ -131,46 +131,206 @@ </properties> <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_group</command> </leafNode> - <tagNode name="ipv6-name"> + <node name="ipv6"> <properties> - <help>Show IPv6 firewall chains</help> - <completionHelp> - <path>firewall ipv6-name</path> - </completionHelp> + <help>Show IPv6 firewall</help> </properties> <children> - <tagNode name="rule"> + <node name="forward"> + <properties> + <help>Show IPv6 forward firewall ruleset</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Show IPv6 forward filter firewall ruleset</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv6 forward filter firewall rules</help> + <completionHelp> + <path>firewall ipv6 forward filter rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6</command> + </node> + </children> + </node> + <node name="input"> + <properties> + <help>Show IPv6 input firewall ruleset</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Show IPv6 forward input firewall ruleset</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv6 input filter firewall rules</help> + <completionHelp> + <path>firewall ipv6 input filter rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6</command> + </node> + </children> + </node> + <node name="output"> + <properties> + <help>Show IPv6 output firewall ruleset</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Show IPv6 output filter firewall ruleset</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv6 output filter firewall rules</help> + <completionHelp> + <path>firewall ipv6 output filter rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6</command> + </node> + </children> + </node> + <tagNode name="ipv6-name"> <properties> - <help>Show summary of IPv6 firewall rules</help> + <help>Show IPv6 custom firewall chains</help> <completionHelp> - <path>firewall ipv6-name ${COMP_WORDS[6]} rule</path> + <path>firewall ipv6 ipv6-name</path> </completionHelp> </properties> - <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4 --rule $6 --ipv6</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv6 custom firewall ruleset</help> + <completionHelp> + <path>firewall ipv6 ipv6-name ${COMP_WORDS[6]} rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6</command> </tagNode> </children> - <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4 --ipv6</command> - </tagNode> - <tagNode name="name"> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_family --family $3</command> + </node> + <node name="ipv4"> <properties> - <help>Show IPv4 firewall chains</help> - <completionHelp> - <path>firewall name</path> - </completionHelp> + <help>Show IPv4 firewall</help> </properties> <children> - <tagNode name="rule"> + <node name="forward"> + <properties> + <help>Show IPv4 forward firewall ruleset</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Show IPv4 forward filter firewall ruleset</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv4 forward filter firewall rules</help> + <completionHelp> + <path>firewall ipv4 forward filter rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5</command> + </node> + </children> + </node> + <node name="input"> + <properties> + <help>Show IPv4 input firewall ruleset</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Show IPv4 forward input firewall ruleset</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv4 input filter firewall rules</help> + <completionHelp> + <path>firewall ipv4 input filter rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5</command> + </node> + </children> + </node> + <node name="output"> + <properties> + <help>Show IPv4 output firewall ruleset</help> + </properties> + <children> + <node name="filter"> + <properties> + <help>Show IPv4 output filter firewall ruleset</help> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv4 output filter firewall rules</help> + <completionHelp> + <path>firewall ipv4 output filter rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5</command> + </node> + </children> + </node> + <tagNode name="name"> <properties> - <help>Show summary of IPv4 firewall rules</help> + <help>Show IPv4 custom firewall chains</help> <completionHelp> - <path>firewall name ${COMP_WORDS[6]} rule</path> + <path>firewall ipv4 name</path> </completionHelp> </properties> - <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4 --rule $6</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv4 custom firewall ruleset</help> + <completionHelp> + <path>firewall ipv4 name ${COMP_WORDS[6]} rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5</command> </tagNode> </children> - <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4</command> - </tagNode> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_family --family $3</command> + </node> <leafNode name="statistics"> <properties> <help>Show statistics of firewall application</help> |