diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-12-31 19:34:26 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-12-31 19:34:26 +0100 |
commit | 0091f6080181cc3836d70589d9a2f4a1c1cb11a8 (patch) | |
tree | 7ca1dbc816a2901b11d55c84c967592ed254aa0f /op-mode-definitions | |
parent | c5f118b3af482813a45c327ece29b5b41fd1ad9c (diff) | |
parent | 28b285b4791aece18fe1bbd76f3d555370545006 (diff) | |
download | vyos-1x-0091f6080181cc3836d70589d9a2f4a1c1cb11a8.tar.gz vyos-1x-0091f6080181cc3836d70589d9a2f4a1c1cb11a8.zip |
Merge branch 'firewall' of https://github.com/sarthurdev/vyos-1x into current
* 'firewall' of https://github.com/sarthurdev/vyos-1x:
zone_policy: T3873: Implement intra-zone-filtering
policy: T2199: Migrate policy route op-mode to XML/Python
policy: T2199: Migrate policy route to XML/Python
zone-policy: T2199: Migrate zone-policy op-mode to XML/Python
zone-policy: T2199: Migrate zone-policy to XML/Python
firewall: T2199: Migrate firewall op-mode to XML/Python
firewall: T2199: Migrate firewall to XML/Python
Diffstat (limited to 'op-mode-definitions')
-rw-r--r-- | op-mode-definitions/firewall.xml.in | 178 | ||||
-rw-r--r-- | op-mode-definitions/policy-route.xml.in | 143 | ||||
-rw-r--r-- | op-mode-definitions/zone-policy.xml.in | 24 |
3 files changed, 345 insertions, 0 deletions
diff --git a/op-mode-definitions/firewall.xml.in b/op-mode-definitions/firewall.xml.in new file mode 100644 index 000000000..84df67b3d --- /dev/null +++ b/op-mode-definitions/firewall.xml.in @@ -0,0 +1,178 @@ +<?xml version="1.0"?> +<interfaceDefinition> +<!-- + <node name="clear"> + <children> + <node name="firewall"> + <properties> + <help>Clear firewall statistics</help> + </properties> + <children> + <tagNode name="ipv6-name"> + <properties> + <help>Clear firewall statistics for chain</help> + <completionHelp> + <path>firewall ipv6-name</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified chain</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + <tagNode name="rule"> + <properties> + <help>Clear firewall statistics for a rule</help> + <completionHelp> + <path>firewall ipv6-name ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified rule</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + </children> + </tagNode> + </children> + </tagNode> + <tagNode name="name"> + <properties> + <help>Clear firewall statistics for chain</help> + <completionHelp> + <path>firewall name</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified chain</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + <tagNode name="rule"> + <properties> + <help>Clear firewall statistics for a rule</help> + <completionHelp> + <path>firewall name ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified rule</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + </children> + </tagNode> + </children> + </tagNode> + </children> + </node> + </children> + </node> +--> +<!-- + <node name="reset"> + <children> + <node name="firewall"> + <properties> + <help>Reset a firewall group</help> + </properties> + <children> + <tagNode name="address-group"> + <properties> + <help>Reset a firewall address group</help> + </properties> + </tagNode> + <tagNode name="network-group"> + <properties> + <help>Reset a firewall network group</help> + </properties> + </tagNode> + <tagNode name="port-group"> + <properties> + <help>Reset a firewall port group</help> + </properties> + </tagNode> + </children> + </node> + </children> + </node> +--> + <node name="show"> + <children> + <node name="firewall"> + <properties> + <help>Show firewall information</help> + </properties> + <children> + <leafNode name="group"> + <properties> + <help>Show firewall group</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_group --name $4</command> + </leafNode> + <tagNode name="ipv6-name"> + <properties> + <help>Show IPv6 firewall chains</help> + <completionHelp> + <path>firewall ipv6-name</path> + </completionHelp> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv6 firewall rules</help> + <completionHelp> + <path>firewall ipv6-name ${COMP_WORDS[6]} rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4 --rule $6 --ipv6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4 --ipv6</command> + </tagNode> + <tagNode name="name"> + <properties> + <help>Show IPv4 firewall chains</help> + <completionHelp> + <path>firewall name</path> + </completionHelp> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv4 firewall rules</help> + <completionHelp> + <path>firewall name ${COMP_WORDS[6]} rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4 --rule $6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --name $4</command> + </tagNode> + <leafNode name="statistics"> + <properties> + <help>Show statistics of firewall application</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_statistics</command> + </leafNode> + <leafNode name="summary"> + <properties> + <help>Show summary of firewall application</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_summary</command> + </leafNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_all</command> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/policy-route.xml.in b/op-mode-definitions/policy-route.xml.in new file mode 100644 index 000000000..c998e5487 --- /dev/null +++ b/op-mode-definitions/policy-route.xml.in @@ -0,0 +1,143 @@ +<?xml version="1.0"?> +<interfaceDefinition> +<!-- + <node name="clear"> + <children> + <node name="policy"> + <properties> + <help>Clear policy statistics</help> + </properties> + <children> + <tagNode name="ipv6-route"> + <properties> + <help>Clear policy statistics for chain</help> + <completionHelp> + <path>policy ipv6-route</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified chain</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + <tagNode name="rule"> + <properties> + <help>Clear policy statistics for a rule</help> + <completionHelp> + <path>policy ipv6-route ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified rule</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + </children> + </tagNode> + </children> + </tagNode> + <tagNode name="route"> + <properties> + <help>Clear policy statistics for chain</help> + <completionHelp> + <path>policy route</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified chain</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + <tagNode name="rule"> + <properties> + <help>Clear policy statistics for a rule</help> + <completionHelp> + <path>policy route ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <children> + <leafNode name="counters"> + <properties> + <help>Clear counters for specified rule</help> + </properties> + <command>echo "TODO"</command> + </leafNode> + </children> + </tagNode> + </children> + </tagNode> + </children> + </node> + </children> + </node> +--> + <node name="show"> + <children> + <node name="policy"> + <properties> + <help>Show policy information</help> + </properties> + <children> + <node name="ipv6-route"> + <properties> + <help>Show IPv6 policy chain</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/policy_route.py --action show_all --ipv6</command> + </node> + <tagNode name="ipv6-route"> + <properties> + <help>Show IPv6 policy chains</help> + <completionHelp> + <path>policy ipv6-route</path> + </completionHelp> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv6 policy rules</help> + <completionHelp> + <path>policy ipv6-route ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/policy_route.py --action show --name $4 --rule $6 --ipv6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/policy_route.py --action show --name $4 --ipv6</command> + </tagNode> + <node name="route"> + <properties> + <help>Show IPv4 policy chain</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/policy_route.py --action show_all</command> + </node> + <tagNode name="route"> + <properties> + <help>Show IPv4 policy chains</help> + <completionHelp> + <path>policy route</path> + </completionHelp> + </properties> + <children> + <tagNode name="rule"> + <properties> + <help>Show summary of IPv4 policy rules</help> + <completionHelp> + <path>policy route ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/policy_route.py --action show --name $4 --rule $6</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/policy_route.py --action show --name $4</command> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/zone-policy.xml.in b/op-mode-definitions/zone-policy.xml.in new file mode 100644 index 000000000..c4b02bcee --- /dev/null +++ b/op-mode-definitions/zone-policy.xml.in @@ -0,0 +1,24 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="zone-policy"> + <properties> + <help>Show zone policy information</help> + </properties> + <children> + <tagNode name="zone"> + <properties> + <help>Show summary of zone policy for a specific zone</help> + <completionHelp> + <path>zone-policy zone</path> + </completionHelp> + </properties> + <command>sudo ${vyos_op_scripts_dir}/zone_policy.py --action show --name $4</command> + </tagNode> + </children> + <command>sudo ${vyos_op_scripts_dir}/zone_policy.py --action show</command> + </node> + </children> + </node> +</interfaceDefinition> |