summaryrefslogtreecommitdiff
path: root/interface-definitions/firewall.xml.in
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions/firewall.xml.in')
-rw-r--r--interface-definitions/firewall.xml.in31
1 files changed, 29 insertions, 2 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in
index 12584276c..c964abb41 100644
--- a/interface-definitions/firewall.xml.in
+++ b/interface-definitions/firewall.xml.in
@@ -126,7 +126,7 @@
<description>Domain address to match</description>
</valueHelp>
<constraint>
- <regex>[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,99}?(\/.*)?</regex>
+ <validator name="fqdn"/>
</constraint>
<multi/>
</properties>
@@ -247,7 +247,7 @@
<properties>
<help>Mac-group member</help>
<valueHelp>
- <format>&lt;MAC address&gt;</format>
+ <format>macaddr</format>
<description>MAC address to match</description>
</valueHelp>
<constraint>
@@ -437,9 +437,11 @@
</properties>
<children>
#include <include/firewall/address-ipv6.xml.i>
+ #include <include/firewall/fqdn.xml.i>
#include <include/firewall/geoip.xml.i>
#include <include/firewall/source-destination-group-ipv6.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/address-mask-ipv6.xml.i>
</children>
</node>
<node name="source">
@@ -448,9 +450,11 @@
</properties>
<children>
#include <include/firewall/address-ipv6.xml.i>
+ #include <include/firewall/fqdn.xml.i>
#include <include/firewall/geoip.xml.i>
#include <include/firewall/source-destination-group-ipv6.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/address-mask-ipv6.xml.i>
</children>
</node>
#include <include/firewall/common-rule.xml.i>
@@ -601,9 +605,11 @@
</properties>
<children>
#include <include/firewall/address.xml.i>
+ #include <include/firewall/fqdn.xml.i>
#include <include/firewall/geoip.xml.i>
#include <include/firewall/source-destination-group.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/address-mask.xml.i>
</children>
</node>
<node name="source">
@@ -612,9 +618,11 @@
</properties>
<children>
#include <include/firewall/address.xml.i>
+ #include <include/firewall/fqdn.xml.i>
#include <include/firewall/geoip.xml.i>
#include <include/firewall/source-destination-group.xml.i>
#include <include/firewall/port.xml.i>
+ #include <include/firewall/address-mask.xml.i>
</children>
</node>
#include <include/firewall/common-rule.xml.i>
@@ -685,6 +693,25 @@
</properties>
<defaultValue>disable</defaultValue>
</leafNode>
+ <leafNode name="resolver-cache">
+ <properties>
+ <help>Retains last successful value if domain resolution fails</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="resolver-interval">
+ <properties>
+ <help>Domain resolver update interval</help>
+ <valueHelp>
+ <format>u32:10-3600</format>
+ <description>Interval (seconds)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 10-3600"/>
+ </constraint>
+ </properties>
+ <defaultValue>300</defaultValue>
+ </leafNode>
<leafNode name="send-redirects">
<properties>
<help>Policy for sending IPv4 ICMP redirect messages</help>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 01:34:55 +0000