summaryrefslogtreecommitdiff
path: root/interface-definitions/include/firewall/global-options.xml.i
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions/include/firewall/global-options.xml.i')
-rw-r--r--interface-definitions/include/firewall/global-options.xml.i33
1 files changed, 33 insertions, 0 deletions
diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i
index 9cd0b3239..355b41fde 100644
--- a/interface-definitions/include/firewall/global-options.xml.i
+++ b/interface-definitions/include/firewall/global-options.xml.i
@@ -44,6 +44,31 @@
</properties>
<defaultValue>disable</defaultValue>
</leafNode>
+ <node name="apply-to-bridged-traffic">
+ <properties>
+ <help>Apply configured firewall rules to traffic switched by bridges</help>
+ </properties>
+ <children>
+ <leafNode name="invalid-connections">
+ <properties>
+ <help>Accept ARP, DHCP and PPPoE despite they are marked as invalid connection</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv4">
+ <properties>
+ <help>Apply configured IPv4 firewall rules</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ <leafNode name="ipv6">
+ <properties>
+ <help>Apply configured IPv6 firewall rules</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<leafNode name="directed-broadcast">
<properties>
<help>Policy for handling IPv4 directed broadcast forwarding on all interfaces</help>
@@ -244,6 +269,14 @@
</properties>
<defaultValue>enable</defaultValue>
</leafNode>
+ <node name="timeout">
+ <properties>
+ <help>Connection timeout options</help>
+ </properties>
+ <children>
+ #include <include/firewall/timeout-common-protocols.xml.i>
+ </children>
+ </node>
<leafNode name="twa-hazards-protection">
<properties>
<help>RFC1337 TCP TIME-WAIT assasination hazards protection</help>
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-12 14:21:25 +0000