summaryrefslogtreecommitdiff
path: root/interface-definitions/include/firewall
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions/include/firewall')
-rw-r--r--interface-definitions/include/firewall/action-accept-drop-reject.xml.i2
-rw-r--r--interface-definitions/include/firewall/action.xml.i2
-rw-r--r--interface-definitions/include/firewall/common-rule.xml.i48
-rw-r--r--interface-definitions/include/firewall/icmp-type-name.xml.i2
-rw-r--r--interface-definitions/include/firewall/icmpv6-type-name.xml.i2
-rw-r--r--interface-definitions/include/firewall/name-default-action.xml.i2
6 files changed, 42 insertions, 16 deletions
diff --git a/interface-definitions/include/firewall/action-accept-drop-reject.xml.i b/interface-definitions/include/firewall/action-accept-drop-reject.xml.i
index 9f8baa884..7fd52319a 100644
--- a/interface-definitions/include/firewall/action-accept-drop-reject.xml.i
+++ b/interface-definitions/include/firewall/action-accept-drop-reject.xml.i
@@ -18,7 +18,7 @@
<description>Action to reject</description>
</valueHelp>
<constraint>
- <regex>^(accept|drop|reject)$</regex>
+ <regex>(accept|drop|reject)</regex>
</constraint>
</properties>
</leafNode>
diff --git a/interface-definitions/include/firewall/action.xml.i b/interface-definitions/include/firewall/action.xml.i
index 4ba93e3aa..0f60e3c38 100644
--- a/interface-definitions/include/firewall/action.xml.i
+++ b/interface-definitions/include/firewall/action.xml.i
@@ -18,7 +18,7 @@
<description>Drop matching entries</description>
</valueHelp>
<constraint>
- <regex>^(accept|reject|drop)$</regex>
+ <regex>(accept|reject|drop)</regex>
</constraint>
</properties>
</leafNode>
diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i
index cd80b7e28..2a5137dbf 100644
--- a/interface-definitions/include/firewall/common-rule.xml.i
+++ b/interface-definitions/include/firewall/common-rule.xml.i
@@ -70,7 +70,7 @@
<description>integer/unit (Example: 5/minute)</description>
</valueHelp>
<constraint>
- <regex>^\d+/(second|minute|hour|day)$</regex>
+ <regex>\d+/(second|minute|hour|day)</regex>
</constraint>
</properties>
</leafNode>
@@ -91,10 +91,36 @@
<description>Disable log</description>
</valueHelp>
<constraint>
- <regex>^(enable|disable)$</regex>
+ <regex>(enable|disable)</regex>
</constraint>
</properties>
</leafNode>
+<node name="connection-status">
+ <properties>
+ <help>Connection status</help>
+ </properties>
+ <children>
+ <leafNode name="nat">
+ <properties>
+ <help>NAT connection status</help>
+ <completionHelp>
+ <list>destination source</list>
+ </completionHelp>
+ <valueHelp>
+ <format>destination</format>
+ <description>Match connections that are subject to destination NAT</description>
+ </valueHelp>
+ <valueHelp>
+ <format>source</format>
+ <description>Match connections that are subject to source NAT</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(destination|source)$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+</node>
<leafNode name="protocol">
<properties>
<help>Protocol to match (protocol name, number, or "all")</help>
@@ -163,7 +189,7 @@
<description>Source addresses seen COUNT times in the last hour</description>
</valueHelp>
<constraint>
- <regex>^(second|minute|hour)$</regex>
+ <regex>(second|minute|hour)</regex>
</constraint>
</properties>
</leafNode>
@@ -215,7 +241,7 @@
<description>Disable</description>
</valueHelp>
<constraint>
- <regex>^(enable|disable)$</regex>
+ <regex>(enable|disable)</regex>
</constraint>
</properties>
</leafNode>
@@ -234,7 +260,7 @@
<description>Disable</description>
</valueHelp>
<constraint>
- <regex>^(enable|disable)$</regex>
+ <regex>(enable|disable)</regex>
</constraint>
</properties>
</leafNode>
@@ -253,7 +279,7 @@
<description>Disable</description>
</valueHelp>
<constraint>
- <regex>^(enable|disable)$</regex>
+ <regex>(enable|disable)</regex>
</constraint>
</properties>
</leafNode>
@@ -272,7 +298,7 @@
<description>Disable</description>
</valueHelp>
<constraint>
- <regex>^(enable|disable)$</regex>
+ <regex>(enable|disable)</regex>
</constraint>
</properties>
</leafNode>
@@ -292,7 +318,7 @@
<description>Enter date using following notation - YYYY-MM-DD</description>
</valueHelp>
<constraint>
- <regex>^(\d{4}\-\d{2}\-\d{2})$</regex>
+ <regex>(\d{4}\-\d{2}\-\d{2})</regex>
</constraint>
</properties>
</leafNode>
@@ -304,7 +330,7 @@
<description>Enter time using using 24 hour notation - hh:mm:ss</description>
</valueHelp>
<constraint>
- <regex>^([0-2][0-9](\:[0-5][0-9]){1,2})$</regex>
+ <regex>([0-2][0-9](\:[0-5][0-9]){1,2})</regex>
</constraint>
</properties>
</leafNode>
@@ -316,7 +342,7 @@
<description>Enter date using following notation - YYYY-MM-DD</description>
</valueHelp>
<constraint>
- <regex>^(\d{4}\-\d{2}\-\d{2})$</regex>
+ <regex>(\d{4}\-\d{2}\-\d{2})</regex>
</constraint>
</properties>
</leafNode>
@@ -328,7 +354,7 @@
<description>Enter time using using 24 hour notation - hh:mm:ss</description>
</valueHelp>
<constraint>
- <regex>^([0-2][0-9](\:[0-5][0-9]){1,2})$</regex>
+ <regex>([0-2][0-9](\:[0-5][0-9]){1,2})</regex>
</constraint>
</properties>
</leafNode>
diff --git a/interface-definitions/include/firewall/icmp-type-name.xml.i b/interface-definitions/include/firewall/icmp-type-name.xml.i
index f57def3e1..d4197cf82 100644
--- a/interface-definitions/include/firewall/icmp-type-name.xml.i
+++ b/interface-definitions/include/firewall/icmp-type-name.xml.i
@@ -66,7 +66,7 @@
<description>ICMP type 18: address-mask-reply</description>
</valueHelp>
<constraint>
- <regex>^(echo-reply|destination-unreachable|source-quench|redirect|echo-request|router-advertisement|router-solicitation|time-exceeded|parameter-problem|timestamp-request|timestamp-reply|info-request|info-reply|address-mask-request|address-mask-reply)$</regex>
+ <regex>(echo-reply|destination-unreachable|source-quench|redirect|echo-request|router-advertisement|router-solicitation|time-exceeded|parameter-problem|timestamp-request|timestamp-reply|info-request|info-reply|address-mask-request|address-mask-reply)</regex>
</constraint>
</properties>
</leafNode>
diff --git a/interface-definitions/include/firewall/icmpv6-type-name.xml.i b/interface-definitions/include/firewall/icmpv6-type-name.xml.i
index b13cf02c4..a2e68abfb 100644
--- a/interface-definitions/include/firewall/icmpv6-type-name.xml.i
+++ b/interface-definitions/include/firewall/icmpv6-type-name.xml.i
@@ -66,7 +66,7 @@
<description>ICMPv6 type 138: router-renumbering</description>
</valueHelp>
<constraint>
- <regex>^(destination-unreachable|packet-too-big|time-exceeded|echo-request|echo-reply|mld-listener-query|mld-listener-report|mld-listener-reduction|nd-router-solicit|nd-router-advert|nd-neighbor-solicit|nd-neighbor-advert|nd-redirect|parameter-problem|router-renumbering)$</regex>
+ <regex>(destination-unreachable|packet-too-big|time-exceeded|echo-request|echo-reply|mld-listener-query|mld-listener-report|mld-listener-reduction|nd-router-solicit|nd-router-advert|nd-neighbor-solicit|nd-neighbor-advert|nd-redirect|parameter-problem|router-renumbering)</regex>
</constraint>
</properties>
</leafNode>
diff --git a/interface-definitions/include/firewall/name-default-action.xml.i b/interface-definitions/include/firewall/name-default-action.xml.i
index 8470a29a9..512b0296f 100644
--- a/interface-definitions/include/firewall/name-default-action.xml.i
+++ b/interface-definitions/include/firewall/name-default-action.xml.i
@@ -18,7 +18,7 @@
<description>Accept if no prior rules are hit</description>
</valueHelp>
<constraint>
- <regex>^(drop|reject|accept)$</regex>
+ <regex>(drop|reject|accept)</regex>
</constraint>
</properties>
</leafNode>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 18:24:57 +0000