diff options
Diffstat (limited to 'interface-definitions/include')
| -rw-r--r-- | interface-definitions/include/firewall/default-action.xml.i (renamed from interface-definitions/include/firewall/name-default-action.xml.i) | 3 | ||||
| -rw-r--r-- | interface-definitions/include/firewall/enable-default-log.xml.i (renamed from interface-definitions/include/firewall/name-default-log.xml.i) | 2 | ||||
| -rw-r--r-- | interface-definitions/include/firewall/tcp-flags.xml.i | 17 | ||||
| -rw-r--r-- | interface-definitions/include/nat/protocol.xml.i | 34 |
4 files changed, 54 insertions, 2 deletions
diff --git a/interface-definitions/include/firewall/name-default-action.xml.i b/interface-definitions/include/firewall/default-action.xml.i index 512b0296f..92a2fcaaf 100644 --- a/interface-definitions/include/firewall/name-default-action.xml.i +++ b/interface-definitions/include/firewall/default-action.xml.i @@ -1,4 +1,4 @@ -<!-- include start from firewall/name-default-action.xml.i --> +<!-- include start from firewall/default-action.xml.i --> <leafNode name="default-action"> <properties> <help>Default-action for rule-set</help> @@ -21,5 +21,6 @@ <regex>(drop|reject|accept)</regex> </constraint> </properties> + <defaultValue>drop</defaultValue> </leafNode> <!-- include end --> diff --git a/interface-definitions/include/firewall/name-default-log.xml.i b/interface-definitions/include/firewall/enable-default-log.xml.i index 1d0ff9497..1e64edc6e 100644 --- a/interface-definitions/include/firewall/name-default-log.xml.i +++ b/interface-definitions/include/firewall/enable-default-log.xml.i @@ -1,4 +1,4 @@ -<!-- include start from firewall/name-default-log.xml.i --> +<!-- include start from firewall/enable-default-log.xml.i --> <leafNode name="enable-default-log"> <properties> <help>Option to log packets hitting default-action</help> diff --git a/interface-definitions/include/firewall/tcp-flags.xml.i b/interface-definitions/include/firewall/tcp-flags.xml.i index b99896687..5a7b5a8d3 100644 --- a/interface-definitions/include/firewall/tcp-flags.xml.i +++ b/interface-definitions/include/firewall/tcp-flags.xml.i @@ -114,6 +114,23 @@ </node> </children> </node> + <leafNode name="mss"> + <properties> + <help>Maximum segment size (MSS)</help> + <valueHelp> + <format>u32:1-16384</format> + <description>Maximum segment size</description> + </valueHelp> + <valueHelp> + <format><min>-<max></format> + <description>TCP MSS range (use '-' as delimiter)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-16384"/> + <validator name="range" argument="--min=1 --max=16384"/> + </constraint> + </properties> + </leafNode> </children> </node> <!-- include end --> diff --git a/interface-definitions/include/nat/protocol.xml.i b/interface-definitions/include/nat/protocol.xml.i new file mode 100644 index 000000000..54e7ff00d --- /dev/null +++ b/interface-definitions/include/nat/protocol.xml.i @@ -0,0 +1,34 @@ +<!-- include start from nat/protocol.xml.i --> +<leafNode name="protocol"> + <properties> + <help>Protocol to match (protocol name, number, or "all")</help> + <completionHelp> + <script>${vyos_completion_dir}/list_protocols.sh</script> + <list>all tcp_udp</list> + </completionHelp> + <valueHelp> + <format>all</format> + <description>All IP protocols</description> + </valueHelp> + <valueHelp> + <format>tcp_udp</format> + <description>Both TCP and UDP</description> + </valueHelp> + <valueHelp> + <format>u32:0-255</format> + <description>IP protocol number</description> + </valueHelp> + <valueHelp> + <format><protocol></format> + <description>IP protocol name</description> + </valueHelp> + <valueHelp> + <format>!<protocol></format> + <description>IP protocol name</description> + </valueHelp> + <constraint> + <validator name="ip-protocol"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> |