From fdeba8da3e99256fe449e331d0b833a941315226 Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Wed, 28 Jul 2021 12:03:21 +0200
Subject: firewall: T2199: Migrate firewall to XML/Python

---
 .../include/firewall/action.xml.i                  | 16 ++++---
 .../include/firewall/common-rule.xml.i             | 54 ++++++++++++++++------
 .../firewall/source-destination-group-ipv6.xml.i   | 33 +++++++++++++
 .../firewall/source-destination-group.xml.i        |  9 ++++
 4 files changed, 91 insertions(+), 21 deletions(-)
 create mode 100644 interface-definitions/include/firewall/source-destination-group-ipv6.xml.i

(limited to 'interface-definitions/include/firewall')

diff --git a/interface-definitions/include/firewall/action.xml.i b/interface-definitions/include/firewall/action.xml.i
index 230f590cb..4ba93e3aa 100644
--- a/interface-definitions/include/firewall/action.xml.i
+++ b/interface-definitions/include/firewall/action.xml.i
@@ -3,18 +3,22 @@
   <properties>
     <help>Rule action [REQUIRED]</help>
     <completionHelp>
-      <list>permit deny</list>
+      <list>accept reject drop</list>
     </completionHelp>
     <valueHelp>
-      <format>permit</format>
-      <description>Permit matching entries</description>
+      <format>accept</format>
+      <description>Accept matching entries</description>
     </valueHelp>
     <valueHelp>
-      <format>deny</format>
-      <description>Deny matching entries</description>
+      <format>reject</format>
+      <description>Reject matching entries</description>
+    </valueHelp>
+    <valueHelp>
+      <format>drop</format>
+      <description>Drop matching entries</description>
     </valueHelp>
     <constraint>
-      <regex>^(permit|deny)$</regex>
+      <regex>^(accept|reject|drop)$</regex>
     </constraint>
   </properties>
 </leafNode>
diff --git a/interface-definitions/include/firewall/common-rule.xml.i b/interface-definitions/include/firewall/common-rule.xml.i
index a59c0b390..415b6bf00 100644
--- a/interface-definitions/include/firewall/common-rule.xml.i
+++ b/interface-definitions/include/firewall/common-rule.xml.i
@@ -55,7 +55,7 @@
         <help>Maximum number of packets to allow in excess of rate</help>
         <valueHelp>
           <format>u32:0-4294967295</format>
-          <description>burst__change_me</description>
+          <description>Maximum number of packets to allow in excess of rate</description>
         </valueHelp>
         <constraint>
           <validator name="numeric" argument="--range 0-4294967295"/>
@@ -67,7 +67,7 @@
         <help>Maximum average matching rate</help>
         <valueHelp>
           <format>u32:0-4294967295</format>
-          <description>rate__change_me</description>
+          <description>Maximum average matching rate</description>
         </valueHelp>
         <constraint>
           <validator name="numeric" argument="--range 0-4294967295"/>
@@ -121,7 +121,6 @@
       <validator name="ip-protocol"/>
     </constraint>
   </properties>
-  <defaultValue>all</defaultValue>
 </leafNode>
 <node name="recent">
   <properties>
@@ -285,40 +284,65 @@
     <help>Time to match rule</help>
   </properties>
   <children>
-    <leafNode name="monthdays">
-      <properties>
-        <help>Monthdays to match rule on</help>
-      </properties>
-    </leafNode>
     <leafNode name="startdate">
       <properties>
         <help>Date to start matching rule</help>
+        <valueHelp>
+          <format>txt</format>
+          <description>Enter date using following notation - YYYY-MM-DD</description>
+        </valueHelp>
+        <constraint>
+          <regex>^(\d{4}\-\d{2}\-\d{2})$</regex>
+        </constraint>
       </properties>
     </leafNode>
     <leafNode name="starttime">
       <properties>
         <help>Time of day to start matching rule</help>
+        <valueHelp>
+          <format>txt</format>
+          <description>Enter time using using 24 hour notation - hh:mm:ss</description>
+        </valueHelp>
+        <constraint>
+          <regex>^([0-2][0-9](\:[0-5][0-9]){1,2})$</regex>
+        </constraint>
       </properties>
     </leafNode>
     <leafNode name="stopdate">
       <properties>
         <help>Date to stop matching rule</help>
+        <valueHelp>
+          <format>txt</format>
+          <description>Enter date using following notation - YYYY-MM-DD</description>
+        </valueHelp>
+        <constraint>
+          <regex>^(\d{4}\-\d{2}\-\d{2})$</regex>
+        </constraint>
       </properties>
     </leafNode>
     <leafNode name="stoptime">
       <properties>
         <help>Time of day to stop matching rule</help>
-      </properties>
-    </leafNode>
-    <leafNode name="utc">
-      <properties>
-        <help>Interpret times for startdate, stopdate, starttime and stoptime to be UTC</help>
-        <valueless/>
+        <valueHelp>
+          <format>txt</format>
+          <description>Enter time using using 24 hour notation - hh:mm:ss</description>
+        </valueHelp>
+        <constraint>
+          <regex>^([0-2][0-9](\:[0-5][0-9]){1,2})$</regex>
+        </constraint>
       </properties>
     </leafNode>
     <leafNode name="weekdays">
       <properties>
-        <help>Weekdays to match rule on</help>
+        <help>Comma separated weekdays to match rule on</help>
+        <valueHelp>
+          <format>txt</format>
+          <description>Name of day (Monday, Tuesday, Wednesday, Thursdays, Friday, Saturday, Sunday)</description>
+        </valueHelp>
+        <valueHelp>
+          <format>u32:0-6</format>
+          <description>Day number (0 = Sunday ... 6 = Saturday)</description>
+        </valueHelp>
       </properties>
     </leafNode>
   </children>
diff --git a/interface-definitions/include/firewall/source-destination-group-ipv6.xml.i b/interface-definitions/include/firewall/source-destination-group-ipv6.xml.i
new file mode 100644
index 000000000..7815b78d4
--- /dev/null
+++ b/interface-definitions/include/firewall/source-destination-group-ipv6.xml.i
@@ -0,0 +1,33 @@
+<!-- include start from firewall/source-destination-group-ipv6.xml.i -->
+<node name="group">
+  <properties>
+    <help>Group</help>
+  </properties>
+  <children>
+    <leafNode name="address-group">
+      <properties>
+        <help>Group of addresses</help>
+        <completionHelp>
+          <path>firewall group ipv6-address-group</path>
+        </completionHelp>
+      </properties>
+    </leafNode>
+    <leafNode name="network-group">
+      <properties>
+        <help>Group of networks</help>
+        <completionHelp>
+          <path>firewall group ipv6-network-group</path>
+        </completionHelp>
+      </properties>
+    </leafNode>
+    <leafNode name="port-group">
+      <properties>
+        <help>Group of ports</help>
+        <completionHelp>
+          <path>firewall group port-group</path>
+        </completionHelp>
+      </properties>
+    </leafNode>
+  </children>
+</node>
+<!-- include end -->
diff --git a/interface-definitions/include/firewall/source-destination-group.xml.i b/interface-definitions/include/firewall/source-destination-group.xml.i
index 30226b0d8..9a9bed0fe 100644
--- a/interface-definitions/include/firewall/source-destination-group.xml.i
+++ b/interface-definitions/include/firewall/source-destination-group.xml.i
@@ -7,16 +7,25 @@
     <leafNode name="address-group">
       <properties>
         <help>Group of addresses</help>
+        <completionHelp>
+          <path>firewall group address-group</path>
+        </completionHelp>
       </properties>
     </leafNode>
     <leafNode name="network-group">
       <properties>
         <help>Group of networks</help>
+        <completionHelp>
+          <path>firewall group network-group</path>
+        </completionHelp>
       </properties>
     </leafNode>
     <leafNode name="port-group">
       <properties>
         <help>Group of ports</help>
+        <completionHelp>
+          <path>firewall group port-group</path>
+        </completionHelp>
       </properties>
     </leafNode>
   </children>
-- 
cgit v1.2.3