From be3d2f9f6623396f2e9c6543f67d81161c7ad94b Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Tue, 5 Sep 2023 16:09:45 +0200
Subject: firewall: T3509: Split IPv4 and IPv6 reverse path filtering like on
interfaces
---
.../include/firewall/global-options.xml.i | 32 +++++++++++++++++++---
1 file changed, 28 insertions(+), 4 deletions(-)
(limited to 'interface-definitions/include/firewall')
diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i
index a63874cb0..e655cd6ac 100644
--- a/interface-definitions/include/firewall/global-options.xml.i
+++ b/interface-definitions/include/firewall/global-options.xml.i
@@ -145,21 +145,21 @@
- Policy for source validation by reversed path, as specified in RFC3704
+ Policy for IPv4 source validation by reversed path, as specified in RFC3704
strict loose disable
strict
- Enable Strict Reverse Path Forwarding as defined in RFC3704
+ Enable IPv4 Strict Reverse Path Forwarding as defined in RFC3704
loose
- Enable Loose Reverse Path Forwarding as defined in RFC3704
+ Enable IPv4 Loose Reverse Path Forwarding as defined in RFC3704
disable
- No source validation
+ No IPv4 source validation
(strict|loose|disable)
@@ -227,6 +227,30 @@
disable
+
+
+ Policy for IPv6 source validation by reversed path, as specified in RFC3704
+
+ strict loose disable
+
+
+ strict
+ Enable IPv6 Strict Reverse Path Forwarding as defined in RFC3704
+
+
+ loose
+ Enable IPv6 Loose Reverse Path Forwarding as defined in RFC3704
+
+
+ disable
+ No IPv6 source validation
+
+
+ (strict|loose|disable)
+
+
+ disable
+
Policy for handling IPv6 packets with routing extension header
--
cgit v1.2.3