From 16c494c2f1364283988b52e35faf6b01745bbed4 Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Mon, 6 Mar 2023 18:30:55 +0000 Subject: T5055: Firewall: add packet-type matcher in firewall and route policy --- interface-definitions/firewall.xml.in | 4 +- .../include/firewall/packet-length.xml.i | 36 ------------- .../include/firewall/packet-options.xml.i | 63 ++++++++++++++++++++++ interface-definitions/policy-route.xml.in | 4 +- 4 files changed, 67 insertions(+), 40 deletions(-) delete mode 100644 interface-definitions/include/firewall/packet-length.xml.i create mode 100644 interface-definitions/include/firewall/packet-options.xml.i (limited to 'interface-definitions') diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index c9a132c4a..f8eed2ce0 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -459,7 +459,7 @@ #include #include - #include + #include #include #include @@ -629,7 +629,7 @@ #include #include - #include + #include #include diff --git a/interface-definitions/include/firewall/packet-length.xml.i b/interface-definitions/include/firewall/packet-length.xml.i deleted file mode 100644 index fd2eb67b0..000000000 --- a/interface-definitions/include/firewall/packet-length.xml.i +++ /dev/null @@ -1,36 +0,0 @@ - - - - Payload size in bytes, including header and data to match - - u32:1-65535 - Packet length to match - - - <start-end> - Packet length range to match - - - - - - - - - - Payload size in bytes, including header and data not to match - - u32:1-65535 - Packet length not to match - - - <start-end> - Packet length range not to match - - - - - - - - diff --git a/interface-definitions/include/firewall/packet-options.xml.i b/interface-definitions/include/firewall/packet-options.xml.i new file mode 100644 index 000000000..cd94e69c2 --- /dev/null +++ b/interface-definitions/include/firewall/packet-options.xml.i @@ -0,0 +1,63 @@ + + + + Payload size in bytes, including header and data to match + + u32:1-65535 + Packet length to match + + + <start-end> + Packet length range to match + + + + + + + + + + Payload size in bytes, including header and data not to match + + u32:1-65535 + Packet length not to match + + + <start-end> + Packet length range not to match + + + + + + + + + + Packet type + + broadcast host multicast other + + + broadcast + Match broadcast packet type + + + host + Match host packet type, addressed to local host + + + multicast + Match multicast packet type + + + other + Match packet addressed to another host + + + (broadcast|host|multicast|other) + + + + diff --git a/interface-definitions/policy-route.xml.in b/interface-definitions/policy-route.xml.in index d7b159839..bbd6dbf56 100644 --- a/interface-definitions/policy-route.xml.in +++ b/interface-definitions/policy-route.xml.in @@ -50,7 +50,7 @@ #include #include #include - #include + #include #include #include @@ -105,7 +105,7 @@ #include #include #include - #include + #include #include #include -- cgit v1.2.3