From 2dc2df575bc4de60759a272f5e6880326501a7ef Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Thu, 16 Nov 2023 15:37:56 +0000 Subject: T4072: firewall: backport bridge firewall to sagitta --- op-mode-definitions/firewall.xml.in | 84 ++++++++++++++++++++++++++++++------- 1 file changed, 68 insertions(+), 16 deletions(-) (limited to 'op-mode-definitions') diff --git a/op-mode-definitions/firewall.xml.in b/op-mode-definitions/firewall.xml.in index 0f296c272..4a7ffbb66 100644 --- a/op-mode-definitions/firewall.xml.in +++ b/op-mode-definitions/firewall.xml.in @@ -132,6 +132,58 @@ sudo ${vyos_op_scripts_dir}/firewall.py --action show_group + + + Show bridge firewall + + + + + Show bridge forward firewall ruleset + + + + + Show bridge forward filter firewall ruleset + + + + + Show summary of bridge forward filter firewall rules + + firewall bridge forward filter rule + + + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 + + + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 + + + + + + Show bridge custom firewall chains + + firewall bridge name + + + + + + Show summary of bridge custom firewall ruleset + + firewall bridge name ${COMP_WORDS[6]} rule + + + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 + + + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 + + + sudo ${vyos_op_scripts_dir}/firewall.py --action show_family --family $3 + Show IPv6 firewall @@ -154,10 +206,10 @@ firewall ipv6 forward filter rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 @@ -178,10 +230,10 @@ firewall ipv6 input filter rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 @@ -202,10 +254,10 @@ firewall ipv6 output filter rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 @@ -224,10 +276,10 @@ firewall ipv6 ipv6-name ${COMP_WORDS[6]} rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --ipv6 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 sudo ${vyos_op_scripts_dir}/firewall.py --action show_family --family $3 @@ -254,10 +306,10 @@ firewall ipv4 forward filter rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 @@ -278,10 +330,10 @@ firewall ipv4 input filter rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 @@ -302,10 +354,10 @@ firewall ipv4 output filter rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 @@ -324,10 +376,10 @@ firewall ipv4 name ${COMP_WORDS[6]} rule - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 --rule $7 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 - sudo ${vyos_op_scripts_dir}/firewall.py --action show --hook $4 --priority $5 + sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 sudo ${vyos_op_scripts_dir}/firewall.py --action show_family --family $3 -- cgit v1.2.3