blob: cf53e2bc881792abf2f236dd26ece4998bf9d8b3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
<?xml version="1.0"?>
<interfaceDefinition>
<node name="zone-policy" owner="${vyos_conf_scripts_dir}/zone_policy.py">
<properties>
<help>Configure zone-policy</help>
<priority>198</priority>
</properties>
<children>
<tagNode name="zone">
<properties>
<help>Zone name</help>
<valueHelp>
<format>txt</format>
<description>Zone name</description>
</valueHelp>
<constraint>
<regex>[a-zA-Z0-9][\w\-\.]*</regex>
</constraint>
</properties>
<children>
#include <include/generic-description.xml.i>
#include <include/firewall/enable-default-log.xml.i>
<leafNode name="default-action">
<properties>
<help>Default-action for traffic coming into this zone</help>
<completionHelp>
<list>drop reject</list>
</completionHelp>
<valueHelp>
<format>drop</format>
<description>Drop silently</description>
</valueHelp>
<valueHelp>
<format>reject</format>
<description>Drop and notify source</description>
</valueHelp>
<constraint>
<regex>(drop|reject)</regex>
</constraint>
</properties>
<defaultValue>drop</defaultValue>
</leafNode>
<tagNode name="from">
<properties>
<help>Zone from which to filter traffic</help>
<completionHelp>
<path>zone-policy zone</path>
</completionHelp>
</properties>
<children>
<node name="firewall">
<properties>
<help>Firewall options</help>
</properties>
<children>
<leafNode name="ipv6-name">
<properties>
<help>IPv6 firewall ruleset</help>
<completionHelp>
<path>firewall ipv6-name</path>
</completionHelp>
</properties>
</leafNode>
<leafNode name="name">
<properties>
<help>IPv4 firewall ruleset</help>
<completionHelp>
<path>firewall name</path>
</completionHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</tagNode>
<leafNode name="interface">
<properties>
<help>Interface associated with zone</help>
<valueHelp>
<format>txt</format>
<description>Interface associated with zone</description>
</valueHelp>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces.py</script>
</completionHelp>
<multi/>
</properties>
</leafNode>
<node name="intra-zone-filtering">
<properties>
<help>Intra-zone filtering</help>
</properties>
<children>
<leafNode name="action">
<properties>
<help>Action for intra-zone traffic</help>
<completionHelp>
<list>accept drop</list>
</completionHelp>
<valueHelp>
<format>accept</format>
<description>Accept traffic</description>
</valueHelp>
<valueHelp>
<format>drop</format>
<description>Drop silently</description>
</valueHelp>
<constraint>
<regex>(accept|drop)</regex>
</constraint>
</properties>
</leafNode>
<node name="firewall">
<properties>
<help>Use the specified firewall chain</help>
</properties>
<children>
<leafNode name="ipv6-name">
<properties>
<help>IPv6 firewall ruleset</help>
<completionHelp>
<path>firewall ipv6-name</path>
</completionHelp>
</properties>
</leafNode>
<leafNode name="name">
<properties>
<help>IPv4 firewall ruleset</help>
<completionHelp>
<path>firewall name</path>
</completionHelp>
</properties>
</leafNode>
</children>
</node>
</children>
</node>
<leafNode name="local-zone">
<properties>
<help>Zone to be local-zone</help>
<valueless/>
</properties>
</leafNode>
</children>
</tagNode>
</children>
</node>
</interfaceDefinition>
|
