Add XML for firewall configuration mode.
Description
Description
Details
Details
- Version
- -
- Is it a breaking change?
- Perfectly compatible
- Issue type
- Unspecified (please specify)
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | sarthurdev | T2199 Rewrite firewall in new XML/Python style | |||
| Resolved | FEATURE REQUEST | Viacheslav | T3568 Add XML for firewall conf-mode |
Event Timeline
Comment Actions
PR https://github.com/vyos/vyos-1x/pull/854
Add XML for the firewall. For future rewriting to Python style.
set nfirewall all-ping 'enable' set nfirewall group address-group ADDR address '10.0.0.1-10.0.0.5' set nfirewall group address-group ADDR address '192.0.2.1' set nfirewall name FOO default-action 'drop' set nfirewall name FOO rule 10 action 'permit' set nfirewall name FOO rule 10 destination address '192.0.2.1' set nfirewall name FOO rule 10 destination port '22' set nfirewall state-policy established log enable
Commit
vyos@r6-roll# commit
[ nfirewall ]
{'all_ping': 'enable',
'group': {'address_group': {'ADDR': {'address': ['10.0.0.1-10.0.0.5',
'192.0.2.1']}}},
'name': {'FOO': {'default_action': 'drop',
'rule': {'10': {'action': 'permit',
'destination': {'address': '192.0.2.1',
'port': '22'}}}}},
'state_policy': {'established': {'log': {'enable': {}}}}}
[edit]
vyos@r6-roll#