summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-fw/root
diff options
context:
space:
mode:
Diffstat (limited to 'applications/luci-fw/root')
-rw-r--r--applications/luci-fw/root/lib/uci/schema/default/firewall243
1 files changed, 243 insertions, 0 deletions
diff --git a/applications/luci-fw/root/lib/uci/schema/default/firewall b/applications/luci-fw/root/lib/uci/schema/default/firewall
new file mode 100644
index 000000000..3c2de4621
--- /dev/null
+++ b/applications/luci-fw/root/lib/uci/schema/default/firewall
@@ -0,0 +1,243 @@
+package firewall
+
+config package
+ option title 'Firewall configuration'
+
+config section
+ option name 'zone'
+ option title 'Firewall zones'
+ option package 'firewall'
+
+config variable
+ option name 'name'
+ option title 'Name'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'network'
+ option title 'Networks belonging to this zone'
+ option section 'firewall.zone'
+ option valueof 'network.interface'
+ option multival true
+
+config variable
+ option name 'forward'
+ option title 'Zone specific action for forwarded traffic'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'input'
+ option title 'Zone specific action for incoming traffic'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'output'
+ option title 'Zone specific action for outgoing traffic'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'masq'
+ option title 'Enable masquerading for outgoing zone traffic'
+ option section 'firewall.zone'
+ option datatype 'boolean'
+
+
+
+config section
+ option name 'defaults'
+ option title 'Global firewall defaults'
+ option package 'firewall'
+ option unique true
+ option required true
+
+config variable
+ option name 'forward'
+ option title 'Action for forwarded traffic'
+ option section 'firewall.defaults'
+ option required true
+
+config variable
+ option name 'input'
+ option title 'Action for incoming traffic'
+ option section 'firewall.defaults'
+ option required true
+
+config variable
+ option name 'output'
+ option title 'Action for outgoing traffic'
+ option section 'firewall.defaults'
+ option required true
+
+config variable
+ option name 'syn_flood'
+ option title 'Enable syn-flood protection'
+ option section 'firewall.defaults'
+ option datatype 'boolean'
+
+
+
+config section
+ option name 'forwarding'
+ option title 'Forwarding rules'
+ option package 'firewall'
+
+config variable
+ option name 'src'
+ option title 'Source zone'
+ option section 'firewall.forwarding'
+ option valueof 'firewall.zone.name'
+ option required true
+
+config variable
+ option name 'dest'
+ option title 'Destination zone'
+ option section 'firewall.forwarding'
+ option valueof 'firewall.zone.name'
+ option required true
+
+
+
+config section
+ option name 'rule'
+ option title 'Custom rules'
+ option package 'firewall'
+ list depends 'target, src'
+ list depends 'target, dest'
+ list depends 'target, src_ip'
+ list depends 'target, src_port'
+ list depends 'target, src_mac'
+ list depends 'target, dest_ip'
+ list depends 'target, dest_port'
+ list depends 'target, proto'
+
+config variable
+ option name 'src'
+ option title 'Source zone'
+ option section 'firewall.rule'
+ option valueof 'firewall.zone.name'
+
+config variable
+ option name 'src_ip'
+ option title 'Source IP address'
+ option section 'firewall.rule'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'src_port'
+ option title 'Source port'
+ option section 'firewall.rule'
+ option datatype 'portrange'
+
+config variable
+ option name 'src_mac'
+ option title 'Source MAC address'
+ option section 'firewall.rule'
+ option datatype 'macaddr'
+
+config variable
+ option name 'dest'
+ option title 'Destination zone'
+ option section 'firewall.rule'
+ option valueof 'firewall.zone.name'
+
+config variable
+ option name 'dest_ip'
+ option title 'Destination IP address'
+ option section 'firewall.rule'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'dest_port'
+ option title 'Destination port'
+ option section 'firewall.rule'
+ option datatype 'portrange'
+
+config variable
+ option name 'proto'
+ option title 'Protocol'
+ option section 'firewall.rule'
+ option datatype 'string'
+
+config variable
+ option name 'target'
+ option title 'Option target'
+ option section 'firewall.rule'
+ option datatype 'string'
+
+
+
+config section
+ option name 'redirect'
+ option title 'Redirection rules'
+ option package 'firewall'
+
+config variable
+ option name 'src'
+ option title 'Source zone'
+ option section 'firewall.redirect'
+ option valueof 'firewall.zone.name'
+
+config variable
+ option name 'src_ip'
+ option title 'Source IP address'
+ option section 'firewall.redirect'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'src_port'
+ option title 'Source port'
+ option section 'firewall.redirect'
+ option datatype 'portrange'
+
+config variable
+ option name 'src_dport'
+ option title 'Source destination port'
+ option section 'firewall.redirect'
+ option datatype 'portrange'
+
+config variable
+ option name 'src_mac'
+ option title 'Option src_mac'
+ option section 'firewall.redirect'
+ option datatype 'macaddr'
+
+config variable
+ option name 'dest'
+ option title 'Destination zone'
+ option section 'firewall.redirect'
+ option valueof 'firewall.zone.name'
+
+config variable
+ option name 'dest_ip'
+ option title 'Destination IP address'
+ option section 'firewall.redirect'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'dest_port'
+ option title 'Destination port'
+ option section 'firewall.redirect'
+ option datatype 'portrange'
+
+config variable
+ option name 'proto'
+ option title 'Protocol'
+ option section 'firewall.redirect'
+ option datatype 'string'
+
+
+
+config section
+ option name 'include'
+ option title 'User defined config includes'
+ option package 'firewall'
+
+config variable
+ option name 'path'
+ option title 'Path to the include file'
+ option section 'firewall.include'
+ option datatype 'file'