summaryrefslogtreecommitdiffhomepage
path: root/libs/uvl
diff options
context:
space:
mode:
Diffstat (limited to 'libs/uvl')
-rw-r--r--libs/uvl/root/lib/uci/schema/default/firewall196
1 files changed, 170 insertions, 26 deletions
diff --git a/libs/uvl/root/lib/uci/schema/default/firewall b/libs/uvl/root/lib/uci/schema/default/firewall
index 3d293ad61..ac139fc8b 100644
--- a/libs/uvl/root/lib/uci/schema/default/firewall
+++ b/libs/uvl/root/lib/uci/schema/default/firewall
@@ -1,6 +1,50 @@
package firewall
config section
+ option name 'zone'
+ option title 'Firewall zones'
+ option package 'firewall'
+
+config variable
+ option name 'name'
+ option title 'Name of this firewall zone'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'network'
+ option title 'Associated network of this firewall zone'
+ option section 'firewall.zone'
+# option valueof 'network.interface'
+# option type 'lazylist'
+
+config variable
+ option name 'forward'
+ option title 'Zone specific action for forwarded traffic'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'input'
+ option title 'Zone specific action for incoming traffic'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'output'
+ option title 'Zone specific action for outgoing traffic'
+ option section 'firewall.zone'
+ option required true
+
+config variable
+ option name 'masq'
+ option title 'Enable masquerading for outgoing zone traffic'
+ option section 'firewall.zone'
+ option datatype 'boolean'
+
+
+
+config section
option name 'defaults'
option title 'Global firewall defaults'
option package 'firewall'
@@ -32,6 +76,7 @@ config variable
option datatype 'boolean'
+
config section
option name 'forwarding'
option title 'Firewall traffic forwarding rules'
@@ -52,44 +97,143 @@ config variable
option required true
+
config section
- option name 'zone'
- option title 'Firewall zones'
+ option name 'rule'
+ option title 'Custom rule specification'
option package 'firewall'
+ list depends 'target, src'
+ list depends 'target, dest'
config variable
- option name 'name'
- option title 'Name of this firewall zone'
- option section 'firewall.zone'
- option required true
+ option name 'src'
+ option title 'Source zone'
+ option section 'firewall.rule'
+ list valueof 'firewall.zone'
+ list valueof 'firewall.zone.network'
config variable
- option name 'network'
- option title 'Associated network of this firewall zone'
- option section 'firewall.zone'
-# option valueof 'network.interface'
-# option type 'lazylist'
+ option name 'src_ip'
+ option title 'Source IP address'
+ option section 'firewall.rule'
+ option datatype 'ipaddr'
config variable
- option name 'forward'
- option title 'Zone specific action for forwarded traffic'
- option section 'firewall.zone'
- option required true
+ option name 'src_port'
+ option title 'Source port'
+ option section 'firewall.rule'
+ option datatype 'uint'
config variable
- option name 'input'
- option title 'Zone specific action for incoming traffic'
- option section 'firewall.zone'
- option required true
+ option name 'src_mac'
+ option title 'Source MAC address'
+ option section 'firewall.rule'
+ option datatype 'macaddr'
config variable
- option name 'output'
- option title 'Zone specific action for outgoing traffic'
- option section 'firewall.zone'
+ option name 'dest'
+ option title 'Destination zone'
+ option section 'firewall.rule'
+ list valueof 'firewall.zone'
+ list valueof 'firewall.zone.network'
+
+config variable
+ option name 'dest_ip'
+ option title 'Destination IP address'
+ option section 'firewall.rule'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'dest_port'
+ option title 'Destination port'
+ option section 'firewall.rule'
+ option datatype 'uint'
+
+config variable
+ option name 'proto'
+ option title 'Protocol'
+ option section 'firewall.rule'
+ option datatype 'string'
+
+config variable
+ option name 'target'
+ option title 'Option target'
+ option section 'firewall.rule'
+ option datatype 'string'
option required true
+
+
+config section
+ option name 'redirect'
+ option title 'Traffic redirection rule definition'
+ option package 'firewall'
+
config variable
- option name 'masq'
- option title 'Enable masquerading for outgoing zone traffic'
- option section 'firewall.zone'
- option datatype 'boolean'
+ option name 'src'
+ option title 'Source zone'
+ option section 'firewall.redirect'
+ list valueof 'firewall.zone'
+ list valueof 'firewall.zone.network'
+
+config variable
+ option name 'src_ip'
+ option title 'Source IP address'
+ option section 'firewall.redirect'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'src_port'
+ option title 'Source port'
+ option section 'firewall.redirect'
+ option datatype 'uint'
+
+config variable
+ option name 'src_dport'
+ option title 'Source destination port'
+ option section 'firewall.redirect'
+ option datatype 'uint'
+
+config variable
+ option name 'src_mac'
+ option title 'Option src_mac'
+ option section 'firewall.redirect'
+ option datatype 'macaddr'
+
+config variable
+ option name 'dest'
+ option title 'Destination zone'
+ option section 'firewall.redirect'
+ list valueof 'firewall.zone'
+ list valueof 'firewall.zone.network'
+
+config variable
+ option name 'dest_ip'
+ option title 'Destination IP address'
+ option section 'firewall.redirect'
+ option datatype 'ipaddr'
+
+config variable
+ option name 'dest_port'
+ option title 'Destination port'
+ option section 'firewall.redirect'
+ option datatype 'uint'
+
+config variable
+ option name 'proto'
+ option title 'Protocol'
+ option section 'firewall.redirect'
+ option datatype 'string'
+
+
+
+config section
+ option name 'include'
+ option title 'User defined config includes'
+ option package 'firewall'
+
+config variable
+ option name 'path'
+ option title 'Path to the include file'
+ option section 'firewall.include'
+ option datatype 'file'