applications/luci-fw/root/lib/uci/schema/default/firewall

   1 package firewall
   2
   3 config package
   4         option title 'Firewall configuration'
   5
   6 config section
   7         option name     'zone'
   8         option title    'Firewall zones'
   9         option package  'firewall'
  10
  11 config variable
  12         option name     'name'
  13         option title    'Name'
  14         option section  'firewall.zone'
  15         option required true
  16
  17 config variable
  18         option name     'network'
  19         option title    'Networks belonging to this zone'
  20         option section  'firewall.zone'
  21         option valueof  'network.interface'
  22         option multival true
  23
  24 config variable
  25         option name     'forward'
  26         option title    'Zone specific action for forwarded traffic'
  27         option section  'firewall.zone'
  28         option required true
  29
  30 config variable
  31         option name     'input'
  32         option title    'Zone specific action for incoming traffic'
  33         option section  'firewall.zone'
  34         option required true
  35
  36 config variable
  37         option name     'output'
  38         option title    'Zone specific action for outgoing traffic'
  39         option section  'firewall.zone'
  40         option required true
  41
  42 config variable
  43         option name     'masq'
  44         option title    'Enable masquerading for outgoing zone traffic'
  45         option section  'firewall.zone'
  46         option datatype 'boolean'
  47
  48
  49
  50 config section
  51         option name     'defaults'
  52         option title    'Global firewall defaults'
  53         option package  'firewall'
  54         option unique   true
  55         option required true
  56
  57 config variable
  58         option name     'forward'
  59         option title    'Action for forwarded traffic'
  60         option section  'firewall.defaults'
  61         option required true
  62
  63 config variable
  64         option name     'input'
  65         option title    'Action for incoming traffic'
  66         option section  'firewall.defaults'
  67         option required true
  68
  69 config variable
  70         option name     'output'
  71         option title    'Action for outgoing traffic'
  72         option section  'firewall.defaults'
  73         option required true
  74
  75 config variable
  76         option name     'syn_flood'
  77         option title    'Enable syn-flood protection'
  78         option section  'firewall.defaults'
  79         option datatype 'boolean'
  80
  81
  82
  83 config section
  84         option name     'forwarding'
  85         option title    'Forwarding rules'
  86         option package  'firewall'
  87
  88 config variable
  89         option name     'src'
  90         option title    'Source zone'
  91         option section  'firewall.forwarding'
  92         option valueof  'firewall.zone.name'
  93         option required true
  94
  95 config variable
  96         option name     'dest'
  97         option title    'Destination zone'
  98         option section  'firewall.forwarding'
  99         option valueof  'firewall.zone.name'
 100         option required true
 101
 102
 103
 104 config section
 105         option name     'rule'
 106         option title    'Custom rules'
 107         option package  'firewall'
 108         list   depends  'target, src'
 109         list   depends  'target, dest'
 110         list   depends  'target, src_ip'
 111         list   depends  'target, src_port'
 112         list   depends  'target, src_mac'
 113         list   depends  'target, dest_ip'
 114         list   depends  'target, dest_port'
 115         list   depends  'target, proto'
 116
 117 config variable
 118         option name     'src'
 119         option title    'Source zone'
 120         option section  'firewall.rule'
 121         option valueof  'firewall.zone.name'
 122
 123 config variable
 124         option name     'src_ip'
 125         option title    'Source IP address'
 126         option section  'firewall.rule'
 127         option datatype 'ipaddr'
 128
 129 config variable
 130         option name     'src_port'
 131         option title    'Source port'
 132         option section  'firewall.rule'
 133         option datatype 'portrange'
 134
 135 config variable
 136         option name     'src_mac'
 137         option title    'Source MAC address'
 138         option section  'firewall.rule'
 139         option datatype 'macaddr'
 140
 141 config variable
 142         option name     'dest'
 143         option title    'Destination zone'
 144         option section  'firewall.rule'
 145         option valueof  'firewall.zone.name'
 146
 147 config variable
 148         option name     'dest_ip'
 149         option title    'Destination IP address'
 150         option section  'firewall.rule'
 151         option datatype 'ipaddr'
 152
 153 config variable
 154         option name     'dest_port'
 155         option title    'Destination port'
 156         option section  'firewall.rule'
 157         option datatype 'portrange'
 158
 159 config variable
 160         option name     'proto'
 161         option title    'Protocol'
 162         option section  'firewall.rule'
 163         option datatype 'string'
 164
 165 config variable
 166         option name     'target'
 167         option title    'Option target'
 168         option section  'firewall.rule'
 169         option datatype 'string'
 170
 171
 172
 173 config section
 174         option name     'redirect'
 175         option title    'Redirection rules'
 176         option package  'firewall'
 177
 178 config variable
 179         option name     'src'
 180         option title    'Source zone'
 181         option section  'firewall.redirect'
 182         option valueof  'firewall.zone.name'
 183
 184 config variable
 185         option name     'src_ip'
 186         option title    'Source IP address'
 187         option section  'firewall.redirect'
 188         option datatype 'ipaddr'
 189
 190 config variable
 191         option name     'src_port'
 192         option title    'Source port'
 193         option section  'firewall.redirect'
 194         option datatype 'portrange'
 195
 196 config variable
 197         option name     'src_dport'
 198         option title    'Source destination port'
 199         option section  'firewall.redirect'
 200         option datatype 'portrange'
 201
 202 config variable
 203         option name     'src_mac'
 204         option title    'Option src_mac'
 205         option section  'firewall.redirect'
 206         option datatype 'macaddr'
 207
 208 config variable
 209         option name     'dest'
 210         option title    'Destination zone'
 211         option section  'firewall.redirect'
 212         option valueof  'firewall.zone.name'
 213
 214 config variable
 215         option name     'dest_ip'
 216         option title    'Destination IP address'
 217         option section  'firewall.redirect'
 218         option datatype 'ipaddr'
 219
 220 config variable
 221         option name     'dest_port'
 222         option title    'Destination port'
 223         option section  'firewall.redirect'
 224         option datatype 'portrange'
 225
 226 config variable
 227         option name     'proto'
 228         option title    'Protocol'
 229         option section  'firewall.redirect'
 230         option datatype 'string'
 231
 232
 233
 234 config section
 235         option name     'include'
 236         option title    'User defined config includes'
 237         option package  'firewall'
 238
 239 config variable
 240         option name     'path'
 241         option title    'Path to the include file'
 242         option section  'firewall.include'
 243         option datatype 'file'