flm01/openwrt/packages/luci/host/lib/uci/schema/default/firewall

package firewall

config package
	option title 'Firewall configuration'

config section
	option name	'zone'
	option title	'Firewall zones'
	option package	'firewall'

config variable
	option name	'name'
	option title	'Name'
	option section	'firewall.zone'
	option required	true

config variable
	option name	'network'
	option title	'Networks belonging to this zone'
	option section	'firewall.zone'
	option valueof	'network.interface'
	option multival	true

config variable
	option name	'forward'
	option title	'Zone specific action for forwarded traffic'
	option section	'firewall.zone'
	option required	true

config variable
	option name	'input'
	option title	'Zone specific action for incoming traffic'
	option section	'firewall.zone'
	option required	true

config variable
	option name	'output'
	option title	'Zone specific action for outgoing traffic'
	option section	'firewall.zone'
	option required	true

config variable
	option name	'masq'
	option title	'Enable masquerading for outgoing zone traffic'
	option section	'firewall.zone'
	option datatype	'boolean'



config section
	option name	'defaults'
	option title	'Global firewall defaults'
	option package	'firewall'
	option unique	true
	option required	true

config variable
	option name	'forward'
	option title	'Action for forwarded traffic'
	option section	'firewall.defaults'
	option required	true

config variable
	option name	'input'
	option title	'Action for incoming traffic'
	option section	'firewall.defaults'
	option required	true

config variable
	option name	'output'
	option title	'Action for outgoing traffic'
	option section	'firewall.defaults'
	option required	true

config variable
	option name	'syn_flood'
	option title	'Enable syn-flood protection'
	option section	'firewall.defaults'
	option datatype	'boolean'

config variable
	option name	'drop_invalid'
	option title	'Do not drop packages with state invalid'
	option section	'firewall.defaults'
	option datatype	'boolean'



config section
	option name	'forwarding'
	option title	'Forwarding rules'
	option package	'firewall'

config variable
	option name	'src'
	option title	'Source zone'
	option section	'firewall.forwarding'
	option valueof	'firewall.zone.name'
	option required	true

config variable
	option name	'dest'
	option title	'Destination zone'
	option section	'firewall.forwarding'
	option valueof	'firewall.zone.name'
	option required	true

config variable
	option name	'mtu_fix'
	option title	'Fixup MTU of outgoing packages'
	option section	'firewall.forwarding'
	option datatype	'boolean'



config section
	option name	'rule'
	option title	'Custom rules'
	option package	'firewall'
	list   depends	'target, src'
	list   depends	'target, dest'
	list   depends	'target, src_ip'
	list   depends	'target, src_port'
	list   depends	'target, src_mac'
	list   depends	'target, dest_ip'
	list   depends	'target, dest_port'
	list   depends	'target, proto'

config variable
	option name	'src'
	option title	'Source zone'
	option section	'firewall.rule'
	option valueof	'firewall.zone.name'

config variable
	option name	'src_ip'
	option title	'Source IP address'
	option section	'firewall.rule'
	option datatype	'ipaddr'

config variable
	option name	'src_port'
	option title	'Source port'
	option section	'firewall.rule'
	option datatype	'portrange'

config variable
	option name	'src_mac'
	option title	'Source MAC address'
	option section	'firewall.rule'
	option datatype	'macaddr'

config variable
	option name	'dest'
	option title	'Destination zone'
	option section	'firewall.rule'
	option valueof	'firewall.zone.name'

config variable
	option name	'dest_ip'
	option title	'Destination IP address'
	option section	'firewall.rule'
	option datatype	'ipaddr'

config variable
	option name	'dest_port'
	option title	'Destination port'
	option section	'firewall.rule'
	option datatype	'portrange'

config variable
	option name	'proto'
	option title	'Protocol'
	option section	'firewall.rule'
	option datatype	'string'

config variable
	option name	'target'
	option title	'Option target'
	option section	'firewall.rule'
	option datatype	'string'



config section
	option name	'redirect'
	option title	'Redirection rules'
	option package	'firewall'

config variable
	option name	'src'
	option title	'Source zone'
	option section	'firewall.redirect'
	option valueof	'firewall.zone.name'

config variable
	option name	'src_ip'
	option title	'Source IP address'
	option section	'firewall.redirect'
	option datatype	'ipaddr'

config variable
	option name	'src_port'
	option title	'Source port'
	option section	'firewall.redirect'
	option datatype	'portrange'

config variable
	option name	'src_dport'
	option title	'Source destination port'
	option section	'firewall.redirect'
	option datatype	'portrange'

config variable
	option name	'src_mac'
	option title	'Option src_mac'
	option section	'firewall.redirect'
	option datatype	'macaddr'

config variable
	option name	'dest'
	option title	'Destination zone'
	option section	'firewall.redirect'
	option valueof	'firewall.zone.name'

config variable
	option name	'dest_ip'
	option title	'Destination IP address'
	option section	'firewall.redirect'
	option datatype	'ipaddr'

config variable
	option name	'dest_port'
	option title	'Destination port'
	option section	'firewall.redirect'
	option datatype	'portrange'

config variable
	option name	'proto'
	option title	'Protocol'
	option section	'firewall.redirect'
	option datatype	'string'



config section
	option name	'include'
	option title	'User defined config includes'
	option package	'firewall'

config variable
	option name	'path'
	option title	'Path to the include file'
	option section	'firewall.include'
	option datatype	'file'