diff options
author | Christian Breunig <christian@breunig.cc> | 2024-06-20 22:00:47 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-06-20 22:00:47 +0200 |
commit | 442bf37dbccbcb9f47333543742fa7aa665bb417 (patch) | |
tree | 7cacbfee3c9ff9a3dab380f1299b4206d9113c73 /data/templates/firewall | |
parent | 109e0940be4956879d3ba074894023a1508424bf (diff) | |
parent | 7829229e8a91c554db188cf523669bb11ec77c2a (diff) | |
download | vyos-1x-442bf37dbccbcb9f47333543742fa7aa665bb417.tar.gz vyos-1x-442bf37dbccbcb9f47333543742fa7aa665bb417.zip |
Merge pull request #3693 from nicolas-fort/T3900-fix-template
T3900: firewall: fix for initial implementation
Diffstat (limited to 'data/templates/firewall')
-rw-r--r-- | data/templates/firewall/nftables.j2 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2 index 343917fee..ee34f58fc 100644 --- a/data/templates/firewall/nftables.j2 +++ b/data/templates/firewall/nftables.j2 @@ -86,7 +86,7 @@ table ip vyos_filter { {% for prior, conf in ipv4.output.items() %} chain VYOS_OUTPUT_{{ prior }} { type filter hook output priority {{ prior }}; policy accept; -{% if global_options.state_policy is vyos_defined %} +{% if global_options.state_policy is vyos_defined and prior == 'filter' %} jump VYOS_STATE_POLICY {% endif %} {% if conf.rule is vyos_defined %} |