summaryrefslogtreecommitdiff
path: root/python/vyos/firewall.py
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2023-03-06 18:30:55 +0000
committerNicolas Fort <nicolasfort1988@gmail.com>2023-03-06 19:15:15 +0000
commit16c494c2f1364283988b52e35faf6b01745bbed4 (patch)
tree7f30a99dd31d0aa3a519d5c89cf2f45dbd326776 /python/vyos/firewall.py
parent14bca4e80c4d0773ada6862f732c2f1495594239 (diff)
downloadvyos-1x-16c494c2f1364283988b52e35faf6b01745bbed4.tar.gz
vyos-1x-16c494c2f1364283988b52e35faf6b01745bbed4.zip
T5055: Firewall: add packet-type matcher in firewall and route policy
Diffstat (limited to 'python/vyos/firewall.py')
-rw-r--r--python/vyos/firewall.py3
1 files changed, 3 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 149803bf0..5be897d5f 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -277,6 +277,9 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
negated_lengths_str = ','.join(rule_conf['packet_length_exclude'])
output.append(f'ip{def_suffix} length != {{{negated_lengths_str}}}')
+ if 'packet_type' in rule_conf:
+ output.append(f'pkttype ' + rule_conf['packet_type'])
+
if 'dscp' in rule_conf:
dscp_str = ','.join(rule_conf['dscp'])
output.append(f'ip{def_suffix} dscp {{{dscp_str}}}')