diff options
author | Christian Breunig <christian@breunig.cc> | 2023-03-10 21:22:46 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-10 21:22:46 +0100 |
commit | 5d4908288931c9c319eb428e99a35f8dc4a7b9d6 (patch) | |
tree | 5349f494b8534cd3ace8e97d4d208da78de6a406 /python/vyos/firewall.py | |
parent | fe82d86d3e87cb8d92ebc9d0652c08e3dd79a12c (diff) | |
parent | 16c494c2f1364283988b52e35faf6b01745bbed4 (diff) | |
download | vyos-1x-5d4908288931c9c319eb428e99a35f8dc4a7b9d6.tar.gz vyos-1x-5d4908288931c9c319eb428e99a35f8dc4a7b9d6.zip |
Merge pull request #1871 from nicolas-fort/T5055
T5055: Firewall: add packet-type matcher in firewall and route policy
Diffstat (limited to 'python/vyos/firewall.py')
-rw-r--r-- | python/vyos/firewall.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py index 149803bf0..5be897d5f 100644 --- a/python/vyos/firewall.py +++ b/python/vyos/firewall.py @@ -277,6 +277,9 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name): negated_lengths_str = ','.join(rule_conf['packet_length_exclude']) output.append(f'ip{def_suffix} length != {{{negated_lengths_str}}}') + if 'packet_type' in rule_conf: + output.append(f'pkttype ' + rule_conf['packet_type']) + if 'dscp' in rule_conf: dscp_str = ','.join(rule_conf['dscp']) output.append(f'ip{def_suffix} dscp {{{dscp_str}}}') |