Merge pull request #1167 from sarthurdev/firewall

firewall: T4178: Use lowercase for TCP flags and add an validator
author: Christian Poessinger <christian@poessinger.com> 2022-01-14 20:30:56 +0100
committer: GitHub <noreply@github.com> 2022-01-14 20:30:56 +0100
commit: 9aa8e51de06bda0099231f2567dbb83e430faee4 (patch)
tree: 1eecd3caba390e300450af400bffee90ed137887 /python/vyos/firewall.py
parent: 97472739b4432cdbf8f73275ab00876add071692 (diff)
parent: df5a862beb84145dfc8434efde7d7fee783199cf (diff)
download: vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.tar.gz
vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.zip
1 files changed, 3 insertions, 4 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 66dc8bc40..acde9f913 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -171,7 +171,6 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
     if tcp_flags:
         output.append(parse_tcp_flags(tcp_flags))
 
-
     output.append('counter')
 
     if 'set' in rule_conf:
@@ -190,10 +189,10 @@ def parse_tcp_flags(flags):
     include = []
     for flag in flags.split(","):
         if flag[0] == '!':
-            flag = flag[1:]
+            flag = flag[1:].lower()
         else:
-            include.append(flag)
-        all_flags.append(flag)
+            include.append(flag.lower())
+        all_flags.append(flag.lower())
     return f'tcp flags & ({"|".join(all_flags)}) == {"|".join(include)}'
 
 def parse_time(time):
author	Christian Poessinger <christian@poessinger.com>	2022-01-14 20:30:56 +0100
committer	GitHub <noreply@github.com>	2022-01-14 20:30:56 +0100
commit	9aa8e51de06bda0099231f2567dbb83e430faee4 (patch)
tree	1eecd3caba390e300450af400bffee90ed137887 /python/vyos/firewall.py
parent	97472739b4432cdbf8f73275ab00876add071692 (diff)
parent	df5a862beb84145dfc8434efde7d7fee783199cf (diff)
download	vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.tar.gz vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.zip