diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-12-17 08:30:18 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-12-17 08:30:18 +0100 |
commit | 8637b02bb60baf499fc63696c28aa1af3559c308 (patch) | |
tree | 9037a1bfa13db97f8b0dd9f4e020beee8dd10f32 /python/vyos/firewall.py | |
parent | d7a67aa4a7e7bb82a60ad18103abc6b966a2f8b8 (diff) | |
parent | 9a5dfb4b7ec9e065a73511a38e1713aec03eee0e (diff) | |
download | vyos-1x-8637b02bb60baf499fc63696c28aa1af3559c308.tar.gz vyos-1x-8637b02bb60baf499fc63696c28aa1af3559c308.zip |
Merge pull request #1626 from nicolas-fort/fwall_group_interface
T4780: Firewall: add firewall groups in firewall. Extend matching cri…
Diffstat (limited to 'python/vyos/firewall.py')
-rw-r--r-- | python/vyos/firewall.py | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py index 48263eef5..429c44802 100644 --- a/python/vyos/firewall.py +++ b/python/vyos/firewall.py @@ -236,12 +236,20 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name): output.append(f'ip6 hoplimit {operator} {value}') if 'inbound_interface' in rule_conf: - iiface = rule_conf['inbound_interface'] - output.append(f'iifname {iiface}') + if 'interface_name' in rule_conf['inbound_interface']: + iiface = rule_conf['inbound_interface']['interface_name'] + output.append(f'iifname {{{iiface}}}') + else: + iiface = rule_conf['inbound_interface']['interface_group'] + output.append(f'iifname @I_{iiface}') if 'outbound_interface' in rule_conf: - oiface = rule_conf['outbound_interface'] - output.append(f'oifname {oiface}') + if 'interface_name' in rule_conf['outbound_interface']: + oiface = rule_conf['outbound_interface']['interface_name'] + output.append(f'oifname {{{oiface}}}') + else: + oiface = rule_conf['outbound_interface']['interface_group'] + output.append(f'oifname @I_{oiface}') if 'ttl' in rule_conf: operators = {'eq': '==', 'gt': '>', 'lt': '<'} |