summaryrefslogtreecommitdiff
path: root/python
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-01-14 20:30:56 +0100
committerGitHub <noreply@github.com>2022-01-14 20:30:56 +0100
commit9aa8e51de06bda0099231f2567dbb83e430faee4 (patch)
tree1eecd3caba390e300450af400bffee90ed137887 /python
parent97472739b4432cdbf8f73275ab00876add071692 (diff)
parentdf5a862beb84145dfc8434efde7d7fee783199cf (diff)
downloadvyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.tar.gz
vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.zip
Merge pull request #1167 from sarthurdev/firewall
firewall: T4178: Use lowercase for TCP flags and add an validator
Diffstat (limited to 'python')
-rw-r--r--python/vyos/firewall.py7
1 files changed, 3 insertions, 4 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 66dc8bc40..acde9f913 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -171,7 +171,6 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
if tcp_flags:
output.append(parse_tcp_flags(tcp_flags))
-
output.append('counter')
if 'set' in rule_conf:
@@ -190,10 +189,10 @@ def parse_tcp_flags(flags):
include = []
for flag in flags.split(","):
if flag[0] == '!':
- flag = flag[1:]
+ flag = flag[1:].lower()
else:
- include.append(flag)
- all_flags.append(flag)
+ include.append(flag.lower())
+ all_flags.append(flag.lower())
return f'tcp flags & ({"|".join(all_flags)}) == {"|".join(include)}'
def parse_time(time):