diff options
author | Christian Breunig <christian@breunig.cc> | 2024-07-31 08:00:31 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-07-31 08:00:31 +0200 |
commit | 10bf3c85278370ba03ca371ce3598e1fae470998 (patch) | |
tree | 07f49028e5cf6cb4f23ea81cb8a16a192504de5d /src | |
parent | df15c8990c116c4264314d752abe4f1ea37403dc (diff) | |
parent | 014bf70b494bc0c479e97d8fa4cfe88d4c0d8498 (diff) | |
download | vyos-1x-10bf3c85278370ba03ca371ce3598e1fae470998.tar.gz vyos-1x-10bf3c85278370ba03ca371ce3598e1fae470998.zip |
Merge pull request #3906 from vyos/mergify/bp/circinus/pr-3715
T6313: Add "NAT" to "generate" command for rule resequence (backport #3715)
Diffstat (limited to 'src')
-rwxr-xr-x | src/op_mode/generate_service_rule-resequence.py (renamed from src/op_mode/generate_firewall_rule-resequence.py) | 29 |
1 files changed, 13 insertions, 16 deletions
diff --git a/src/op_mode/generate_firewall_rule-resequence.py b/src/op_mode/generate_service_rule-resequence.py index 21441f689..9333d6353 100755 --- a/src/op_mode/generate_firewall_rule-resequence.py +++ b/src/op_mode/generate_service_rule-resequence.py @@ -77,7 +77,7 @@ def change_rule_numbers(config_dict, start, step): change_rule_numbers(config_dict[key], start, step) -def convert_rule_keys_to_int(config_dict): +def convert_rule_keys_to_int(config_dict, prev_key=None): """ Converts rule keys in the configuration dictionary to integers. @@ -91,11 +91,11 @@ def convert_rule_keys_to_int(config_dict): new_dict = {} for key, value in config_dict.items(): # Convert key to integer if possible - new_key = int(key) if key.isdigit() else key + new_key = int(key) if key.isdigit() and prev_key == 'rule' else key # Recur for nested dictionaries if isinstance(value, dict): - new_value = convert_rule_keys_to_int(value) + new_value = convert_rule_keys_to_int(value, key) else: new_value = value @@ -111,27 +111,24 @@ def convert_rule_keys_to_int(config_dict): if __name__ == "__main__": # Parse command-line arguments parser = argparse.ArgumentParser(description='Convert dictionary to set commands with rule number modifications.') - parser.add_argument('--start', type=int, default=100, help='Start rule number') + parser.add_argument('--service', type=str, help='Name of service') + parser.add_argument('--start', type=int, default=100, help='Start rule number (default: 100)') parser.add_argument('--step', type=int, default=10, help='Step for rule numbers (default: 10)') args = parser.parse_args() config = ConfigTreeQuery() - if not config.exists('firewall'): - print('Firewall is not configured') + if not config.exists(args.service): + print(f'{args.service} is not configured') exit(1) - config_dict = config.get_config_dict('firewall') + config_dict = config.get_config_dict(args.service) - # Remove global-options, group and flowtable as they don't need sequencing - if 'global-options' in config_dict['firewall']: - del config_dict['firewall']['global-options'] + if 'firewall' in config_dict: + # Remove global-options, group and flowtable as they don't need sequencing + for item in ['global-options', 'group', 'flowtable']: + if item in config_dict['firewall']: + del config_dict['firewall'][item] - if 'group' in config_dict['firewall']: - del config_dict['firewall']['group'] - - if 'flowtable' in config_dict['firewall']: - del config_dict['firewall']['flowtable'] - # Convert rule keys to integers, rule "10" -> rule 10 # This is necessary for sorting the rules config_dict = convert_rule_keys_to_int(config_dict) |