From 3f6b5b5cec7eed685ae11202197b760a46e02137 Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Mon, 26 Sep 2022 11:41:15 +0000 Subject: T4700: Firewall: add interface matching criteria --- python/vyos/firewall.py | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'python/vyos/firewall.py') diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py index f9b7222fd..4075e55b0 100644 --- a/python/vyos/firewall.py +++ b/python/vyos/firewall.py @@ -248,6 +248,14 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name): value = rule_conf['hop_limit'][op] output.append(f'ip6 hoplimit {operator} {value}') + if 'inbound_interface' in rule_conf: + iiface = rule_conf['inbound_interface'] + output.append(f'iifname {iiface}') + + if 'outbound_interface' in rule_conf: + oiface = rule_conf['outbound_interface'] + output.append(f'oifname {oiface}') + if 'ttl' in rule_conf: operators = {'eq': '==', 'gt': '>', 'lt': '<'} for op, operator in operators.items(): -- cgit v1.2.3