From dcabea5919e299cdee9db7469b451356743cc7ff Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Thu, 27 Jan 2022 13:12:39 +0100
Subject: firewall: T4178: Fix tcp flags output when `not` isn't used

---
 python/vyos/firewall.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'python/vyos/firewall.py')

diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 808e90e38..4993d855e 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -190,8 +190,8 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
 
 def parse_tcp_flags(flags):
     include = [flag for flag in flags if flag != 'not']
-    all_flags = include + [flag for flag in flags['not']] if 'not' in flags else []
-    return f'tcp flags & ({"|".join(all_flags)}) == {"|".join(include)}'
+    exclude = flags['not'].keys() if 'not' in flags else []
+    return f'tcp flags & ({"|".join(include + exclude)}) == {"|".join(include)}'
 
 def parse_time(time):
     out = []
-- 
cgit v1.2.3