firewall: T5493: Implement remote-group

author: Alex W <embezzle.dev@proton.me> 2025-01-30 20:22:41 +0000
committer: Alex W <embezzle.dev@proton.me> 2025-03-21 21:08:50 +0100
commit: 9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410 (patch)
tree: 29af39c615a3b3cbcf327af4839f578f29af00d9 /python/vyos/firewall.py
parent: 7eec4583bf7feb900fad02e009b9ded11b52fd5d (diff)
download: veeos-1x-9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410.tar.gz
veeos-1x-9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 314e8dfe3..9f01f8be1 100755
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -310,6 +310,13 @@ def parse_rule(rule_conf, hook, fw_name, rule_id, ip_name):
                         operator = '!='
                         group_name = group_name[1:]
                     output.append(f'{ip_name} {prefix}addr {operator} @D_{group_name}')
+                elif 'remote_group' in group:
+                    group_name = group['remote_group']
+                    operator = ''
+                    if group_name[0] == '!':
+                        operator = '!='
+                        group_name = group_name[1:]
+                    output.append(f'{ip_name} {prefix}addr {operator} @R_{group_name}')
                 if 'mac_group' in group:
                     group_name = group['mac_group']
                     operator = ''
author	Alex W <embezzle.dev@proton.me>	2025-01-30 20:22:41 +0000
committer	Alex W <embezzle.dev@proton.me>	2025-03-21 21:08:50 +0100
commit	9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410 (patch)
tree	29af39c615a3b3cbcf327af4839f578f29af00d9 /python/vyos/firewall.py
parent	7eec4583bf7feb900fad02e009b9ded11b52fd5d (diff)
download	veeos-1x-9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410.tar.gz veeos-1x-9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410.zip