diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-04-05 14:42:18 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-04-05 15:57:35 +0200 |
| commit | b4b27f81cb37d9f9b894139b4e72d16d557a3bec (patch) | |
| tree | 2973faf37be67d1e51db156fb5412b08050a86e1 | |
| parent | bf31d443ad3f4b702dfa614800e2be0b66820874 (diff) | |
| download | vyatta-cfg-firewall-b4b27f81cb37d9f9b894139b4e72d16d557a3bec.tar.gz vyatta-cfg-firewall-b4b27f81cb37d9f9b894139b4e72d16d557a3bec.zip | |
T3456: add missing priority when removing per interface firewall rules
This is the second commit for fixing this issue, the first was for the
policy based routing and fixed in commit dc80ce45f95 ("T3456: add missing
priority when deleting interface policy").
set firewall name FOO rule 10 action 'accept'
set interfaces ethernet eth0 firewall local name 'FOO'
commit
This was not able to be removed again in one commit, two commits are required.
vyos@r4-roll# delete firewall
[edit]
vyos@r4-roll# delete interfaces ethernet eth0 firewall
[edit]
vyos@r4-roll# commit
[ firewall name FOO ]
Firewall configuration error: Cannot delete rule set "FOO" (still in use)
delete [ firewall name FOO ] failed
delete [ firewall ] failed
Commit failed
[edit]
vyos@r4-roll#
(cherry picked from commit 8e1ab2a747a26a3a574c411b95ffb2a3ca7e3854)
| -rwxr-xr-x | gen-interface-templates.pl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/gen-interface-templates.pl b/gen-interface-templates.pl index 9e8db61..9979de3 100755 --- a/gen-interface-templates.pl +++ b/gen-interface-templates.pl @@ -136,6 +136,7 @@ sub gen_firewall_template { print $tp "priority: $interface_prio{ $if_tree }\n"; } print $tp "help: Firewall options\n"; + print $tp "priority: 615\n"; die "ERROR: No firewall hash for ${if_tree}" unless $firewall_hash{"${if_tree}"}; print $tp 'end: ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="interfaces '; print $tp $firewall_hash{"${if_tree}"} . ' firewall"' . "\n"; |