summaryrefslogtreecommitdiff
path: root/templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def
diff options
context:
space:
mode:
Diffstat (limited to 'templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def')
-rw-r--r--templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def15
1 files changed, 0 insertions, 15 deletions
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def
index 807ae5a..1d29970 100644
--- a/templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/vti/mark/node.def
@@ -1,17 +1,2 @@
type: u32
help: Mark associated with the secure tunnel interface [REQUIRED]
-
-update:
- old_mark=`cli-shell-api returnActiveValue vpn ipsec site-to-site peer $VAR(../../@) vti mark`
- if [ ! -z "$old_mark" ] ; then
- sudo iptables -t mangle -D PREROUTING -s $VAR(../../@) -p esp -j MARK --set-mark $old_mark
- sudo iptables -t mangle -D PREROUTING -s $VAR(../../@) -p udp --dport 4500 -j MARK --set-mark $old_mark
- fi
- sudo iptables -t mangle -A PREROUTING -s $VAR(../../@) -p esp -j MARK --set-mark $VAR(@)
- sudo iptables -t mangle -A PREROUTING -s $VAR(../../@) -p udp --dport 4500 -j MARK --set-mark $VAR(@)
-
-delete:
- sudo iptables -t mangle -D PREROUTING -s $VAR(../../@) -p esp -j MARK --set-mark $VAR(@)
- sudo iptables -t mangle -D PREROUTING -s $VAR(../../@) -p udp --dport 4500 -j MARK --set-mark $VAR(@)
- # need a exit 0 because if there is no iptables entry then we want to keep the commit going.
- exit 0
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-19 18:58:53 +0000