From 758a726e323672285c197bcb571f43b0b0ece462 Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Tue, 30 Aug 2022 17:07:50 +0200
Subject: firewall: T2199: Use data file instead of conf script

---
 scripts/init/vyos-router | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'scripts')

diff --git a/scripts/init/vyos-router b/scripts/init/vyos-router
index 2785132..ec7def5 100755
--- a/scripts/init/vyos-router
+++ b/scripts/init/vyos-router
@@ -299,10 +299,15 @@ start ()
     # reset and clean config files
     security_reset || log_failure_msg "security reset failed"
 
+    # Init firewall
+    nfct helper add rpc inet tcp
+    nfct helper add rpc inet udp
+    nfct helper add tns inet tcp
+    nft -f /usr/share/vyos/vyos-firewall-init.conf || log_failure_msg "could not initiate firewall rules"
+
     # As VyOS does not execute commands that are not present in the CLI we call
     # the script by hand to have a single source for the login banner and MOTD
     ${vyos_conf_scripts_dir}/system_console.py || log_failure_msg "could not reset serial console"
-    ${vyos_conf_scripts_dir}/firewall.py || log_failure_msg "could not initiate firewall rules"
     ${vyos_conf_scripts_dir}/system-login-banner.py || log_failure_msg "could not reset motd and issue files"
     ${vyos_conf_scripts_dir}/system-option.py || log_failure_msg "could not reset system option files"
     ${vyos_conf_scripts_dir}/conntrack.py || log_failure_msg "could not reset conntrack subsystem"
-- 
cgit v1.2.3