diff options
author | Christian Breunig <christian@breunig.cc> | 2024-06-25 15:05:01 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-06-25 15:05:01 +0200 |
commit | 064cbc38f1449aea292907ac518eeffaa64e27d6 (patch) | |
tree | 0d586110176a8f9da532df80efcfc669b007518f | |
parent | 4f89e4b7a19a58d893e4e89a6e8491f239f1122e (diff) | |
parent | ecf3141d5b5fe08c6ae00b5cd299daf6a6e30f82 (diff) | |
download | vyos-1x-064cbc38f1449aea292907ac518eeffaa64e27d6.tar.gz vyos-1x-064cbc38f1449aea292907ac518eeffaa64e27d6.zip |
Merge pull request #3722 from nicolas-fort/T3900-v6-template
T3900: extend latest fix for firewall raw implementation to ipv6.
-rw-r--r-- | data/templates/firewall/nftables.j2 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2 index ee34f58fc..68a3bfd87 100644 --- a/data/templates/firewall/nftables.j2 +++ b/data/templates/firewall/nftables.j2 @@ -239,7 +239,7 @@ table ip6 vyos_filter { {% for prior, conf in ipv6.output.items() %} chain VYOS_IPV6_OUTPUT_{{ prior }} { type filter hook output priority {{ prior }}; policy accept; -{% if global_options.state_policy is vyos_defined %} +{% if global_options.state_policy is vyos_defined and prior == 'filter' %} jump VYOS_STATE_POLICY6 {% endif %} {% if conf.rule is vyos_defined %} |