diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-06-20 14:57:50 +0000 |
|---|---|---|
| committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-06-20 15:11:14 +0000 |
| commit | 7829229e8a91c554db188cf523669bb11ec77c2a (patch) | |
| tree | 7cacbfee3c9ff9a3dab380f1299b4206d9113c73 | |
| parent | 109e0940be4956879d3ba074894023a1508424bf (diff) | |
| download | vyos-1x-7829229e8a91c554db188cf523669bb11ec77c2a.tar.gz vyos-1x-7829229e8a91c554db188cf523669bb11ec77c2a.zip | |
T3900: firewall: fix for initial implementation - remove jump to state policy on OUTUT_raw
| -rw-r--r-- | data/templates/firewall/nftables.j2 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2 index 343917fee..ee34f58fc 100644 --- a/data/templates/firewall/nftables.j2 +++ b/data/templates/firewall/nftables.j2 @@ -86,7 +86,7 @@ table ip vyos_filter { {% for prior, conf in ipv4.output.items() %} chain VYOS_OUTPUT_{{ prior }} { type filter hook output priority {{ prior }}; policy accept; -{% if global_options.state_policy is vyos_defined %} +{% if global_options.state_policy is vyos_defined and prior == 'filter' %} jump VYOS_STATE_POLICY {% endif %} {% if conf.rule is vyos_defined %} |