diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-06-25 11:55:53 +0000 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-06-25 11:55:53 +0000 |
commit | ecf3141d5b5fe08c6ae00b5cd299daf6a6e30f82 (patch) | |
tree | 0d586110176a8f9da532df80efcfc669b007518f | |
parent | 4f89e4b7a19a58d893e4e89a6e8491f239f1122e (diff) | |
download | vyos-1x-ecf3141d5b5fe08c6ae00b5cd299daf6a6e30f82.tar.gz vyos-1x-ecf3141d5b5fe08c6ae00b5cd299daf6a6e30f82.zip |
T3900: extend latest fix for firewall raw implementation to ipv6.
-rw-r--r-- | data/templates/firewall/nftables.j2 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2 index ee34f58fc..68a3bfd87 100644 --- a/data/templates/firewall/nftables.j2 +++ b/data/templates/firewall/nftables.j2 @@ -239,7 +239,7 @@ table ip6 vyos_filter { {% for prior, conf in ipv6.output.items() %} chain VYOS_IPV6_OUTPUT_{{ prior }} { type filter hook output priority {{ prior }}; policy accept; -{% if global_options.state_policy is vyos_defined %} +{% if global_options.state_policy is vyos_defined and prior == 'filter' %} jump VYOS_STATE_POLICY6 {% endif %} {% if conf.rule is vyos_defined %} |