firewall: T4655: Fix default action 'drop' for the firewall

For some reason after firewall rewriting we are having default action 'accept' for 1.4 and default action 'drop' for 1.3 Fix this issue, set default action 'drop'
author: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-08-29 14:55:32 +0000
committer: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-08-29 14:55:32 +0000
commit: 0cc7e0a49094be809cccff9fb44288d883e6ef05 (patch)
tree: aa85c537fe1a9b62f80f459ede9af48663794901
parent: edb2d72c3487b06fffd67dde203219b3c1bd7443 (diff)
download: vyos-1x-0cc7e0a49094be809cccff9fb44288d883e6ef05.tar.gz
vyos-1x-0cc7e0a49094be809cccff9fb44288d883e6ef05.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py
index eb7f06480..62303bd55 100644
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -1,4 +1,4 @@
-# Copyright 2019-2020 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2019-2022 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -550,7 +550,7 @@ def nft_rule(rule_conf, fw_name, rule_id, ip_name='ip'):
 @register_filter('nft_default_rule')
 def nft_default_rule(fw_conf, fw_name):
     output = ['counter']
-    default_action = fw_conf.get('default_action', 'accept')
+    default_action = fw_conf.get('default_action', 'drop')
 
     if 'enable_default_log' in fw_conf:
         action_suffix = default_action[:1].upper()
author	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-08-29 14:55:32 +0000
committer	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-08-29 14:55:32 +0000
commit	0cc7e0a49094be809cccff9fb44288d883e6ef05 (patch)
tree	aa85c537fe1a9b62f80f459ede9af48663794901
parent	edb2d72c3487b06fffd67dde203219b3c1bd7443 (diff)
download	vyos-1x-0cc7e0a49094be809cccff9fb44288d883e6ef05.tar.gz vyos-1x-0cc7e0a49094be809cccff9fb44288d883e6ef05.zip