diff options
| author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-06-01 11:53:18 +0200 |
|---|---|---|
| committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-06-11 15:08:45 +0200 |
| commit | 8ba45cfcc1cc3fba57e1f82fa1299b7c253ba5ea (patch) | |
| tree | 37068db2932e20ed4aec01329c9e60d16eb769ed /data/templates/firewall/nftables.j2 | |
| parent | fe18efba34c5d95d3052c9e6fda69668bbfe63f3 (diff) | |
| download | vyos-1x-8ba45cfcc1cc3fba57e1f82fa1299b7c253ba5ea.tar.gz vyos-1x-8ba45cfcc1cc3fba57e1f82fa1299b7c253ba5ea.zip | |
firewall: T4299: Add support for GeoIP filtering
Diffstat (limited to 'data/templates/firewall/nftables.j2')
| -rw-r--r-- | data/templates/firewall/nftables.j2 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2 index 1f88ae40c..961b83301 100644 --- a/data/templates/firewall/nftables.j2 +++ b/data/templates/firewall/nftables.j2 @@ -60,6 +60,14 @@ table ip filter { flags dynamic } {% endfor %} +{% if geoip_updated.name is vyos_defined %} +{% for setname in geoip_updated.name %} + set {{ setname }} { + type ipv4_addr + flags interval + } +{% endfor %} +{% endif %} {% endif %} {% if state_policy is vyos_defined %} chain VYOS_STATE_POLICY { @@ -121,6 +129,14 @@ table ip6 filter { flags dynamic } {% endfor %} +{% if geoip_updated.ipv6_name is vyos_defined %} +{% for setname in geoip_updated.ipv6_name %} + set {{ setname }} { + type ipv6_addr + flags interval + } +{% endfor %} +{% endif %} {% endif %} {% if state_policy is vyos_defined %} chain VYOS_STATE_POLICY6 { |