summaryrefslogtreecommitdiff
path: root/data/templates/firewall
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-04-10 18:56:24 +0200
committerChristian Poessinger <christian@poessinger.com>2022-04-10 18:56:24 +0200
commit7d75e4a37727b882600114cd543f529ed1e92291 (patch)
treeb6164f18d042f45349c4b75a6771ec570a4fc4ef /data/templates/firewall
parent2dca0f04dc245ae3ec16f36c3c7843882849e25c (diff)
downloadvyos-1x-7d75e4a37727b882600114cd543f529ed1e92291.tar.gz
vyos-1x-7d75e4a37727b882600114cd543f529ed1e92291.zip
policy: route: T4333: migrate to new vyos_defined Jinja2 test
Diffstat (limited to 'data/templates/firewall')
-rw-r--r--data/templates/firewall/nftables-policy.tmpl18
1 files changed, 9 insertions, 9 deletions
diff --git a/data/templates/firewall/nftables-policy.tmpl b/data/templates/firewall/nftables-policy.tmpl
index 905ffcd09..d1b0fa56e 100644
--- a/data/templates/firewall/nftables-policy.tmpl
+++ b/data/templates/firewall/nftables-policy.tmpl
@@ -1,6 +1,6 @@
#!/usr/sbin/nft -f
-{% if cleanup_commands is defined %}
+{% if cleanup_commands is vyos_defined %}
{% for command in cleanup_commands %}
{{ command }}
{% endfor %}
@@ -9,7 +9,7 @@
include "/run/nftables_defines.conf"
table ip mangle {
-{% if first_install is defined %}
+{% if first_install is vyos_defined %}
chain VYOS_PBR_PREROUTING {
type filter hook prerouting priority -150; policy accept;
}
@@ -17,11 +17,11 @@ table ip mangle {
type filter hook postrouting priority -150; policy accept;
}
{% endif %}
-{% if route is defined and route is not none -%}
+{% if route is vyos_defined %}
{% for route_text, conf in route.items() %}
chain VYOS_PBR_{{ route_text }} {
-{% if conf.rule is defined %}
-{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not defined %}
+{% if conf.rule is vyos_defined %}
+{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not vyos_defined %}
{{ rule_conf | nft_rule(route_text, rule_id, 'ip') }}
{% endfor %}
{% endif %}
@@ -32,7 +32,7 @@ table ip mangle {
}
table ip6 mangle {
-{% if first_install is defined %}
+{% if first_install is vyos_defined %}
chain VYOS_PBR6_PREROUTING {
type filter hook prerouting priority -150; policy accept;
}
@@ -40,11 +40,11 @@ table ip6 mangle {
type filter hook postrouting priority -150; policy accept;
}
{% endif %}
-{% if route6 is defined and route6 is not none %}
+{% if route6 is vyos_defined %}
{% for route_text, conf in route6.items() %}
chain VYOS_PBR6_{{ route_text }} {
-{% if conf.rule is defined %}
-{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not defined %}
+{% if conf.rule is vyos_defined %}
+{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not vyos_defined %}
{{ rule_conf | nft_rule(route_text, rule_id, 'ip6') }}
{% endfor %}
{% endif %}