diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-04-10 18:56:24 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-04-10 18:56:24 +0200 |
commit | 7d75e4a37727b882600114cd543f529ed1e92291 (patch) | |
tree | b6164f18d042f45349c4b75a6771ec570a4fc4ef /data/templates/firewall | |
parent | 2dca0f04dc245ae3ec16f36c3c7843882849e25c (diff) | |
download | vyos-1x-7d75e4a37727b882600114cd543f529ed1e92291.tar.gz vyos-1x-7d75e4a37727b882600114cd543f529ed1e92291.zip |
policy: route: T4333: migrate to new vyos_defined Jinja2 test
Diffstat (limited to 'data/templates/firewall')
-rw-r--r-- | data/templates/firewall/nftables-policy.tmpl | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/data/templates/firewall/nftables-policy.tmpl b/data/templates/firewall/nftables-policy.tmpl index 905ffcd09..d1b0fa56e 100644 --- a/data/templates/firewall/nftables-policy.tmpl +++ b/data/templates/firewall/nftables-policy.tmpl @@ -1,6 +1,6 @@ #!/usr/sbin/nft -f -{% if cleanup_commands is defined %} +{% if cleanup_commands is vyos_defined %} {% for command in cleanup_commands %} {{ command }} {% endfor %} @@ -9,7 +9,7 @@ include "/run/nftables_defines.conf" table ip mangle { -{% if first_install is defined %} +{% if first_install is vyos_defined %} chain VYOS_PBR_PREROUTING { type filter hook prerouting priority -150; policy accept; } @@ -17,11 +17,11 @@ table ip mangle { type filter hook postrouting priority -150; policy accept; } {% endif %} -{% if route is defined and route is not none -%} +{% if route is vyos_defined %} {% for route_text, conf in route.items() %} chain VYOS_PBR_{{ route_text }} { -{% if conf.rule is defined %} -{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not defined %} +{% if conf.rule is vyos_defined %} +{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not vyos_defined %} {{ rule_conf | nft_rule(route_text, rule_id, 'ip') }} {% endfor %} {% endif %} @@ -32,7 +32,7 @@ table ip mangle { } table ip6 mangle { -{% if first_install is defined %} +{% if first_install is vyos_defined %} chain VYOS_PBR6_PREROUTING { type filter hook prerouting priority -150; policy accept; } @@ -40,11 +40,11 @@ table ip6 mangle { type filter hook postrouting priority -150; policy accept; } {% endif %} -{% if route6 is defined and route6 is not none %} +{% if route6 is vyos_defined %} {% for route_text, conf in route6.items() %} chain VYOS_PBR6_{{ route_text }} { -{% if conf.rule is defined %} -{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not defined %} +{% if conf.rule is vyos_defined %} +{% for rule_id, rule_conf in conf.rule.items() if rule_conf.disable is not vyos_defined %} {{ rule_conf | nft_rule(route_text, rule_id, 'ip6') }} {% endfor %} {% endif %} |