diff options
author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-07-05 19:52:01 +0200 |
---|---|---|
committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-07-05 20:05:40 +0200 |
commit | f29dbc415a8b8153cfe0046dfea64f14c6182d8a (patch) | |
tree | f61d3e8ed99ef539d1915eb17b9cfe189ce6e681 /data/templates/zone_policy/nftables.j2 | |
parent | 373aacd2375f35400a351345b2fa849efdae0543 (diff) | |
download | vyos-1x-f29dbc415a8b8153cfe0046dfea64f14c6182d8a.tar.gz vyos-1x-f29dbc415a8b8153cfe0046dfea64f14c6182d8a.zip |
zone-policy: T4512: Add support for `enable-default-log`
Diffstat (limited to 'data/templates/zone_policy/nftables.j2')
-rw-r--r-- | data/templates/zone_policy/nftables.j2 | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/data/templates/zone_policy/nftables.j2 b/data/templates/zone_policy/nftables.j2 index e4c4dd7da..fe941f9f8 100644 --- a/data/templates/zone_policy/nftables.j2 +++ b/data/templates/zone_policy/nftables.j2 @@ -16,7 +16,7 @@ table ip filter { iifname { {{ zone[from_zone].interface | join(",") }} } counter jump NAME_{{ from_conf.firewall.name }} iifname { {{ zone[from_zone].interface | join(",") }} } counter return {% endfor %} - counter {{ zone_conf.default_action }} + {{ zone_conf | nft_default_rule('zone_' + zone_name) }} } chain VZONE_{{ zone_name }}_OUT { oifname lo counter return @@ -24,7 +24,7 @@ table ip filter { oifname { {{ zone[from_zone].interface | join(",") }} } counter jump NAME_{{ from_conf.firewall.name }} oifname { {{ zone[from_zone].interface | join(",") }} } counter return {% endfor %} - counter {{ zone_conf.default_action }} + {{ zone_conf | nft_default_rule('zone_' + zone_name) }} } {% else %} chain VZONE_{{ zone_name }} { @@ -38,7 +38,7 @@ table ip filter { iifname { {{ zone[from_zone].interface | join(",") }} } counter return {% endif %} {% endfor %} - counter {{ zone_conf.default_action }} + {{ zone_conf | nft_default_rule('zone_' + zone_name) }} } {% endif %} {% endfor %} @@ -53,7 +53,7 @@ table ip6 filter { iifname { {{ zone[from_zone].interface | join(",") }} } counter jump NAME6_{{ from_conf.firewall.ipv6_name }} iifname { {{ zone[from_zone].interface | join(",") }} } counter return {% endfor %} - counter {{ zone_conf.default_action }} + {{ zone_conf | nft_default_rule('zone6_' + zone_name) }} } chain VZONE6_{{ zone_name }}_OUT { oifname lo counter return @@ -61,7 +61,7 @@ table ip6 filter { oifname { {{ zone[from_zone].interface | join(",") }} } counter jump NAME6_{{ from_conf.firewall.ipv6_name }} oifname { {{ zone[from_zone].interface | join(",") }} } counter return {% endfor %} - counter {{ zone_conf.default_action }} + {{ zone_conf | nft_default_rule('zone6_' + zone_name) }} } {% else %} chain VZONE6_{{ zone_name }} { @@ -75,7 +75,7 @@ table ip6 filter { iifname { {{ zone[from_zone].interface | join(",") }} } counter return {% endif %} {% endfor %} - counter {{ zone_conf.default_action }} + {{ zone_conf | nft_default_rule('zone6_' + zone_name) }} } {% endif %} {% endfor %} |