summaryrefslogtreecommitdiff
path: root/data/templates
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2022-08-31 18:32:05 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-09-01 10:43:01 +0000
commit90d8219c8e9c9148ab9205f5cbf7ba583d9ef7e6 (patch)
treef18a8246bdc80568897fdb0d674afbf8d42007f9 /data/templates
parent69f79beee2070906b68f2b910296c362e7216278 (diff)
downloadvyos-1x-90d8219c8e9c9148ab9205f5cbf7ba583d9ef7e6.tar.gz
vyos-1x-90d8219c8e9c9148ab9205f5cbf7ba583d9ef7e6.zip
policy-route: T4655: Remove default_action from template
Remove `default_action` from template "nftables-policy" as XML policy route does not use it Set default action 'accept' for policy route, as default action 'drop' must be used only for firewall and not related to the policy route
Diffstat (limited to 'data/templates')
-rw-r--r--data/templates/firewall/nftables-policy.j22
1 files changed, 0 insertions, 2 deletions
diff --git a/data/templates/firewall/nftables-policy.j2 b/data/templates/firewall/nftables-policy.j2
index 281525407..40118930b 100644
--- a/data/templates/firewall/nftables-policy.j2
+++ b/data/templates/firewall/nftables-policy.j2
@@ -25,7 +25,6 @@ table ip mangle {
{{ rule_conf | nft_rule(route_text, rule_id, 'ip') }}
{% endfor %}
{% endif %}
- {{ conf | nft_default_rule(route_text) }}
}
{% endfor %}
{% endif %}
@@ -50,7 +49,6 @@ table ip6 mangle {
{{ rule_conf | nft_rule(route_text, rule_id, 'ip6') }}
{% endfor %}
{% endif %}
- {{ conf | nft_default_rule(route_text) }}
}
{% endfor %}
{% endif %}