Merge pull request #4326 from Embezzle/T5493

firewall: T5493: Implement remote-group
author: Daniil Baturin <daniil@vyos.io> 2025-03-25 15:20:48 +0000
committer: GitHub <noreply@github.com> 2025-03-25 15:20:48 +0000
commit: 1c66841323ba1fa4f90d3ce3de6ef7cebc07ed97 (patch)
tree: 91c8431c6b5f238d9251177ff0ee1985ad29aef6 /data
parent: 3fee8ec30dce8f3987fe468d29109ed4e1bc492a (diff)
parent: 9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410 (diff)
download: vyos-1x-1c66841323ba1fa4f90d3ce3de6ef7cebc07ed97.tar.gz
vyos-1x-1c66841323ba1fa4f90d3ce3de6ef7cebc07ed97.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/data/templates/firewall/nftables-defines.j2 b/data/templates/firewall/nftables-defines.j2
index fa6cd74c0..3147b4c37 100644
--- a/data/templates/firewall/nftables-defines.j2
+++ b/data/templates/firewall/nftables-defines.j2
@@ -35,6 +35,15 @@
     }
 {%         endfor %}
 {%     endif %}
+{%     if group.remote_group is vyos_defined and is_l3 and not is_ipv6 %}
+{%         for name, name_config in group.remote_group.items() %}
+    set R_{{ name }} {
+        type {{ ip_type }}
+        flags interval
+        auto-merge
+    }
+{%         endfor %}
+{%     endif %}
 {%     if group.mac_group is vyos_defined %}
 {%         for group_name, group_conf in group.mac_group.items() %}
 {%             set includes = group_conf.include if group_conf.include is vyos_defined else [] %}
author	Daniil Baturin <daniil@vyos.io>	2025-03-25 15:20:48 +0000
committer	GitHub <noreply@github.com>	2025-03-25 15:20:48 +0000
commit	1c66841323ba1fa4f90d3ce3de6ef7cebc07ed97 (patch)
tree	91c8431c6b5f238d9251177ff0ee1985ad29aef6 /data
parent	3fee8ec30dce8f3987fe468d29109ed4e1bc492a (diff)
parent	9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410 (diff)
download	vyos-1x-1c66841323ba1fa4f90d3ce3de6ef7cebc07ed97.tar.gz vyos-1x-1c66841323ba1fa4f90d3ce3de6ef7cebc07ed97.zip