diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-02-03 08:27:13 +0100 | 
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-03 08:27:13 +0100 | 
| commit | 26774b890443d74f916858e6efd9189aa45f8cb4 (patch) | |
| tree | c28bfc28f12f6e6281676eca38553d4b339b80b5 /python | |
| parent | bf549b34e7daab7e843176bc1c8a8d03148f3840 (diff) | |
| parent | 9f7f1ebb15a2dce507693830517bc1c0c2b6815e (diff) | |
| download | vyos-1x-26774b890443d74f916858e6efd9189aa45f8cb4.tar.gz vyos-1x-26774b890443d74f916858e6efd9189aa45f8cb4.zip | |
Merge pull request #1201 from sarthurdev/T4178_2
firewall: T4178: Fix only inverse matching on tcp flags
Diffstat (limited to 'python')
| -rw-r--r-- | python/vyos/firewall.py | 2 | 
1 files changed, 1 insertions, 1 deletions
| diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py index a74fd922a..c1217b420 100644 --- a/python/vyos/firewall.py +++ b/python/vyos/firewall.py @@ -208,7 +208,7 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):  def parse_tcp_flags(flags):      include = [flag for flag in flags if flag != 'not']      exclude = list(flags['not']) if 'not' in flags else [] -    return f'tcp flags & ({"|".join(include + exclude)}) == {"|".join(include)}' +    return f'tcp flags & ({"|".join(include + exclude)}) == {"|".join(include) if include else "0x0"}'  def parse_time(time):      out = [] | 
