diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-09-26 11:41:15 +0000 |
|---|---|---|
| committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2022-09-26 11:41:15 +0000 |
| commit | 3f6b5b5cec7eed685ae11202197b760a46e02137 (patch) | |
| tree | ec7b1d986b1a4d5fd7458500f2efae1e317b1384 /python | |
| parent | 8f2f6303229814c03494369c51cedd31703406ec (diff) | |
| download | vyos-1x-3f6b5b5cec7eed685ae11202197b760a46e02137.tar.gz vyos-1x-3f6b5b5cec7eed685ae11202197b760a46e02137.zip | |
T4700: Firewall: add interface matching criteria
Diffstat (limited to 'python')
| -rw-r--r-- | python/vyos/firewall.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py index f9b7222fd..4075e55b0 100644 --- a/python/vyos/firewall.py +++ b/python/vyos/firewall.py @@ -248,6 +248,14 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name): value = rule_conf['hop_limit'][op] output.append(f'ip6 hoplimit {operator} {value}') + if 'inbound_interface' in rule_conf: + iiface = rule_conf['inbound_interface'] + output.append(f'iifname {iiface}') + + if 'outbound_interface' in rule_conf: + oiface = rule_conf['outbound_interface'] + output.append(f'oifname {oiface}') + if 'ttl' in rule_conf: operators = {'eq': '==', 'gt': '>', 'lt': '<'} for op, operator in operators.items(): |