summaryrefslogtreecommitdiff
path: root/python
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-06-10 21:28:41 +0200
committerGitHub <noreply@github.com>2022-06-10 21:28:41 +0200
commitfe18efba34c5d95d3052c9e6fda69668bbfe63f3 (patch)
tree10975bc70e44fb839a46813286ecf5d2c11c2973 /python
parent2f4031c810a297c8ef81b0dc79242ef584b48662 (diff)
parent9791258d7d5320d3a8bfa45d43b59fd35e8a2131 (diff)
downloadvyos-1x-fe18efba34c5d95d3052c9e6fda69668bbfe63f3.tar.gz
vyos-1x-fe18efba34c5d95d3052c9e6fda69668bbfe63f3.zip
Merge pull request #1356 from sarthurdev/nested_groups
firewall: T478: Add support for nesting groups
Diffstat (limited to 'python')
-rw-r--r--python/vyos/template.py33
1 files changed, 33 insertions, 0 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py
index ee82f8f8f..3feda47c8 100644
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -591,6 +591,39 @@ def nft_intra_zone_action(zone_conf, ipv6=False):
return f'jump {name_prefix}{name}'
return 'return'
+@register_filter('nft_nested_group')
+def nft_nested_group(out_list, includes, prefix):
+ if not vyos_defined(out_list):
+ out_list = []
+ for name in includes:
+ out_list.append(f'${prefix}{name}')
+ return out_list
+
+@register_filter('sort_nested_groups')
+def sort_nested_groups(groups):
+ seen = []
+ out = {}
+
+ def include_iterate(group_name):
+ group = groups[group_name]
+ if 'include' not in group:
+ if group_name not in out:
+ out[group_name] = groups[group_name]
+ return
+
+ for inc_group_name in group['include']:
+ if inc_group_name not in seen:
+ seen.append(inc_group_name)
+ include_iterate(inc_group_name)
+
+ if group_name not in out:
+ out[group_name] = groups[group_name]
+
+ for group_name in groups:
+ include_iterate(group_name)
+
+ return out.items()
+
@register_test('vyos_defined')
def vyos_defined(value, test_value=None, var_type=None):
"""