firewall: T970: Use set prefix to domain groups

author: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-06-14 16:19:55 +0200
committer: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2022-06-14 22:57:52 +0200
commit: 7e59b2a3f31edd4793264876d87af725771a222d (patch)
tree: 5f400fd788bd04a5e0bde9c98b04a436fe998de2 /src/conf_mode/firewall.py
parent: 34db435e7a74ee8509777802e03927de2dd57627 (diff)
download: vyos-1x-7e59b2a3f31edd4793264876d87af725771a222d.tar.gz
vyos-1x-7e59b2a3f31edd4793264876d87af725771a222d.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py
index 78dffe9dd..07eca722f 100755
--- a/src/conf_mode/firewall.py
+++ b/src/conf_mode/firewall.py
@@ -100,6 +100,7 @@ nested_group_types = [
 group_set_prefix = {
     'A_': 'address_group',
     'A6_': 'ipv6_address_group',
+    'D_': 'domain_group',
     'M_': 'mac_group',
     'N_': 'network_group',
     'N6_': 'ipv6_network_group',
@@ -535,8 +536,8 @@ def apply(firewall):
                 # and add elements to nft set
                 ip_dict = get_ips_domains_dict(domains)
                 elements = sum(ip_dict.values(), [])
-                nft_init_set(group)
-                nft_add_set_elements(group, elements)
+                nft_init_set(f'D_{group}')
+                nft_add_set_elements(f'D_{group}', elements)
         else:
             call('systemctl stop vyos-domain-group-resolve.service')
author	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-06-14 16:19:55 +0200
committer	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2022-06-14 22:57:52 +0200
commit	7e59b2a3f31edd4793264876d87af725771a222d (patch)
tree	5f400fd788bd04a5e0bde9c98b04a436fe998de2 /src/conf_mode/firewall.py
parent	34db435e7a74ee8509777802e03927de2dd57627 (diff)
download	vyos-1x-7e59b2a3f31edd4793264876d87af725771a222d.tar.gz vyos-1x-7e59b2a3f31edd4793264876d87af725771a222d.zip