diff options
| author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-01-10 23:14:28 +0100 |
|---|---|---|
| committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2022-01-11 11:57:56 +0100 |
| commit | f16525175deb69ae3b9193573550992b4d5fd951 (patch) | |
| tree | 010ade04115b7ff1fe1875093dd70d438303371d /src/conf_mode/firewall.py | |
| parent | d5775339f9d1ee33c04f5d923684cd254b400364 (diff) | |
| download | vyos-1x-f16525175deb69ae3b9193573550992b4d5fd951.tar.gz vyos-1x-f16525175deb69ae3b9193573550992b4d5fd951.zip | |
firewall: policy: T4159: T4164: Fix empty firewall groups, create separate file for group definitions.
Diffstat (limited to 'src/conf_mode/firewall.py')
| -rwxr-xr-x | src/conf_mode/firewall.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index 0b4c0854f..06e6a1ed4 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -34,6 +34,7 @@ from vyos import airbag airbag.enable() nftables_conf = '/run/nftables.conf' +nftables_defines_conf = '/run/nftables_defines.conf' sysfs_config = { 'all_ping': {'sysfs': '/proc/sys/net/ipv4/icmp_echo_ignore_all', 'enable': '0', 'disable': '1'}, @@ -236,6 +237,7 @@ def generate(firewall): firewall['cleanup_commands'] = cleanup_commands(firewall) render(nftables_conf, 'firewall/nftables.tmpl', firewall) + render(nftables_defines_conf, 'firewall/nftables-defines.tmpl', firewall) return None def apply_sysfs(firewall): |