Merge pull request #4483 from markh0338/remote-group-v6HEAD current

T7386: firewall: Allow IPv6 member in firewall remote-groups
author: Christian Breunig <christian@breunig.cc> 2025-05-12 20:48:58 +0200
committer: GitHub <noreply@github.com> 2025-05-12 20:48:58 +0200
commit: 9e0b04bc690d82d959b0e2b65ef32b72aaf828c4 (patch)
tree: f5c5253b4cd9c402fe1533d9631c12c2b2b3509c /src/op_mode/firewall.py
parent: 324bc83fc4ce2050ff33b164b392219923d6ec5d (diff)
parent: 2c30c8a504a197502366e38053cf485494767c17 (diff)
download: vyos-1x-9e0b04bc690d82d959b0e2b65ef32b72aaf828c4.tar.gz
vyos-1x-9e0b04bc690d82d959b0e2b65ef32b72aaf828c4.zip
1 files changed, 17 insertions, 4 deletions
diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py
index ac47e3273..f3309ee34 100755
--- a/src/op_mode/firewall.py
+++ b/src/op_mode/firewall.py
@@ -18,6 +18,7 @@ import argparse
 import ipaddress
 import json
 import re
+from signal import signal, SIGPIPE, SIG_DFL
 import tabulate
 import textwrap
 
@@ -25,6 +26,9 @@ from vyos.config import Config
 from vyos.utils.process import cmd
 from vyos.utils.dict import dict_search_args
 
+signal(SIGPIPE, SIG_DFL)
+
+
 def get_config_node(conf, node=None, family=None, hook=None, priority=None):
     if node == 'nat':
         if family == 'ipv6':
@@ -648,12 +652,14 @@ def show_firewall_group(name=None):
                 references = find_references(group_type, remote_name)
                 row = [remote_name, textwrap.fill(remote_conf.get('description') or '', 50), group_type, '\n'.join(references) or 'N/D']
                 members = get_nftables_remote_group_members("ipv4", 'vyos_filter', f'R_{remote_name}')
+                members6 = get_nftables_remote_group_members("ipv6", 'vyos_filter', f'R6_{remote_name}')
 
                 if 'url' in remote_conf:
                     # display only the url if no members are found for both views
-                    if not members:
+                    if not members and not members6:
                         if args.detail:
-                            header_tail = ['Remote URL']
+                            header_tail = ['IPv6 Members', 'Remote URL']
+                            row.append('N/D')
                             row.append('N/D')
                             row.append(remote_conf['url'])
                         else:
@@ -662,8 +668,15 @@ def show_firewall_group(name=None):
                     else:
                         # display all table elements in detail view
                         if args.detail:
-                            header_tail = ['Remote URL']
-                            row += [' '.join(members)]
+                            header_tail = ['IPv6 Members', 'Remote URL']
+                            if members:
+                                row.append(' '.join(members))
+                            else:
+                                row.append('N/D')
+                            if members6:
+                                row.append(' '.join(members6))
+                            else:
+                                row.append('N/D')
                             row.append(remote_conf['url'])
                             rows.append(row)
                         else:
author	Christian Breunig <christian@breunig.cc>	2025-05-12 20:48:58 +0200
committer	GitHub <noreply@github.com>	2025-05-12 20:48:58 +0200
commit	9e0b04bc690d82d959b0e2b65ef32b72aaf828c4 (patch)
tree	f5c5253b4cd9c402fe1533d9631c12c2b2b3509c /src/op_mode/firewall.py
parent	324bc83fc4ce2050ff33b164b392219923d6ec5d (diff)
parent	2c30c8a504a197502366e38053cf485494767c17 (diff)
download	vyos-1x-9e0b04bc690d82d959b0e2b65ef32b72aaf828c4.tar.gz vyos-1x-9e0b04bc690d82d959b0e2b65ef32b72aaf828c4.zip