diff options
author | Christian Breunig <christian@breunig.cc> | 2023-11-22 13:24:04 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-22 13:24:04 +0100 |
commit | 8f853daa22fe2f822dae0574bf0bb35607d460a8 (patch) | |
tree | 592e6be8a7b22152f45284c217d12310f7f1234c /src/op_mode | |
parent | 9a5785c698d5a2819a4c51dfe3536ff83106a0c8 (diff) | |
parent | c45b695ca068f018910eb7513e01657adb7abbbe (diff) | |
download | vyos-1x-8f853daa22fe2f822dae0574bf0bb35607d460a8.tar.gz vyos-1x-8f853daa22fe2f822dae0574bf0bb35607d460a8.zip |
Merge pull request #2528 from nicolas-fort/T5637-Extend-bridge
T5637: firewall: extend rule for default-action to firewall bridge
Diffstat (limited to 'src/op_mode')
-rwxr-xr-x | src/op_mode/firewall.py | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py index 20f54b9ba..36bb013fe 100755 --- a/src/op_mode/firewall.py +++ b/src/op_mode/firewall.py @@ -113,19 +113,14 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N if hook in ['input', 'forward', 'output']: def_action = firewall_conf['default_action'] if 'default_action' in firewall_conf else 'accept' - row = ['default', def_action, 'all'] - rule_details = details['default-action'] - row.append(rule_details.get('packets', 0)) - row.append(rule_details.get('bytes', 0)) - rows.append(row) + else: + def_action = firewall_conf['default_action'] if 'default_action' in firewall_conf else 'drop' + row = ['default', def_action, 'all'] + rule_details = details['default-action'] + row.append(rule_details.get('packets', 0)) + row.append(rule_details.get('bytes', 0)) - elif 'default_action' in firewall_conf and not single_rule_id: - row = ['default', firewall_conf['default_action'], 'all'] - if 'default-action' in details: - rule_details = details['default-action'] - row.append(rule_details.get('packets', 0)) - row.append(rule_details.get('bytes', 0)) - rows.append(row) + rows.append(row) if rows: header = ['Rule', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions'] @@ -314,7 +309,7 @@ def show_firewall_group(name=None): family = ['ipv6'] group_type = 'network_group' else: - family = ['ipv4', 'ipv6'] + family = ['ipv4', 'ipv6', 'bridge'] for item in family: # Look references in firewall |