diff options
| -rw-r--r-- | interface-definitions/firewall.xml.in | 2 | ||||
| -rwxr-xr-x | src/conf_mode/firewall.py | 5 |
2 files changed, 4 insertions, 3 deletions
diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index 63095bc20..3250794d3 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -117,7 +117,7 @@ <description>Domain address to match</description> </valueHelp> <constraint> - <regex>[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}?(\/.*)?</regex> + <regex>[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,99}?(\/.*)?</regex> </constraint> <multi/> </properties> diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index 335098bf1..fbe0a3a13 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -423,8 +423,9 @@ def apply(firewall): call('systemctl restart vyos-domain-group-resolve.service') for group, group_config in firewall['group']['domain_group'].items(): domains = [] - for address in group_config['address']: - domains.append(address) + if group_config.get('address') is not None: + for address in group_config.get('address'): + domains.append(address) # Add elements to domain-group, try to resolve domain => ip # and add elements to nft set ip_dict = get_ips_domains_dict(domains) |