diff options
| -rw-r--r-- | .github/labeler.yml | 12 | ||||
| -rw-r--r-- | .github/workflows/pull-request-labels.yml | 17 | ||||
| -rwxr-xr-x | src/conf_mode/container.py | 14 | ||||
| -rwxr-xr-x | src/conf_mode/firewall.py | 5 |
4 files changed, 41 insertions, 7 deletions
diff --git a/.github/labeler.yml b/.github/labeler.yml new file mode 100644 index 000000000..e0b9ee430 --- /dev/null +++ b/.github/labeler.yml @@ -0,0 +1,12 @@ +equuleus: + - any: + - base-branch: 'equuleus' +current: + - any: + - base-branch: 'current' +crux: + - any: + - base-branch: 'crux' +sagitta: + - any: + - base-branch: 'sagitta' diff --git a/.github/workflows/pull-request-labels.yml b/.github/workflows/pull-request-labels.yml new file mode 100644 index 000000000..629a54a49 --- /dev/null +++ b/.github/workflows/pull-request-labels.yml @@ -0,0 +1,17 @@ +--- +name: Add pull request labels + +on: + pull_request: + branches: + - current + - crux + - equuleus + - sagitta + +jobs: + add-pr-label: + name: Add PR Labels + runs-on: ubuntu-20.04 + steps: + - uses: actions/labeler@v5.0.0-alpha.1 diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py index 754742c37..79b605ffb 100755 --- a/src/conf_mode/container.py +++ b/src/conf_mode/container.py @@ -283,13 +283,13 @@ def generate_run_arguments(name, container_config): dport = container_config['port'][portmap]['destination'] listen_addresses = container_config['port'][portmap].get('listen_address', []) - # If listen_addresses is not empty, include them in the publish command - if listen_addresses: - for listen_address in listen_addresses: - port += f' --publish {bracketize_ipv6(listen_address)}:{sport}:{dport}/{protocol}' - else: - # If listen_addresses is empty, just include the standard publish command - port += f' --publish {sport}:{dport}/{protocol}' + # If listen_addresses is not empty, include them in the publish command + if listen_addresses: + for listen_address in listen_addresses: + port += f' --publish {bracketize_ipv6(listen_address)}:{sport}:{dport}/{protocol}' + else: + # If listen_addresses is empty, just include the standard publish command + port += f' --publish {sport}:{dport}/{protocol}' # Bind volume volume = '' diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index 62116358e..c86d1b555 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -258,6 +258,11 @@ def verify_rule(firewall, rule_conf, ipv6): if 'queue_threshold' in rule_conf['log_options'] and 'group' not in rule_conf['log_options']: raise ConfigError('log-options queue-threshold defined, but log group is not define') + for direction in ['inbound_interface','outbound_interface']: + if direction in rule_conf: + if 'interface_name' in rule_conf[direction] and 'interface_group' in rule_conf[direction]: + raise ConfigError(f'Cannot specify both interface-group and interface-name for {direction}') + def verify_nested_group(group_name, group, groups, seen): if 'include' not in group: return |