summaryrefslogtreecommitdiff
path: root/data/templates/firewall
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/firewall')
-rw-r--r--data/templates/firewall/nftables-zone.j215
-rw-r--r--data/templates/firewall/nftables.j212
2 files changed, 3 insertions, 24 deletions
diff --git a/data/templates/firewall/nftables-zone.j2 b/data/templates/firewall/nftables-zone.j2
index 298e6750e..506ad815e 100644
--- a/data/templates/firewall/nftables-zone.j2
+++ b/data/templates/firewall/nftables-zone.j2
@@ -1,19 +1,6 @@
-<<<<<<< HEAD
-{% macro zone_chains(zone, ipv6=False) %}
+{% macro zone_chains(zone, ipv6=False, state_policy=False) %}
{% set fw_name = 'ipv6_name' if ipv6 else 'name' %}
{% set suffix = '6' if ipv6 else '' %}
-=======
-
-{% macro zone_chains(zone, family, state_policy=False) %}
-{% if family == 'ipv6' %}
-{% set fw_name = 'ipv6_name' %}
-{% set suffix = '6' %}
-{% else %}
-{% set fw_name = 'name' %}
-{% set suffix = '' %}
-{% endif %}
-
->>>>>>> 64ee13cf9 (T5775: firewall: re-add state-policy to firewall. These commands are now included in <set firewall global-options state-policy> node.)
chain VYOS_ZONE_FORWARD {
type filter hook forward priority 1; policy accept;
{% if state_policy %}
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2
index 133835d54..3f7906628 100644
--- a/data/templates/firewall/nftables.j2
+++ b/data/templates/firewall/nftables.j2
@@ -167,10 +167,7 @@ table ip vyos_filter {
{{ group_tmpl.groups(group, False, True) }}
{% if zone is vyos_defined %}
-<<<<<<< HEAD
-{{ zone_tmpl.zone_chains(zone, False) }}
-=======
-{{ zone_tmpl.zone_chains(zone, 'ipv4', global_options.state_policy is vyos_defined) }}
+{{ zone_tmpl.zone_chains(zone, False, global_options.state_policy is vyos_defined) }}
{% endif %}
{% if global_options.state_policy is vyos_defined %}
chain VYOS_STATE_POLICY {
@@ -185,7 +182,6 @@ table ip vyos_filter {
{% endif %}
return
}
->>>>>>> 64ee13cf9 (T5775: firewall: re-add state-policy to firewall. These commands are now included in <set firewall global-options state-policy> node.)
{% endif %}
}
@@ -307,10 +303,7 @@ table ip6 vyos_filter {
{{ group_tmpl.groups(group, True, True) }}
{% if zone is vyos_defined %}
-<<<<<<< HEAD
-{{ zone_tmpl.zone_chains(zone, True) }}
-=======
-{{ zone_tmpl.zone_chains(zone, 'ipv6', global_options.state_policy is vyos_defined) }}
+{{ zone_tmpl.zone_chains(zone, True, global_options.state_policy is vyos_defined) }}
{% endif %}
{% if global_options.state_policy is vyos_defined %}
chain VYOS_STATE_POLICY6 {
@@ -325,7 +318,6 @@ table ip6 vyos_filter {
{% endif %}
return
}
->>>>>>> 64ee13cf9 (T5775: firewall: re-add state-policy to firewall. These commands are now included in <set firewall global-options state-policy> node.)
{% endif %}
}