From 37a08888d103556326ecd13e4738301ac901c861 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 13 May 2022 18:43:07 +0200 Subject: sshguard: T4408: rename whitelist-address -> allow-from We do not only allow individual host addresses but also prefixes. --- data/templates/ssh/sshguard_whitelist.j2 | 4 ++-- interface-definitions/ssh.xml.in | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/data/templates/ssh/sshguard_whitelist.j2 b/data/templates/ssh/sshguard_whitelist.j2 index 1e05ac00f..47a950a2b 100644 --- a/data/templates/ssh/sshguard_whitelist.j2 +++ b/data/templates/ssh/sshguard_whitelist.j2 @@ -1,7 +1,7 @@ ### Autogenerated by ssh.py ### -{% if dynamic_protection is vyos_defined and dynamic_protection.whitelist_address is vyos_defined %} -{% for address in dynamic_protection.whitelist_address %} +{% if dynamic_protection.allow_from is vyos_defined %} +{% for address in dynamic_protection.allow_from %} {{ address }} {% endfor %} {% endif %} diff --git a/interface-definitions/ssh.xml.in b/interface-definitions/ssh.xml.in index 7e2512f54..126183162 100644 --- a/interface-definitions/ssh.xml.in +++ b/interface-definitions/ssh.xml.in @@ -105,9 +105,9 @@ 30 - + - Source address or prefix + Always allow inbound connections from these systems ipv4 Address to match against -- cgit v1.2.3