From 78494fe6de5372939e05dd65b01acd3e786b5602 Mon Sep 17 00:00:00 2001
From: Viacheslav <v.gletenko@vyos.io>
Date: Fri, 31 Dec 2021 14:52:18 +0000
Subject: ipsec: T4126: Ability to set priorities for installed policy Add
 priority for policy based IPSec VPN tunnels If 2 tunnels have the same pair
 of local and remote traffic selectors (prefixes) it allows to set more
 preforable install policy from required peer The lowest priority is more
 preforable

---
 data/templates/ipsec/swanctl/peer.tmpl | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'data/templates/ipsec')

diff --git a/data/templates/ipsec/swanctl/peer.tmpl b/data/templates/ipsec/swanctl/peer.tmpl
index 1b221814e..c6b71f2a1 100644
--- a/data/templates/ipsec/swanctl/peer.tmpl
+++ b/data/templates/ipsec/swanctl/peer.tmpl
@@ -101,6 +101,9 @@
 {%           set remote_prefix = tunnel_conf.remote.prefix if 'any' not in tunnel_conf.remote.prefix else ['0.0.0.0/0', '::/0'] %}
                 remote_ts = {{ remote_prefix | join(remote_suffix + ",") }}{{ remote_suffix }}
 {%         endif %}
+{%         if tunnel_conf.priority is defined and tunnel_conf.priority is not none %}
+                priority = {{ tunnel_conf.priority }}
+{%         endif %}
 {%       elif tunnel_esp.mode == 'transport' %}
                 local_ts = {{ peer_conf.local_address }}{{ local_suffix }}
                 remote_ts = {{ peer }}{{ remote_suffix }}
-- 
cgit v1.2.3