From a30209ae0be3d0f1df37a30dbe73d10d3f3ec8cb Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 1 May 2022 18:39:53 +0200 Subject: conntrackd: T4353: fix Jinja2 linting errors --- data/templates/conntrackd/conntrackd.conf.j2 | 112 ++++++++++++++++++++++ data/templates/conntrackd/conntrackd.conf.tmpl | 112 ---------------------- data/templates/conntrackd/conntrackd.op-mode.j2 | 13 +++ data/templates/conntrackd/conntrackd.op-mode.tmpl | 13 --- 4 files changed, 125 insertions(+), 125 deletions(-) create mode 100644 data/templates/conntrackd/conntrackd.conf.j2 delete mode 100644 data/templates/conntrackd/conntrackd.conf.tmpl create mode 100644 data/templates/conntrackd/conntrackd.op-mode.j2 delete mode 100644 data/templates/conntrackd/conntrackd.op-mode.tmpl (limited to 'data') diff --git a/data/templates/conntrackd/conntrackd.conf.j2 b/data/templates/conntrackd/conntrackd.conf.j2 new file mode 100644 index 000000000..66024869d --- /dev/null +++ b/data/templates/conntrackd/conntrackd.conf.j2 @@ -0,0 +1,112 @@ +# autogenerated by conntrack_sync.py + +# Synchronizer settings +Sync { + Mode FTFW { + DisableExternalCache {{ 'on' if disable_external_cache is vyos_defined else 'off' }} + } +{% for iface, iface_config in interface.items() %} +{% if iface_config.peer is vyos_defined %} + UDP { +{% if listen_address is vyos_defined %} + IPv4_address {{ listen_address }} +{% endif %} + IPv4_Destination_Address {{ iface_config.peer }} + Port {{ iface_config.port if iface_config.port is vyos_defined else '3780' }} + Interface {{ iface }} + SndSocketBuffer {{ sync_queue_size | int *1024 *1024 }} + RcvSocketBuffer {{ sync_queue_size | int *1024 *1024 }} + Checksum on + } +{% else %} + Multicast { +{% set ip_address = iface | get_ipv4 %} + IPv4_address {{ mcast_group }} + Group {{ iface_config.port if iface_config.port is vyos_defined else '3780' }} + IPv4_interface {{ ip_address[0] | ip_from_cidr }} + Interface {{ iface }} + SndSocketBuffer {{ sync_queue_size | int *1024 *1024 }} + RcvSocketBuffer {{ sync_queue_size | int *1024 *1024 }} + Checksum on + } +{% endif %} +{% endfor %} +{% if expect_sync is vyos_defined %} + Options { +{% if 'all' in expect_sync %} + ExpectationSync on +{% else %} + ExpectationSync { +{% for protocol in expect_sync %} + {{ protocol }} +{% endfor %} + } +{% endif %} + } +{% endif %} +} +Helper { + Type rpc inet tcp { + QueueNum 3 + Policy rpc { + ExpectMax 1 + ExpectTimeout 300 + } + } + Type rpc inet udp { + QueueNum 4 + Policy rpc { + ExpectMax 1 + ExpectTimeout 300 + } + } + Type tns inet tcp { + QueueNum 5 + Policy tns { + ExpectMax 1 + ExpectTimeout 300 + } + } +} + +# General settings +General { + HashSize {{ hash_size }} + HashLimit {{ table_size | int *2 }} + LogFile off + Syslog on + LockFile /var/lock/conntrack.lock + UNIX { + Path /var/run/conntrackd.ctl + } + NetlinkBufferSize {{ 2 *1024 *1024 }} + NetlinkBufferSizeMaxGrowth {{ event_listen_queue_size | int *1024 *1024 }} + NetlinkOverrunResync off + NetlinkEventsReliable on +{% if ignore_address is vyos_defined or accept_protocol is vyos_defined %} + Filter From Userspace { +{% if ignore_address is vyos_defined %} + Address Ignore { +{% for address in ignore_address if address | is_ipv4 %} + IPv4_address {{ address }} +{% endfor %} +{% for address in ignore_address if address | is_ipv6 %} + IPv6_address {{ address }} +{% endfor %} + } +{% endif %} +{% if accept_protocol is vyos_defined %} + Protocol Accept { +{% for protocol in accept_protocol %} +{% if protocol == 'icmp6' %} + IPv6-ICMP +{% else %} + {{ protocol | upper }} +{% endif %} +{% endfor %} + } +{% endif %} + } +{% endif %} +} + diff --git a/data/templates/conntrackd/conntrackd.conf.tmpl b/data/templates/conntrackd/conntrackd.conf.tmpl deleted file mode 100644 index 80e7254a0..000000000 --- a/data/templates/conntrackd/conntrackd.conf.tmpl +++ /dev/null @@ -1,112 +0,0 @@ -# autogenerated by conntrack_sync.py - -# Synchronizer settings -Sync { - Mode FTFW { - DisableExternalCache {{ 'on' if disable_external_cache is vyos_defined else 'off' }} - } -{% for iface, iface_config in interface.items() %} -{% if iface_config.peer is vyos_defined %} - UDP { -{% if listen_address is vyos_defined %} - IPv4_address {{ listen_address }} -{% endif %} - IPv4_Destination_Address {{ iface_config.peer }} - Port {{ iface_config.port if iface_config.port is vyos_defined else '3780' }} - Interface {{ iface }} - SndSocketBuffer {{ sync_queue_size | int *1024 *1024 }} - RcvSocketBuffer {{ sync_queue_size | int *1024 *1024 }} - Checksum on - } -{% else %} - Multicast { -{% set ip_address = iface | get_ipv4 %} - IPv4_address {{ mcast_group }} - Group {{ iface_config.port if iface_config.port is vyos_defined else '3780' }} - IPv4_interface {{ ip_address[0] | ip_from_cidr }} - Interface {{ iface }} - SndSocketBuffer {{ sync_queue_size | int *1024 *1024 }} - RcvSocketBuffer {{ sync_queue_size | int *1024 *1024 }} - Checksum on - } -{% endif %} -{% endfor %} -{% if expect_sync is vyos_defined %} - Options { -{% if 'all' in expect_sync %} - ExpectationSync on -{% else %} - ExpectationSync { -{% for protocol in expect_sync %} - {{ protocol }} -{% endfor %} - } -{% endif %} - } -{% endif %} -} -Helper { - Type rpc inet tcp { - QueueNum 3 - Policy rpc { - ExpectMax 1 - ExpectTimeout 300 - } - } - Type rpc inet udp { - QueueNum 4 - Policy rpc { - ExpectMax 1 - ExpectTimeout 300 - } - } - Type tns inet tcp { - QueueNum 5 - Policy tns { - ExpectMax 1 - ExpectTimeout 300 - } - } -} - -# General settings -General { - HashSize {{ hash_size }} - HashLimit {{ table_size | int *2 }} - LogFile off - Syslog on - LockFile /var/lock/conntrack.lock - UNIX { - Path /var/run/conntrackd.ctl - } - NetlinkBufferSize {{ 2 *1024 *1024 }} - NetlinkBufferSizeMaxGrowth {{ event_listen_queue_size | int *1024 *1024 }} - NetlinkOverrunResync off - NetlinkEventsReliable on -{% if ignore_address is vyos_defined or accept_protocol is vyos_defined %} - Filter From Userspace { -{% if ignore_address is vyos_defined %} - Address Ignore { -{% for address in ignore_address if address | is_ipv4 %} - IPv4_address {{ address }} -{% endfor %} -{% for address in ignore_address if address | is_ipv6 %} - IPv6_address {{ address }} -{% endfor %} - } -{% endif %} -{% if accept_protocol is vyos_defined %} - Protocol Accept { -{% for protocol in accept_protocol %} -{% if protocol == 'icmp6' %} - IPv6-ICMP -{% else %} - {{ protocol | upper }} -{% endif %} -{% endfor %} - } -{% endif %} - } -{% endif %} -} - diff --git a/data/templates/conntrackd/conntrackd.op-mode.j2 b/data/templates/conntrackd/conntrackd.op-mode.j2 new file mode 100644 index 000000000..82f7e2859 --- /dev/null +++ b/data/templates/conntrackd/conntrackd.op-mode.j2 @@ -0,0 +1,13 @@ +Source Destination Protocol +{% for parsed in data if parsed.flow.meta is vyos_defined %} +{% for key in parsed.flow.meta %} +{% if key['@direction'] == 'original' %} +{% set saddr = key.layer3.src | bracketize_ipv6 %} +{% set sport = key.layer4.sport %} +{% set daddr = key.layer3.dst | bracketize_ipv6 %} +{% set dport = key.layer4.dport %} +{% set protocol = key.layer4['@protoname'] %} +{{ "%-48s" | format(saddr ~ ':' ~ sport) }} {{ "%-48s" | format(daddr ~ ':' ~ dport) }} {{ protocol }} +{% endif %} +{% endfor %} +{% endfor %} diff --git a/data/templates/conntrackd/conntrackd.op-mode.tmpl b/data/templates/conntrackd/conntrackd.op-mode.tmpl deleted file mode 100644 index c3f6911ce..000000000 --- a/data/templates/conntrackd/conntrackd.op-mode.tmpl +++ /dev/null @@ -1,13 +0,0 @@ -Source Destination Protocol -{% for parsed in data if parsed.flow.meta is vyos_defined %} -{% for key in parsed.flow.meta %} -{% if key['@direction'] == 'original' %} -{% set saddr = key.layer3.src | bracketize_ipv6 %} -{% set sport = key.layer4.sport %} -{% set daddr = key.layer3.dst | bracketize_ipv6 %} -{% set dport = key.layer4.dport %} -{% set protocol = key.layer4['@protoname'] %} -{{ "%-48s" | format(saddr ~ ':' ~ sport) }} {{ "%-48s" | format(daddr ~ ':' ~ dport) }} {{ protocol }} -{% endif %} -{% endfor %} -{% endfor %} -- cgit v1.2.3