From 3a5cf74b06cef960e9a701172618c2c366591255 Mon Sep 17 00:00:00 2001
From: Nicolas Fort <nicolasfort1988@gmail.com>
Date: Fri, 8 Apr 2022 14:55:01 +0000
Subject: Firewall: T990: Add snat and dnat connection status on firewall

---
 python/vyos/firewall.py | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'python')

diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index ff8623592..5e11e4332 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -49,6 +49,12 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
         if states:
             output.append(f'ct state {{{states}}}')
 
+    if 'ct_status' in rule_conf and rule_conf['ct_status']:
+        status = ",".join([s for s, v in rule_conf['ct_status'].items() if v == 'enable'])
+
+        if status:
+            output.append(f'ct status {{{status}}}')
+
     if 'protocol' in rule_conf and rule_conf['protocol'] != 'all':
         proto = rule_conf['protocol']
         operator = ''
-- 
cgit v1.2.3