From 3f6b5b5cec7eed685ae11202197b760a46e02137 Mon Sep 17 00:00:00 2001
From: Nicolas Fort <nicolasfort1988@gmail.com>
Date: Mon, 26 Sep 2022 11:41:15 +0000
Subject: T4700: Firewall: add interface matching criteria

---
 python/vyos/firewall.py | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'python')

diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index f9b7222fd..4075e55b0 100644
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -248,6 +248,14 @@ def parse_rule(rule_conf, fw_name, rule_id, ip_name):
                 value = rule_conf['hop_limit'][op]
                 output.append(f'ip6 hoplimit {operator} {value}')
 
+    if 'inbound_interface' in rule_conf:
+        iiface = rule_conf['inbound_interface']
+        output.append(f'iifname {iiface}')
+
+    if 'outbound_interface' in rule_conf:
+        oiface = rule_conf['outbound_interface']
+        output.append(f'oifname {oiface}')
+
     if 'ttl' in rule_conf:
         operators = {'eq': '==', 'gt': '>', 'lt': '<'}
         for op, operator in operators.items():
-- 
cgit v1.2.3