From 9791258d7d5320d3a8bfa45d43b59fd35e8a2131 Mon Sep 17 00:00:00 2001 From: sarthurdev <965089+sarthurdev@users.noreply.github.com> Date: Fri, 10 Jun 2022 16:57:21 +0200 Subject: firewall: T478: Add support for nesting groups --- python/vyos/template.py | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'python') diff --git a/python/vyos/template.py b/python/vyos/template.py index ee82f8f8f..3feda47c8 100644 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -591,6 +591,39 @@ def nft_intra_zone_action(zone_conf, ipv6=False): return f'jump {name_prefix}{name}' return 'return' +@register_filter('nft_nested_group') +def nft_nested_group(out_list, includes, prefix): + if not vyos_defined(out_list): + out_list = [] + for name in includes: + out_list.append(f'${prefix}{name}') + return out_list + +@register_filter('sort_nested_groups') +def sort_nested_groups(groups): + seen = [] + out = {} + + def include_iterate(group_name): + group = groups[group_name] + if 'include' not in group: + if group_name not in out: + out[group_name] = groups[group_name] + return + + for inc_group_name in group['include']: + if inc_group_name not in seen: + seen.append(inc_group_name) + include_iterate(inc_group_name) + + if group_name not in out: + out[group_name] = groups[group_name] + + for group_name in groups: + include_iterate(group_name) + + return out.items() + @register_test('vyos_defined') def vyos_defined(value, test_value=None, var_type=None): """ -- cgit v1.2.3