From f16525175deb69ae3b9193573550992b4d5fd951 Mon Sep 17 00:00:00 2001 From: sarthurdev <965089+sarthurdev@users.noreply.github.com> Date: Mon, 10 Jan 2022 23:14:28 +0100 Subject: firewall: policy: T4159: T4164: Fix empty firewall groups, create separate file for group definitions. --- src/conf_mode/firewall.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/conf_mode') diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index 0b4c0854f..06e6a1ed4 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -34,6 +34,7 @@ from vyos import airbag airbag.enable() nftables_conf = '/run/nftables.conf' +nftables_defines_conf = '/run/nftables_defines.conf' sysfs_config = { 'all_ping': {'sysfs': '/proc/sys/net/ipv4/icmp_echo_ignore_all', 'enable': '0', 'disable': '1'}, @@ -236,6 +237,7 @@ def generate(firewall): firewall['cleanup_commands'] = cleanup_commands(firewall) render(nftables_conf, 'firewall/nftables.tmpl', firewall) + render(nftables_defines_conf, 'firewall/nftables-defines.tmpl', firewall) return None def apply_sysfs(firewall): -- cgit v1.2.3