blob: 7f04d797e9a63bdef3e7338ef679660cc8dfe5b7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
### Autogenerated by load-balancing_wan.py ###
{% if disable_source_nat is vyos_defined %}
disable-source-nat
{% endif %}
{% if enable_local_traffic is vyos_defined %}
enable-local-traffic
{% endif %}
{% if sticky_connections is vyos_defined %}
sticky-connections inbound
{% endif %}
{% if flush_connections is vyos_defined %}
flush-conntrack
{% endif %}
{% if hook is vyos_defined %}
hook "{{ hook }}"
{% endif %}
{% if interface_health is vyos_defined %}
health {
{% for interface, interface_config in interface_health.items() %}
interface {{ interface }} {
{% if interface_config.failure_count is vyos_defined %}
failure-ct {{ interface_config.failure_count }}
{% endif %}
{% if interface_config.success_count is vyos_defined %}
success-ct {{ interface_config.success_count }}
{% endif %}
{% if interface_config.nexthop is vyos_defined %}
nexthop {{ interface_config.nexthop }}
{% endif %}
{% if interface_config.test is vyos_defined %}
{% for test_rule, test_config in interface_config.test.items() %}
rule {{ test_rule }} {
{% if test_config.type is vyos_defined %}
{% set type_translate = {'ping': 'ping', 'ttl': 'udp', 'user-defined': 'user-defined'} %}
type {{ type_translate[test_config.type] }} {
{% if test_config.ttl_limit is vyos_defined and test_config.type == 'ttl' %}
ttl {{ test_config.ttl_limit }}
{% endif %}
{% if test_config.test_script is vyos_defined and test_config.type == 'user-defined' %}
test-script {{ test_config.test_script }}
{% endif %}
{% if test_config.target is vyos_defined %}
target {{ test_config.target }}
{% endif %}
resp-time {{ test_config.resp_time | int * 1000 }}
}
{% endif %}
}
{% endfor %}
{% endif %}
}
{% endfor %}
}
{% endif %}
{% if rule is vyos_defined %}
{% for rule, rule_config in rule.items() %}
rule {{ rule }} {
{% if rule_config.exclude is vyos_defined %}
exclude
{% endif %}
{% if rule_config.failover is vyos_defined %}
failover
{% endif %}
{% if rule_config.limit is vyos_defined %}
limit {
{% if rule_config.limit.burst is vyos_defined %}
burst {{ rule_config.limit.burst }}
{% endif %}
{% if rule_config.limit.rate is vyos_defined %}
rate {{ rule_config.limit.rate }}
{% endif %}
{% if rule_config.limit.period is vyos_defined %}
period {{ rule_config.limit.period }}
{% endif %}
{% if rule_config.limit.threshold is vyos_defined %}
thresh {{ rule_config.limit.threshold }}
{% endif %}
}
{% endif %}
{% if rule_config.per_packet_balancing is vyos_defined %}
per-packet-balancing
{% endif %}
{% if rule_config.protocol is vyos_defined %}
protocol {{ rule_config.protocol }}
{% endif %}
{% if rule_config.destination is vyos_defined %}
destination {
{% if rule_config.destination.address is vyos_defined %}
address "{{ rule_config.destination.address }}"
{% endif %}
{% if rule_config.destination.port is vyos_defined %}
{% if '-' in rule_config.destination.port %}
port-ipt "-m multiport --dports {{ rule_config.destination.port | replace('-', ':') }}"
{% elif ',' in rule_config.destination.port %}
port-ipt "-m multiport --dports {{ rule_config.destination.port }}"
{% else %}
port-ipt " --dport {{ rule_config.destination.port }}"
{% endif %}
{% endif %}
}
{% endif %}
{% if rule_config.source is vyos_defined %}
source {
{% if rule_config.source.address is vyos_defined %}
address "{{ rule_config.source.address }}"
{% endif %}
{% if rule_config.source.port is vyos_defined %}
{% if '-' in rule_config.source.port %}
port-ipt "-m multiport --sports {{ rule_config.source.port | replace('-', ':') }}"
{% elif ',' in rule_config.destination.port %}
port-ipt "-m multiport --sports {{ rule_config.source.port }}"
{% else %}
port.ipt " --sport {{ rule_config.source.port }}"
{% endif %}
{% endif %}
}
{% endif %}
{% if rule_config.inbound_interface is vyos_defined %}
inbound-interface {{ rule_config.inbound_interface }}
{% endif %}
{% if rule_config.interface is vyos_defined %}
{% for interface, interface_config in rule_config.interface.items() %}
interface {{ interface }} {
{% if interface_config.weight is vyos_defined %}
weight {{ interface_config.weight }}
{% endif %}
}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}
|