for (let ifc in ifaces.interface) {
let net = {
up: ifc.up,
- device: ifc.l3_device,
+ device: ifc.l3_device ?? ifc.device,
physdev: ifc.device,
zone: ifc.data?.zone
};
...rulespec,
name: (rulespec.type != 'ipset') ? `ubus:${ifc.interface}[${ifc.proto}] ${rulespec.type || 'rule'} ${n}` : rulespec.name,
- device: rulespec.device || ifc.l3_device
+ device: rulespec.device ?? ifc.l3_device ?? ifc.device
});
n++;
if (this.default_option("auto_includes")) {
for (let position in [ 'ruleset-pre', 'ruleset-post', 'table-pre', 'table-post', 'chain-pre', 'chain-post' ])
for (let chain in (position in [ 'chain-pre', 'chain-post' ]) ? fs.lsdir(`/usr/share/nftables.d/${position}`) : [ null ])
- for (let path in fs.glob(`/usr/share/nftables.d/${position}/${chain ?? ''}/*.nft`))
+ for (let path in fs.glob(`/usr/share/nftables.d/${position}${chain ? `/${chain}` : ''}/*.nft`))
if (fs.access(path))
this.parse_include({ type: 'nftables', position, chain, path });
}
switch (this.parse_bool(rule.log)) {
case true:
- rule.log = rule.name;
+ rule.log = `${rule.name}: `;
break;
case false:
switch (this.parse_bool(redir.log)) {
case true:
- redir.log = redir.name;
+ redir.log = `${redir.name}: `;
break;
case false:
mark: [ "mark" ],
+ counter: [ "bool", "1" ],
+ log: [ "string" ],
+
target: [ "target", "masquerade" ]
});
return;
}
+ switch (this.parse_bool(snat.log)) {
+ case true:
+ snat.log = `${snat.name}: `;
+ break;
+
+ case false:
+ delete snat.log;
+ }
+
let add_rule = (family, proto, saddrs, daddrs, raddrs, sport, dport, rport, snat) => {
let n = {
...snat,
projects / project / firewall4.git / blobdiff