diff options
| author | Jo-Philipp Wich | 2021-10-17 09:16:27 +0000 |
|---|---|---|
| committer | Jo-Philipp Wich | 2021-10-17 09:16:27 +0000 |
| commit | 35f5120afcf158e445062fdb5072684ed24d91d0 (patch) | |
| tree | 275ff7e9e7d0519766bc768ce5604e319bc8704d | |
| parent | cf835cecc8a449b2d2019f1ef4f085e535d5c1c1 (diff) | |
| download | firewall4-35f5120afcf158e445062fdb5072684ed24d91d0.tar.gz | |
rule.uc: always format ICMP type/code list as set
Ensure that the concatenated type . code list values are always formatted
as anonymous set, even if the list just contains one item. Fixes the
following nftables error when parsing such a rule:
Error: Use concatenations with sets and maps, not singleton values
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
| -rw-r--r-- | root/usr/share/firewall4/templates/rule.uc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/root/usr/share/firewall4/templates/rule.uc b/root/usr/share/firewall4/templates/rule.uc index 0aae480..5f1b696 100644 --- a/root/usr/share/firewall4/templates/rule.uc +++ b/root/usr/share/firewall4/templates/rule.uc @@ -28,7 +28,7 @@ {{ (rule.family == 4) ? "icmp" : "icmpv6" }} type {{ fw4.set(rule.icmp_types) }} {%+ endif -%} {%+ if (rule.icmp_codes): -%} {{ (rule.family == 4) ? "icmp" : "icmpv6" }} type . {{ (rule.family == 4) ? "icmp" : "icmpv6" }} code {{ - fw4.set(rule.icmp_codes) + fw4.set(rule.icmp_codes, true) }} {%+ endif -%} {%+ if (rule.helper): -%} ct helper{% if (rule.helper.invert): %} !={% endif %} {{ fw4.quote(rule.helper.name, true) }} {%+ endif -%} |