summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJo-Philipp Wich2021-10-17 09:16:27 +0000
committerJo-Philipp Wich2021-10-17 09:16:27 +0000
commit35f5120afcf158e445062fdb5072684ed24d91d0 (patch)
tree275ff7e9e7d0519766bc768ce5604e319bc8704d
parentcf835cecc8a449b2d2019f1ef4f085e535d5c1c1 (diff)
downloadfirewall4-35f5120afcf158e445062fdb5072684ed24d91d0.tar.gz
rule.uc: always format ICMP type/code list as set
Ensure that the concatenated type . code list values are always formatted as anonymous set, even if the list just contains one item. Fixes the following nftables error when parsing such a rule: Error: Use concatenations with sets and maps, not singleton values Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-rw-r--r--root/usr/share/firewall4/templates/rule.uc2
1 files changed, 1 insertions, 1 deletions
diff --git a/root/usr/share/firewall4/templates/rule.uc b/root/usr/share/firewall4/templates/rule.uc
index 0aae480..5f1b696 100644
--- a/root/usr/share/firewall4/templates/rule.uc
+++ b/root/usr/share/firewall4/templates/rule.uc
@@ -28,7 +28,7 @@
{{ (rule.family == 4) ? "icmp" : "icmpv6" }} type {{ fw4.set(rule.icmp_types) }} {%+ endif -%}
{%+ if (rule.icmp_codes): -%}
{{ (rule.family == 4) ? "icmp" : "icmpv6" }} type . {{ (rule.family == 4) ? "icmp" : "icmpv6" }} code {{
- fw4.set(rule.icmp_codes)
+ fw4.set(rule.icmp_codes, true)
}} {%+ endif -%}
{%+ if (rule.helper): -%}
ct helper{% if (rule.helper.invert): %} !={% endif %} {{ fw4.quote(rule.helper.name, true) }} {%+ endif -%}