22 lines
674 B
Django/Jinja
22 lines
674 B
Django/Jinja
table inet filter {
|
|
chain input {
|
|
{% for service in services %}
|
|
{% set prefixes = service | allowed_prefixes %}
|
|
{% set ports = service.ports | compact_numlist %}
|
|
{% if 'name' in service %}
|
|
# service {{ service.name }}
|
|
{% endif %}
|
|
{% if prefixes %}
|
|
{% if prefixes | ipv4 %}
|
|
ip saddr { {{ prefixes | ipv4 | join(', ') }} } {{ service.protocol.value }} dport { {{ ports }} } accept
|
|
{% endif %}
|
|
{% if prefixes | ipv6 %}
|
|
ip6 saddr { {{ prefixes | ipv6 | join(', ') }} } {{ service.protocol.value }} dport { {{ ports }} } accept
|
|
{% endif %}
|
|
{% else %}
|
|
{{ service.protocol.value }} dport { {{ ports }} } accept
|
|
{% endif %}
|
|
|
|
{% endfor %}
|
|
}
|
|
}
|