Skip to content

Commit

Permalink
fix(firewall): fixing duplicate creation of ipsets
Browse files Browse the repository at this point in the history
  • Loading branch information
@Tbaile
Tbaile committed Nov 12, 2024
1 parent 8354786 commit 5303f7a
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
4 changes: 2 additions & 2 deletions src/nethsec/firewall/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1953,9 +1953,9 @@ def update_redirect_rules(uci):
pass
else:
# create a full ipset configuration for the redirect rule
uci.set('firewall', section, 'ipset', f"{id}_ipset")
uci.set('firewall', section, 'ipset', f"{section}_ipset")
uci.set('firewall', f"{section}_ipset", "ipset")
uci.set('firewall', f"{section}_ipset", "name", f"{id}_ipset")
uci.set('firewall', f"{section}_ipset", "name", f"{section}_ipset")
uci.set('firewall', f"{section}_ipset", "match", "src_net")
uci.set('firewall', f"{section}_ipset", "enabled", "1")
uci.set('firewall', f"{section}_ipset", 'ns_link', f"firewall/{section}")
Expand Down
3 changes: 2 additions & 1 deletion tests/test_firewall.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1082,8 +1082,9 @@ def test_update_redirect_rules(u):
u.set('firewall', 'redirect4', 'ns_dst', f"users/ns_user1")
firewall.update_redirect_rules(u)
assert u.get("firewall", "redirect4", "dest_ip") == "10.10.10.22"
assert u.get("firewall", "redirect4", "ipset") == f"{host1}_ipset"
assert u.get("firewall", "redirect4", "ipset") == f"redirect4_ipset"
assert u.get("firewall", "redirect4_ipset")
assert u.get('firewall', 'redirect4_ipset', 'ns_link') == f'firewall/redirect4'

def test_update_firewall_rules(u):
domain1 = objects.add_domain_set(u, "d1", "ipv4", ["test1.com", "test2.com"])
Expand Down

0 comments on commit 5303f7a

Please sign in to comment.