瀏覽代碼

Add support for using ipsets as sources in a zone

I wanted to be able to add an ipset as a source in the zone without using a rich rule.  I believe this change accomplishes that.  Tested and working on CentOS 7 (salt master and minion).
tags/v0.6.2
Paul Williams 7 年之前
父節點
當前提交
2fd70c9f41
沒有連結到貢獻者的電子郵件帳戶。
共有 1 個檔案被更改,包括 10 行新增0 行删除
  1. +10
    -0
      firewalld/files/zone.xml

+ 10
- 0
firewalld/files/zone.xml 查看文件

@@ -23,6 +23,16 @@
{%- endif %}
{%- endfor %}
{%- endif %}
{%- if 'ipsets' in zone %}
{%- for v in zone.ipsets %}
{%- if 'comment' in v %}
<!-- {{ v.comment }} -->
<source ipset="{{ v.ipset }}" />
{%- else %}
<source ipset="{{ v }}" />
{%- endif %}
{%- endfor %}
{%- endif %}
{%- if 'services' in zone %}
{%- for v in zone.services %}
<service name="{{ v }}" />

Loading…
取消
儲存