|
|
@@ -694,7 +694,10 @@ class Firewall:
|
|
|
directly separate forwarding rules from standard rules since they need
|
|
|
to be handled differently later.
|
|
|
'''
|
|
|
- entries = {}
|
|
|
+ entries = {
|
|
|
+ "internal": [],
|
|
|
+ "external": []
|
|
|
+ }
|
|
|
if addr_family is not None:
|
|
|
exclude_dsttype = 'dst4' if addr_family == 6 else 'dst6'
|
|
|
for ruleno, rule in zip(itertools.count(), self.rules):
|
|
|
@@ -706,5 +709,10 @@ class Firewall:
|
|
|
# include only forwarding rules
|
|
|
if rule.action != "forward":
|
|
|
continue
|
|
|
- entries['{:04}'.format(ruleno)] = rule.rule
|
|
|
+ if rule.forwardtype == "internal":
|
|
|
+ entries["internal"]['{:04}'.format(ruleno)] = rule.rule
|
|
|
+ elif rule.forwardype == "external":
|
|
|
+ entries["external"]['{:04}'.format(ruleno)] = rule.rule
|
|
|
+ else:
|
|
|
+ raise ValueError('invalid forwardtype for rule')
|
|
|
return entries
|
