From a2f4f3b36e3295311128673f33f90c93de24288d Mon Sep 17 00:00:00 2001 From: Arnaud Patard Date: Wed, 13 Jan 2021 14:59:29 +0100 Subject: [PATCH] feat(zone.xml): allow to rate limit 'accept' in rich rules The current rich_rule macro is supporting to set if the connection should be accepted or rejected or dropped but doesn't support setting rate limiting in the 'accept' case. Add code for that. Signed-off-by: Arnaud Patard --- firewalld/files/zone.xml | 2 +- test/integration/default/controls/zones_spec.rb | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/firewalld/files/zone.xml b/firewalld/files/zone.xml index c730b1c..8a58e6a 100644 --- a/firewalld/files/zone.xml +++ b/firewalld/files/zone.xml @@ -60,7 +60,7 @@ {%- if 'limit' in rule.audit %} {%- endif %} {%- endif %} {%- if 'accept' in rule %} - + {%- if rule.accept is mapping and 'limit' in rule.accept %} {%- endif %} {%- endif %} {%- if 'reject' in rule %} diff --git a/test/integration/default/controls/zones_spec.rb b/test/integration/default/controls/zones_spec.rb index 82382ba..eee6953 100644 --- a/test/integration/default/controls/zones_spec.rb +++ b/test/integration/default/controls/zones_spec.rb @@ -31,7 +31,7 @@ control 'zones/public.xml configuration' do - + @@ -59,12 +59,12 @@ control 'zones/rich_public.xml configuration' do - + - + ZONE_XML