[Ferm] Dual-stacking and IP in variables
Max Kellermann
max at duempel.org
Thu Jul 7 09:55:42 CEST 2011
On 2011/07/06 02:47, Faidon Liambotis <paravoid at debian.org> wrote:
> On several dual-stack setups of mine, I tend to have configurations such
> as below:
Hi Faidon,
I have finally taken some time to sort this ever-lasting issue out.
A new patch in git master executes all rules after "domain (ip ip6)"
twice, once for each domain. That means that the $DOMAIN variable is
available now.
What you can do now is slightly easier than what we had before:
domain (ip ip6) {
@if @eq($DOMAIN, ip) {
# IPv4 rules go here
} @else {
# IPv4 rules go here
}
}
Or you can define domain-specific variables in an include (instead of
having to move the common rules into an include/function):
domain (ip ip6) {
@if @eq($DOMAIN, ip)
@include "ipv4-vars.ferm";
@else
@include "ipv6-vars.ferm";
}
Note there are no curly braces around the @include; the curly braces
would open a new namespace, and variables declared inside those
(inside the included file) would be lost after the closing brace.
Bonus: I've implemented a function called @ipfilter. See manpage.
Max
More information about the Ferm
mailing list