[Ferm] ferm @if condition
Kiss Gabor (Bitman)
kissg at ssg.ki.iif.hu
Mon Jan 6 19:42:59 CET 2014
> I'd like to get something like the following, where I can use the @if to only
> be used as a conditional on the differences.
>
> ======== Desired ========
> @if @eq($DOMAIN, ip) {
> proto icmp @subchain "icmp"
> }
> @if @eq($DOMAIN, ip6) {
> proto ipv6-icmp @subchain "ipv6-icmp"
> }
> {
> icmp-type (
> # Common icmp type names
> echo-reply
> echo-request
> destination-unreachable
> time-exceeded
>
> @if @eq($DOMAIN, ip6) {
> # IPv6 ICMP specific additions
> packet-too-big
> router-advertisement
> }
> ) ACCEPT;
> }
> }
> ======== End Desired ========
This is my best offer: :-)
@def $ICMP_COMMON = (echo-reply echo-request destination-unreachable time-exceeded);
@def $ICMP_V6 = (packet-too-big router-advertisement);
@def $ICMP_V4 = ();
proto icmp @subchain "icmp" {
ACCEPT icmp-type $ICMP_COMMON;
@if @eq($DOMAIN, ip) {
ACCEPT icmp-type $ICMP_V4;
}
@if @eq($DOMAIN, ip6) {
ACCEPT icmp-type $ICMP_V6;
}
}
$ICMP_* vars introduced obly for readability.
Regards
Gabor
More information about the Ferm
mailing list