Skip to content

Commit 7a7ffe1

Browse files
badroggerbadrogger
committed
Fix duplicates
1 parent d420f58 commit 7a7ffe1

File tree

1 file changed

+21
-19
lines changed

1 file changed

+21
-19
lines changed

node_cli/core/nftables.py

Lines changed: 21 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -133,7 +133,12 @@ def rule_exists(self, chain: str, new_rule_expr: list[dict]) -> bool:
133133
existing_rules = self.get_rules(chain)
134134

135135
for rule in existing_rules:
136-
if rule.get('expr') == new_rule_expr:
136+
expr = rule.get('expr')
137+
for i, statement in enumerate(expr):
138+
if 'counter' in statement:
139+
expr[i] = {'counter': None}
140+
rule['counter'] = None
141+
if expr == new_rule_expr:
137142
return True
138143
return False
139144

@@ -155,24 +160,21 @@ def add_drop_rule_if_node_exists(self, protocol: str) -> None:
155160
{"drop": None}
156161
]
157162
if not self.rule_exists(self.chain, expr):
158-
# cmd = {
159-
# 'nftables': [
160-
# {
161-
# 'add': {
162-
# 'rule': {
163-
# 'family': self.family,
164-
# 'table': self.table,
165-
# 'chain': self.chain,
166-
# 'expr': expr,
167-
# }
168-
# }
169-
# }
170-
# ]
171-
# }
172-
# self.execute_cmd(cmd)
173-
cmd = f'add rule {self.family} {self.table} {self.chain} ip protocol {protocol} counter drop'
174-
logger.info('CMD %s', cmd)
175-
self.nft.cmd(cmd)
163+
cmd = {
164+
'nftables': [
165+
{
166+
'add': {
167+
'rule': {
168+
'family': self.family,
169+
'table': self.table,
170+
'chain': self.chain,
171+
'expr': expr,
172+
}
173+
}
174+
}
175+
]
176+
}
177+
self.execute_cmd(cmd)
176178
logger.info('Added drop rule for %s', protocol)
177179

178180
def add_rule_if_not_exists(self, rule: Rule) -> None:

0 commit comments

Comments
 (0)