assume service state present by default in iptables (fix #8)

robertdebock · Aug 21, 2021 · 5b594b2 · 5b594b2
1 parent da5c299
commit 5b594b2
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/templates/iptables.j2 b/templates/iptables.j2
@@ -8,7 +8,7 @@
 -A INPUT -i lo -j ACCEPT
 
 {% for service in firewall_services %}
-{% if service.state != "absent" %}
+{% if (service.state | default("present")) != "absent" %}
 -A INPUT -m state --state NEW {% if service.protocol is defined %}{% if service.protocol == "tcp" %}-m tcp{% endif %}{% endif %} -p {{ service.protocol | default ('tcp') }} --dport {{ service.name }} -j ACCEPT
 {% endif %}
 {% endfor %}