From b258dc9facfb71c27de6b34437c99199f95af403 Mon Sep 17 00:00:00 2001
From: "ak@geant.org" <ak@geant.org>
Date: Wed, 20 Dec 2023 15:55:02 +0000
Subject: [PATCH] system security source addresses
---
.../routers/nokia/system/security/security.j2 | 1 +
.../routers/nokia/system/security/source_addresses.j2 | 10 ++++++++++
2 files changed, 11 insertions(+)
create mode 100644 geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/source_addresses.j2
diff --git a/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/security.j2 b/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/security.j2
index cd60105a..c240b1c4 100644
--- a/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/security.j2
+++ b/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/security.j2
@@ -7,6 +7,7 @@
</aaa>
{% include "system/security/user_params.j2" %}
{% include "system/security/dist_cpu_protection.j2" %}
+ {% include "system/security/source_addresses.j2" %}
{# {% include "system/security/ssh.j2" %} #}
</security>
</system>
diff --git a/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/source_addresses.j2 b/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/source_addresses.j2
new file mode 100644
index 00000000..cec3327d
--- /dev/null
+++ b/geant/gap_ansible/roles/base_config/templates/routers/nokia/system/security/source_addresses.j2
@@ -0,0 +1,10 @@
+
+ <source-address>
+ {% for application in nokia_applications %}
+ <ipv4 xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace">
+ <application>{{ application.name }}</application>
+ <interface-name>{{ application.interface_name }}</interface-name>
+ </ipv4>
+ {% endfor %}
+ </source-address>
+
--
GitLab