ruleset: set auto-merge directive for interval sets

Set the auto-merge directive for interval sets to automatically merge
overlapping CIDRs such as 192.168.1.0/24, 192.168.1.1. Without that
directive, nft will fail to apply the rendered ruleset with an error.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/root/usr/share/firewall4/templates/ruleset.uc b/root/usr/share/firewall4/templates/ruleset.uc
index b4023157bf2dc8578d3edfcc46dcc4fe19343795..9cf7ef6d406c9b3f77049a9a594952da4ca49daa 100644 (file)
--- a/root/usr/share/firewall4/templates/ruleset.uc
+++ b/root/usr/share/firewall4/templates/ruleset.uc
@@ -36,6 +36,7 @@ table inet fw4 {
 {% endif %}
 {%  if (set.interval): %}
                flags interval
+               auto-merge
 {%  endif %}
 {%  fw4.print_setentries(set) %}
        }