setup-dmvpn: configure spoke firewall if active

1 files changed, 3 insertions, 22 deletions

diff --git a/dmvpn-hub.awall b/dmvpn-hub.awall
index 067230e..7d9f8ef 100644
--- a/dmvpn-hub.awall
+++ b/dmvpn-hub.awall
@@ -1,12 +1,6 @@
 {
-	"zone": {
-		"dmvpn-ipsec": { "addr": "0.0.0.0/0" },
-		"dmvpn-gre": { "addr": "0.0.0.0/0", "ipsec": true },
-		"dmvpn-bgp": {
-			"iface": "$dmvpn_gre_iface", "addr": "0.0.0.0/0"
-		},
-		"dmvpn": { "iface": "$dmvpn_gre_iface", "route-back": true }
-	},
+	"description": "DMVPN hub",
+	"import": "dmvpn",
 	"log": {
 		"dmvpn": {
 			"mode": "nflog",
@@ -19,18 +13,5 @@
 			}
 		}
 	},
-	"packet-log": [ { "in": "dmvpn", "out": "dmvpn", "log": "dmvpn" } ],
-	"filter": [
-		{
-			"in": "_fw",
-			"service": [ "dns", "http", "https", "ldap", "ldaps" ]
-		},
-		{ "in": "dmvpn-ipsec", "out": "_fw", "service": "ipsec" },
-		{ "in": "_fw", "out": "dmvpn-ipsec", "service": "ipsec" },
-		{ "in": "dmvpn-gre", "out": "_fw", "service": "gre" },
-		{ "in": "_fw", "out": "dmvpn-gre", "service": "gre" },
-		{ "in": "dmvpn-bgp", "out": "_fw", "service": "bgp" },
-		{ "in": "_fw", "out": "dmvpn-bgp", "service": "bgp" },
-		{ "in": "dmvpn", "out": "dmvpn" }
-	]
+	"packet-log": [ { "in": "dmvpn", "out": "dmvpn", "log": "dmvpn" } ]
 }