Allow forcing uRPF (de)activation via Netbox tags

Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>

_modules/ffho_netfilter.py

@@ -229,9 +229,9 @@ def _active_urpf (iface, iface_config):
 	if iface == 'lo' or iface_config.get ('link-type', '') == 'dummy':
 		return False
 
-	# Forcefully enable uRPF via tags on Netbox interface?
-	if 'urpf_enable' in iface_config.get ('tags', []):
-		return True
+	# Forcefully enable/disable uRPF via tags on Netbox interface?
+	if 'urpf' in iface_config:
+		return iface_config['urpf']
 
 	# No uRPF on infra VPNs
 	for vpn_prefix in ["gre_", "ovpn-", "wg-"]:

network/interfaces/interfaces.tmpl

@@ -71,7 +71,7 @@ iface {{ interface }}
     {%- set argument = config.get (keyword) %}
     {%- if argument is none %}
     {%- elif keyword.startswith ("_") %}
-    {%- elif keyword in [ 'auto', 'batman', 'bond', 'bridge', 'mac', 'method', 'vlan', 'vxlan', 'desc', 'prefixes', 'status', 'tagged_vlans', 'has_gateway' ] %}
+    {%- elif keyword in [ 'auto', 'batman', 'bond', 'bridge', 'mac', 'method', 'vlan', 'vxlan', 'desc', 'prefixes', 'status', 'tagged_vlans', 'urpf', 'has_gateway' ] %}
     {%- elif argument is string or argument is number %}
 	{{ keyword }} {{ argument }}
     {%- else %}