## -*- mode: shell-script; -*- 
##
## To be able to make changes to the part of configuration created
## from this configlet you need to copy this file to the directory
## fwbuilder/configlets/procurve/ in your home directory and modify it.
## Double "##" comments are removed during processing but single "#"
## comments are be retained and appear in the generated script. Empty
## lines are removed as well.  
##
## Configlets support simple macro language with these constructs:
## {{$var}} is variable expansion
## {{if var}} is conditional operator.
##

; temporary access list for "safety net install"

{{if ipv4}}
{{if management_interface_is_vlan}}
no vlan {{$management_interface_vlan_id}} ip access-group tmp_acl in
no ip access-list extended tmp_acl
ip access-list extended tmp_acl
  permit ip {{$management_addr}} {{$management_netm}} any 
  deny ip any any 
exit
vlan {{$management_interface_vlan_id}} ip access-group tmp_acl in
{{endif}}

{{if management_interface_is_not_vlan}}
interface {{$management_interface}}
  no ip access-group tmp_acl in
exit
no ip access-list extended tmp_acl
ip access-list extended tmp_acl
  permit ip {{$management_addr}} {{$management_netm}} any 
  deny ip any any 
exit
interface {{$management_interface}}
  ip access-group tmp_acl in
exit
{{endif}}
{{endif}}

{{if ipv6}}
{{endif}}

