{% macro render_ipset(ipset, name, type="hash:net", family="inet6", timeout=None) %} create {{ name }} {{ type | default('hash:net') }} family {{ family }} counters {% if timeout %}timeout {{ timeout }}{% endif %} -exist flush {{ name }} {% for ip_or_net in ipset | default([]) %} add {{ name }} {{ ip_or_net }} {% endfor %} {% endmacro %} {{ render_ipset(firewall_ipset_mgmt.v6, 'mgmt_v6') }} {{ render_ipset(firewall_ipset_blacklist.v6, 'blacklist_v6') }} {{ render_ipset(firewall_ipset_bogons.v6, 'bogons_v6') }} {{ render_ipset([], 'cooloff_v6', type="hash:ip", timeout=firewall_ipset_scanner_timeout) }}