From 71f4169d5ec9d5d1c84929ddaedf6a004dc4fd58 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Sat, 4 Mar 2023 14:44:05 +0000
Subject: [PATCH] Eliminate need for dummy addresses in when running under test

---
 cookbooks/networking/recipes/default.rb                  | 3 ---
 cookbooks/networking/templates/default/nftables.conf.erb | 4 ++++
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb
index 8101a9b89..a299a67cd 100644
--- a/cookbooks/networking/recipes/default.rb
+++ b/cookbooks/networking/recipes/default.rb
@@ -400,9 +400,6 @@ search(:node, "networking:interfaces").collect do |n|
   end
 end
 
-hosts["inet"] << "127.0.0.1" if hosts["inet"].empty?
-hosts["inet6"] << "::1" if hosts["inet6"].empty?
-
 if node[:networking][:firewall][:engine] == "shorewall"
   package "shorewall"
 
diff --git a/cookbooks/networking/templates/default/nftables.conf.erb b/cookbooks/networking/templates/default/nftables.conf.erb
index 63f45a0c8..65d090db3 100644
--- a/cookbooks/networking/templates/default/nftables.conf.erb
+++ b/cookbooks/networking/templates/default/nftables.conf.erb
@@ -10,12 +10,16 @@ flush ruleset
 table inet filter {
   set ip-osm-addresses {
     type ipv4_addr
+<%- unless Array(@hosts["inet"]).empty? %>
     elements = { <%= Array(@hosts["inet"]).sort.join(", ") %> }
+<%- end %>
   }
 
   set ip6-osm-addresses {
     type ipv6_addr
+<%- unless Array(@hosts["inet"]).empty? %>
     elements = { <%= Array(@hosts["inet6"]).sort.join(", ") %> }
+<%- end %>
   }
 
   set ip-blacklist {
-- 
2.43.2