feat:TSG-23488:Support cli firewall.inject_packet_by_mgnt_route in os.

containers/firewall/Dockerfile.j2

@@ -8,7 +8,6 @@ RUN {{ macros.install_packages(packages) }} && \
     rm -rf /opt/tsg/sapp/r3
 # files
 COPY files/quic/main.conf             /opt/tsg/sapp/conf/quic/main.conf
-COPY files/asymmetric_addr_layer.conf /opt/tsg/sapp/etc/
 COPY files/entrylist.conf             /opt/tsg/sapp/etc/
 COPY files/firewall_l7_protocol.conf  /opt/tsg/sapp/tsgconf/
 COPY files/http.conf                  /opt/tsg/sapp/conf/http/

containers/firewall/entrypoint.sh

@@ -56,6 +56,7 @@ parse_args "$@"
 
 mkdir -p /opt/tsg/etc/
 
+render_template asymmetric_addr_layer.conf.j2 /opt/tsg/sapp/etc/asymmetric_addr_layer.conf
 render_template conflist.inf.j2 /opt/tsg/sapp/plug/conflist.inf
 render_template firewall_logger_transmitter_schema.json.j2 /opt/tsg/sapp/tsgconf/firewall_logger_transmitter_schema.json
 render_template firewall.inf.j2 /opt/tsg/sapp/plug/business/firewall/firewall.inf

containers/firewall/templates/asymmetric_addr_layer.conf.j2

@@ -1,9 +1,11 @@
 #layer name definition:  ipv4, ipv6, ethernet,vlan, arp, gre, mpls, pppoe, tcp, udp, l2tp, ppp, pptp, gtp
 #pattern: asymmetric_layer_name[layer index]
 #The symbol "*" represents any layer
+{% if firewall.inject_packet_by_mgnt_route != True -%}
 ethernet[*]
 vlan[*]
 vxlan[*]
 mpls[*]
 gre[*]
 gtp[*]
+{%- endif %}

containers/firewall/templates/main.conf.j2

@@ -54,7 +54,11 @@ APPSKETCH_SWITCH=0
 
 [FIREWALL]
 # hijack, replace
+{%- if firewall.inject_packet_by_mgnt_route == True %}
+PACKET_RESPONSE_MODE=hijack
+{%- else %}
 PACKET_RESPONSE_MODE=replace
+{%- endif %}
 HTTP_PAGE200=./tsgconf/HTTP200.html
 HTTP_PAGE204=./tsgconf/HTTP204.html
 HTTP_PAGE403=./tsgconf/HTTP403.html