summaryrefslogtreecommitdiff
path: root/python/vyos/firewall.py
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2024-10-04 12:21:51 +0100
committerGitHub <noreply@github.com>2024-10-04 12:21:51 +0100
commit2a46c1cfb229f0e473b91aeaf8dfd278527ccda6 (patch)
treec7b547b5ddd9f3a34d402cf09f22c238677ff087 /python/vyos/firewall.py
parent43f646d6046e6edf62456f9e414cf1e1f1638e40 (diff)
parente846d2c1500df83742eb803684980396857cc0f1 (diff)
downloadvyos-1x-2a46c1cfb229f0e473b91aeaf8dfd278527ccda6.tar.gz
vyos-1x-2a46c1cfb229f0e473b91aeaf8dfd278527ccda6.zip
Merge pull request #4123 from nicolas-fort/fwall_set_commands
T6760: firewall: add packet modifications existing in policy route to regular firewall ruleset.
Diffstat (limited to 'python/vyos/firewall.py')
-rwxr-xr-xpython/vyos/firewall.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 34d0b73f6..314e8dfe3 100755
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -583,6 +583,12 @@ def parse_rule(rule_conf, hook, fw_name, rule_id, ip_name):
if 'tcp_mss' in rule_conf['set']:
mss = rule_conf['set']['tcp_mss']
output.append(f'tcp option maxseg size set {mss}')
+ if 'ttl' in rule_conf['set']:
+ ttl = rule_conf['set']['ttl']
+ output.append(f'ip ttl set {ttl}')
+ if 'hop_limit' in rule_conf['set']:
+ hoplimit = rule_conf['set']['hop_limit']
+ output.append(f'ip6 hoplimit set {hoplimit}')
if 'action' in rule_conf:
if rule_conf['action'] == 'offload':