summaryrefslogtreecommitdiff
path: root/python/vyos
diff options
context:
space:
mode:
authorNicolas Fort <nicolasfort1988@gmail.com>2024-10-03 14:51:55 +0000
committerNicolas Fort <nicolasfort1988@gmail.com>2024-10-03 14:51:55 +0000
commite846d2c1500df83742eb803684980396857cc0f1 (patch)
treef05a6b0170d885d02690904caad5a43f08a6258d /python/vyos
parent6b7159f2927f004320c77043d0c819a6b660806d (diff)
downloadvyos-1x-e846d2c1500df83742eb803684980396857cc0f1.tar.gz
vyos-1x-e846d2c1500df83742eb803684980396857cc0f1.zip
T6760: firewall: add packet modifications existing in policy route to regular firewall ruleset.
Diffstat (limited to 'python/vyos')
-rwxr-xr-xpython/vyos/firewall.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 34d0b73f6..314e8dfe3 100755
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -583,6 +583,12 @@ def parse_rule(rule_conf, hook, fw_name, rule_id, ip_name):
if 'tcp_mss' in rule_conf['set']:
mss = rule_conf['set']['tcp_mss']
output.append(f'tcp option maxseg size set {mss}')
+ if 'ttl' in rule_conf['set']:
+ ttl = rule_conf['set']['ttl']
+ output.append(f'ip ttl set {ttl}')
+ if 'hop_limit' in rule_conf['set']:
+ hoplimit = rule_conf['set']['hop_limit']
+ output.append(f'ip6 hoplimit set {hoplimit}')
if 'action' in rule_conf:
if rule_conf['action'] == 'offload':