Merge pull request #3984 from vyos/mergify/bp/sagitta/pr-3981

T6646: conntrack: in ignore rules, if protocols=all, do not append it to the rule (backport #3981)
author: Christian Breunig <christian@breunig.cc> 2024-08-15 12:14:34 +0200
committer: GitHub <noreply@github.com> 2024-08-15 12:14:34 +0200
commit: 45d8ca97291128e1549ee7bcba7eed6ac6bdfdb3 (patch)
tree: af7eb8293dd225f14616aa029e098f13bf3e2c7e /python/vyos
parent: 8baa5b535430d1a14f16004174cb91f3e6d266ca (diff)
parent: 85f19deb34884337af343fc39b1ce484c9ba1ddb (diff)
download: vyos-1x-45d8ca97291128e1549ee7bcba7eed6ac6bdfdb3.tar.gz
vyos-1x-45d8ca97291128e1549ee7bcba7eed6ac6bdfdb3.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py
index a4fff649c..2a99eef9d 100644..100755
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -692,7 +692,8 @@ def conntrack_rule(rule_conf, rule_id, action, ipv6=False):
         else:
             for protocol, protocol_config in rule_conf['protocol'].items():
                 proto = protocol
-        output.append(f'meta l4proto {proto}')
+        if proto != 'all':
+            output.append(f'meta l4proto {proto}')
 
     tcp_flags = dict_search_args(rule_conf, 'tcp', 'flags')
     if tcp_flags and action != 'timeout':
author	Christian Breunig <christian@breunig.cc>	2024-08-15 12:14:34 +0200
committer	GitHub <noreply@github.com>	2024-08-15 12:14:34 +0200
commit	45d8ca97291128e1549ee7bcba7eed6ac6bdfdb3 (patch)
tree	af7eb8293dd225f14616aa029e098f13bf3e2c7e /python/vyos
parent	8baa5b535430d1a14f16004174cb91f3e6d266ca (diff)
parent	85f19deb34884337af343fc39b1ce484c9ba1ddb (diff)
download	vyos-1x-45d8ca97291128e1549ee7bcba7eed6ac6bdfdb3.tar.gz vyos-1x-45d8ca97291128e1549ee7bcba7eed6ac6bdfdb3.zip