diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-08-14 12:12:56 +0000 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-08-14 16:35:10 +0000 |
| commit | 85f19deb34884337af343fc39b1ce484c9ba1ddb (patch) | |
| tree | af7eb8293dd225f14616aa029e098f13bf3e2c7e /python | |
| parent | 8baa5b535430d1a14f16004174cb91f3e6d266ca (diff) | |
| download | vyos-1x-85f19deb34884337af343fc39b1ce484c9ba1ddb.tar.gz vyos-1x-85f19deb34884337af343fc39b1ce484c9ba1ddb.zip | |
T6646: conntrack: in ignore rules, if protocols=all, do not append it to the rule
(cherry picked from commit 2d953bedd0e416ead924f77ec612c997f950535a)
Diffstat (limited to 'python')
| -rwxr-xr-x[-rw-r--r--] | python/vyos/template.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py index a4fff649c..2a99eef9d 100644..100755 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -692,7 +692,8 @@ def conntrack_rule(rule_conf, rule_id, action, ipv6=False): else: for protocol, protocol_config in rule_conf['protocol'].items(): proto = protocol - output.append(f'meta l4proto {proto}') + if proto != 'all': + output.append(f'meta l4proto {proto}') tcp_flags = dict_search_args(rule_conf, 'tcp', 'flags') if tcp_flags and action != 'timeout': |