diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-10-03 14:51:55 +0000 |
|---|---|---|
| committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-10-03 14:51:55 +0000 |
| commit | e846d2c1500df83742eb803684980396857cc0f1 (patch) | |
| tree | f05a6b0170d885d02690904caad5a43f08a6258d /python | |
| parent | 6b7159f2927f004320c77043d0c819a6b660806d (diff) | |
| download | vyos-1x-e846d2c1500df83742eb803684980396857cc0f1.tar.gz vyos-1x-e846d2c1500df83742eb803684980396857cc0f1.zip | |
T6760: firewall: add packet modifications existing in policy route to regular firewall ruleset.
Diffstat (limited to 'python')
| -rwxr-xr-x | python/vyos/firewall.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py index 34d0b73f6..314e8dfe3 100755 --- a/python/vyos/firewall.py +++ b/python/vyos/firewall.py @@ -583,6 +583,12 @@ def parse_rule(rule_conf, hook, fw_name, rule_id, ip_name): if 'tcp_mss' in rule_conf['set']: mss = rule_conf['set']['tcp_mss'] output.append(f'tcp option maxseg size set {mss}') + if 'ttl' in rule_conf['set']: + ttl = rule_conf['set']['ttl'] + output.append(f'ip ttl set {ttl}') + if 'hop_limit' in rule_conf['set']: + hoplimit = rule_conf['set']['hop_limit'] + output.append(f'ip6 hoplimit set {hoplimit}') if 'action' in rule_conf: if rule_conf['action'] == 'offload': |