From 80068c8ce453a385981999c25e4ff5aeaa6bf030 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Thu, 18 Jan 2024 22:05:16 +0100 Subject: conntrack: T5376: T5779: backport from current Backport of the conntrack system from current branch. (cherry picked from commit fd0bcaf12) (cherry picked from commit 5acf5aced) (cherry picked from commit 42ff4d8a7) (cherry picked from commit 24a1a7059) --- .../conntrack/timeout-custom-protocols.xml.i | 136 +++++++++++++++++++++ .../firewall/source-destination-group-ipv4.xml.i | 41 +++++++ .../include/version/conntrack-version.xml.i | 2 +- 3 files changed, 178 insertions(+), 1 deletion(-) create mode 100644 interface-definitions/include/conntrack/timeout-custom-protocols.xml.i create mode 100644 interface-definitions/include/firewall/source-destination-group-ipv4.xml.i (limited to 'interface-definitions/include') diff --git a/interface-definitions/include/conntrack/timeout-custom-protocols.xml.i b/interface-definitions/include/conntrack/timeout-custom-protocols.xml.i new file mode 100644 index 000000000..e6bff7e4d --- /dev/null +++ b/interface-definitions/include/conntrack/timeout-custom-protocols.xml.i @@ -0,0 +1,136 @@ + + + + TCP connection timeout options + + + + + TCP CLOSE-WAIT timeout in seconds + + u32:1-21474836 + TCP CLOSE-WAIT timeout in seconds + + + + + + + + + TCP CLOSE timeout in seconds + + u32:1-21474836 + TCP CLOSE timeout in seconds + + + + + + + + + TCP ESTABLISHED timeout in seconds + + u32:1-21474836 + TCP ESTABLISHED timeout in seconds + + + + + + + + + TCP FIN-WAIT timeout in seconds + + u32:1-21474836 + TCP FIN-WAIT timeout in seconds + + + + + + + + + TCP LAST-ACK timeout in seconds + + u32:1-21474836 + TCP LAST-ACK timeout in seconds + + + + + + + + + TCP SYN-RECEIVED timeout in seconds + + u32:1-21474836 + TCP SYN-RECEIVED timeout in seconds + + + + + + + + + TCP SYN-SENT timeout in seconds + + u32:1-21474836 + TCP SYN-SENT timeout in seconds + + + + + + + + + TCP TIME-WAIT timeout in seconds + + u32:1-21474836 + TCP TIME-WAIT timeout in seconds + + + + + + + + + + + UDP timeout options + + + + + Timeout for UDP connection seen in both directions + + u32:1-21474836 + Timeout for UDP connection seen in both directions + + + + + + + + + Timeout for unreplied UDP + + u32:1-21474836 + Timeout for unreplied UDP + + + + + + + + + diff --git a/interface-definitions/include/firewall/source-destination-group-ipv4.xml.i b/interface-definitions/include/firewall/source-destination-group-ipv4.xml.i new file mode 100644 index 000000000..8c34fb933 --- /dev/null +++ b/interface-definitions/include/firewall/source-destination-group-ipv4.xml.i @@ -0,0 +1,41 @@ + + + + Group + + + + + Group of addresses + + firewall group address-group + + + + + + Group of domains + + firewall group domain-group + + + + + + Group of networks + + firewall group network-group + + + + + + Group of ports + + firewall group port-group + + + + + + diff --git a/interface-definitions/include/version/conntrack-version.xml.i b/interface-definitions/include/version/conntrack-version.xml.i index 696f76362..6995ce119 100644 --- a/interface-definitions/include/version/conntrack-version.xml.i +++ b/interface-definitions/include/version/conntrack-version.xml.i @@ -1,3 +1,3 @@ - + -- cgit v1.2.3