From e846d2c1500df83742eb803684980396857cc0f1 Mon Sep 17 00:00:00 2001
From: Nicolas Fort <nicolasfort1988@gmail.com>
Date: Thu, 3 Oct 2024 14:51:55 +0000
Subject: T6760: firewall: add packet modifications existing in policy route to
 regular firewall ruleset.

---
 python/vyos/firewall.py | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'python')

diff --git a/python/vyos/firewall.py b/python/vyos/firewall.py
index 34d0b73f6..314e8dfe3 100755
--- a/python/vyos/firewall.py
+++ b/python/vyos/firewall.py
@@ -583,6 +583,12 @@ def parse_rule(rule_conf, hook, fw_name, rule_id, ip_name):
         if 'tcp_mss' in rule_conf['set']:
             mss = rule_conf['set']['tcp_mss']
             output.append(f'tcp option maxseg size set {mss}')
+        if 'ttl' in rule_conf['set']:
+            ttl = rule_conf['set']['ttl']
+            output.append(f'ip ttl set {ttl}')
+        if 'hop_limit' in rule_conf['set']:
+            hoplimit = rule_conf['set']['hop_limit']
+            output.append(f'ip6 hoplimit set {hoplimit}')
 
     if 'action' in rule_conf:
         if rule_conf['action'] == 'offload':
-- 
cgit v1.2.3