conntrack-sync: add missing commands

1 files changed, 39 insertions, 26 deletions

diff --git a/docs/configuration/service/conntrack-sync.rst b/docs/configuration/service/conntrack-sync.rst
index 935743e6..e2ca8599 100644
--- a/docs/configuration/service/conntrack-sync.rst
+++ b/docs/configuration/service/conntrack-sync.rst
@@ -37,53 +37,66 @@ Most examples below show Multicast, but unicast can be specified by using the
 Configuration
 *************
 
-  .. cfgcmd:: set service conntrack-sync accept-protocol
+.. cfgcmd:: set service conntrack-sync accept-protocol
 
-    Accept only certain protocols: You may want to replicate the state of flows
-    depending on their layer 4 protocol.
+   Accept only certain protocols: You may want to replicate the state of flows
+   depending on their layer 4 protocol.
 
-    Protocols are: tcp, sctp, dccp, udp, icmp and ipv6-icmp.
+   Protocols are: tcp, sctp, dccp, udp, icmp and ipv6-icmp.
 
-  .. cfgcmd:: set service conntrack-sync event-listen-queue-size <size>
+.. cfgcmd:: set service conntrack-sync event-listen-queue-size <size>
 
-    The daemon doubles the size of the netlink event socket buffer size if it
-    detects netlink event message dropping. This clause sets the maximum buffer
-    size growth that can be reached.
+   The daemon doubles the size of the netlink event socket buffer size if it
+   detects netlink event message dropping. This clause sets the maximum buffer
+   size growth that can be reached.
 
-    Queue size for listening to local conntrack events in MB.
+   Queue size for listening to local conntrack events in MB.
 
-  .. cfgcmd:: set service conntrack-sync expect-sync <all|ftp|h323|nfs|sip|sqlnet>
+.. cfgcmd:: set service conntrack-sync expect-sync <all|ftp|h323|nfs|sip|sqlnet>
 
-    Protocol for which expect entries need to be synchronized.
+   Protocol for which expect entries need to be synchronized.
 
-  .. cfgcmd:: set service conntrack-sync failover-mechanism vrrp sync-group <group>
+.. cfgcmd:: set service conntrack-sync failover-mechanism vrrp sync-group <group>
 
-    Failover mechanism to use for conntrack-sync.
+   Failover mechanism to use for conntrack-sync.
 
-    Only VRRP is supported. Required option.
+   Only VRRP is supported. Required option.
 
-  .. cfgcmd:: set service conntrack-sync ignore-address <x.x.x.x>
+.. cfgcmd:: set service conntrack-sync ignore-address <x.x.x.x>
 
-    IP addresses or networks for which local conntrack entries will not be synced
+   IP addresses or networks for which local conntrack entries will not be synced
 
-  .. cfgcmd:: set service conntrack-sync interface <name>
+.. cfgcmd:: set service conntrack-sync interface <name>
 
-    Interface to use for syncing conntrack entries.
+   Interface to use for syncing conntrack entries.
 
-  .. cfgcmd:: set service conntrack-sync mcast-group <x.x.x.x>
+.. cfgcmd:: set service conntrack-sync interface <name> port <port>
 
-    Multicast group to use for syncing conntrack entries.
+   Port number used by connection.
 
-    Defaults to 225.0.0.50.
+.. cfgcmd:: set service conntrack-sync listen-address <ipv4address>
 
-  .. cfgcmd:: set service conntrack-sync interface <name> peer <address>
+   Local IPv4 addresses for service to listen on.
 
-    Peer to send unicast UDP conntrack sync entires to, if not using Multicast
-    configuration from above above.
+.. cfgcmd:: set service conntrack-sync mcast-group <x.x.x.x>
 
-  .. cfgcmd:: set service conntrack-sync sync-queue-size <size>
+   Multicast group to use for syncing conntrack entries.
 
-    Queue size for syncing conntrack entries in MB.
+   Defaults to 225.0.0.50.
+
+.. cfgcmd:: set service conntrack-sync interface <name> peer <address>
+
+   Peer to send unicast UDP conntrack sync entires to, if not using Multicast
+   configuration from above above.
+
+.. cfgcmd:: set service conntrack-sync sync-queue-size <size>
+
+   Queue size for syncing conntrack entries in MB.
+
+.. cfgcmd:: set service conntrack-sync disable-external-cache
+
+   This diable the external cache and directly injects the flow-states into the
+   in-kernel Connection Tracking System of the backup firewall.
 
 *********
 Operation