summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-05-15 10:55:33 +0200
committerChristian Poessinger <christian@poessinger.com>2021-05-15 10:55:33 +0200
commit7792b5319695098418de562dad87bbc0fef6d19c (patch)
tree12d3eb3cb2b8a64d97b80874aadfbff54b54172a
parente2978bb452c4ad3c3caf532c8f2204d7615c881e (diff)
downloadvyos-1x-7792b5319695098418de562dad87bbc0fef6d19c.tar.gz
vyos-1x-7792b5319695098418de562dad87bbc0fef6d19c.zip
conntrack: T3535: add support for icmp6 and dccp
-rw-r--r--data/templates/conntrackd/conntrackd.conf.tmpl4
-rw-r--r--interface-definitions/service_conntrack-sync.xml.in20
2 files changed, 18 insertions, 6 deletions
diff --git a/data/templates/conntrackd/conntrackd.conf.tmpl b/data/templates/conntrackd/conntrackd.conf.tmpl
index 6f9fa51b0..fdaac7275 100644
--- a/data/templates/conntrackd/conntrackd.conf.tmpl
+++ b/data/templates/conntrackd/conntrackd.conf.tmpl
@@ -95,7 +95,11 @@ General {
{% if accept_protocol is defined and accept_protocol is not none %}
Protocol Accept {
{% for protocol in accept_protocol %}
+{% if protocol == 'icmp6' %}
+ IPv6-ICMP
+{% else %}
{{ protocol | upper }}
+{% endif %}
{% endfor %}
}
{% endif %}
diff --git a/interface-definitions/service_conntrack-sync.xml.in b/interface-definitions/service_conntrack-sync.xml.in
index 088cd78f6..8d6b57183 100644
--- a/interface-definitions/service_conntrack-sync.xml.in
+++ b/interface-definitions/service_conntrack-sync.xml.in
@@ -12,26 +12,34 @@
<properties>
<help>Protocols for which local conntrack entries will be synced</help>
<completionHelp>
- <list>tcp udp icmp sctp</list>
+ <list>tcp udp icmp icmp6 sctp dccp</list>
</completionHelp>
<valueHelp>
<format>tcp</format>
- <description>Sync Transmission Control Protocol conntrack entries</description>
+ <description>Sync Transmission Control Protocol entries</description>
</valueHelp>
<valueHelp>
<format>udp</format>
- <description>Sync User Datagram Protocol conntrack entries</description>
+ <description>Sync User Datagram Protocol entries</description>
</valueHelp>
<valueHelp>
<format>icmp</format>
- <description>Sync Internet Control Message Protocol conntrack entries</description>
+ <description>Sync Internet Control Message Protocol entries</description>
+ </valueHelp>
+ <valueHelp>
+ <format>icmp6</format>
+ <description>Sync IPv6 Internet Control Message Protocol entries</description>
</valueHelp>
<valueHelp>
<format>sctp</format>
- <description>Sync Stream Control Transmission Protocol conntrack entries</description>
+ <description>Sync Stream Control Transmission Protocol entries</description>
+ </valueHelp>
+ <valueHelp>
+ <format>dccp</format>
+ <description>Sync Datagram Congestion Control Protocol entries</description>
</valueHelp>
<constraint>
- <regex>^(tcp|udp|icmp|sctp)$</regex>
+ <regex>^(tcp|udp|icmp|icmp6|sctp|dccp)$</regex>
</constraint>
<constraintErrorMessage>Allowed protocols: tcp udp icmp or sctp</constraintErrorMessage>
<multi/>