diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-05-15 10:55:33 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-05-15 10:55:33 +0200 |
commit | 7792b5319695098418de562dad87bbc0fef6d19c (patch) | |
tree | 12d3eb3cb2b8a64d97b80874aadfbff54b54172a | |
parent | e2978bb452c4ad3c3caf532c8f2204d7615c881e (diff) | |
download | vyos-1x-7792b5319695098418de562dad87bbc0fef6d19c.tar.gz vyos-1x-7792b5319695098418de562dad87bbc0fef6d19c.zip |
conntrack: T3535: add support for icmp6 and dccp
-rw-r--r-- | data/templates/conntrackd/conntrackd.conf.tmpl | 4 | ||||
-rw-r--r-- | interface-definitions/service_conntrack-sync.xml.in | 20 |
2 files changed, 18 insertions, 6 deletions
diff --git a/data/templates/conntrackd/conntrackd.conf.tmpl b/data/templates/conntrackd/conntrackd.conf.tmpl index 6f9fa51b0..fdaac7275 100644 --- a/data/templates/conntrackd/conntrackd.conf.tmpl +++ b/data/templates/conntrackd/conntrackd.conf.tmpl @@ -95,7 +95,11 @@ General { {% if accept_protocol is defined and accept_protocol is not none %} Protocol Accept { {% for protocol in accept_protocol %} +{% if protocol == 'icmp6' %} + IPv6-ICMP +{% else %} {{ protocol | upper }} +{% endif %} {% endfor %} } {% endif %} diff --git a/interface-definitions/service_conntrack-sync.xml.in b/interface-definitions/service_conntrack-sync.xml.in index 088cd78f6..8d6b57183 100644 --- a/interface-definitions/service_conntrack-sync.xml.in +++ b/interface-definitions/service_conntrack-sync.xml.in @@ -12,26 +12,34 @@ <properties> <help>Protocols for which local conntrack entries will be synced</help> <completionHelp> - <list>tcp udp icmp sctp</list> + <list>tcp udp icmp icmp6 sctp dccp</list> </completionHelp> <valueHelp> <format>tcp</format> - <description>Sync Transmission Control Protocol conntrack entries</description> + <description>Sync Transmission Control Protocol entries</description> </valueHelp> <valueHelp> <format>udp</format> - <description>Sync User Datagram Protocol conntrack entries</description> + <description>Sync User Datagram Protocol entries</description> </valueHelp> <valueHelp> <format>icmp</format> - <description>Sync Internet Control Message Protocol conntrack entries</description> + <description>Sync Internet Control Message Protocol entries</description> + </valueHelp> + <valueHelp> + <format>icmp6</format> + <description>Sync IPv6 Internet Control Message Protocol entries</description> </valueHelp> <valueHelp> <format>sctp</format> - <description>Sync Stream Control Transmission Protocol conntrack entries</description> + <description>Sync Stream Control Transmission Protocol entries</description> + </valueHelp> + <valueHelp> + <format>dccp</format> + <description>Sync Datagram Congestion Control Protocol entries</description> </valueHelp> <constraint> - <regex>^(tcp|udp|icmp|sctp)$</regex> + <regex>^(tcp|udp|icmp|icmp6|sctp|dccp)$</regex> </constraint> <constraintErrorMessage>Allowed protocols: tcp udp icmp or sctp</constraintErrorMessage> <multi/> |