Merge pull request #3101 from vyos/mergify/bp/sagitta/pr-3099

conntrack-sync: T6057: Add ability to disable syslog for conntrackd (backport #3099)

2 files changed, 7 insertions, 1 deletions

diff --git a/data/templates/conntrackd/conntrackd.conf.j2 b/data/templates/conntrackd/conntrackd.conf.j2
index 8f56c8171..669b20877 100644
--- a/data/templates/conntrackd/conntrackd.conf.j2
+++ b/data/templates/conntrackd/conntrackd.conf.j2
@@ -76,7 +76,7 @@ General {
     HashSize {{ hash_size }}
     HashLimit {{ table_size | int *2 }}
     LogFile off
-    Syslog on
+    Syslog {{ 'off' if disable_syslog is vyos_defined else 'on' }}
     LockFile /var/lock/conntrack.lock
     UNIX {
         Path /var/run/conntrackd.ctl
diff --git a/interface-definitions/service_conntrack-sync.xml.in b/interface-definitions/service_conntrack-sync.xml.in
index 46dc8adc0..397864867 100644
--- a/interface-definitions/service_conntrack-sync.xml.in
+++ b/interface-definitions/service_conntrack-sync.xml.in
@@ -52,6 +52,12 @@
               <valueless/>
             </properties>
           </leafNode>
+          <leafNode name="disable-syslog">
+            <properties>
+              <help>Disable connection logging via Syslog</help>
+              <valueless/>
+            </properties>
+          </leafNode>
           <leafNode name="event-listen-queue-size">
             <properties>
               <help>Queue size for local conntrack events</help>