vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required

(cherry picked from commit 6f7d1e15665655e37e8ca830e28d9650445c1217)
author: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2024-02-27 21:38:24 +0100
committer: Mergify <37929162+mergify[bot]@users.noreply.github.com> 2024-02-28 19:36:10 +0000
commit: 88dfa47ded706ea53a7b10ed058ddd5023226896 (patch)
tree: 90f70d19c3c44f3671c1d77417308356fcbfd7f7 /data/vyos-firewall-init.conf
parent: e1f34b0c019b9771ace1d6c723d4d84658be5cd8 (diff)
download: vyos-1x-88dfa47ded706ea53a7b10ed058ddd5023226896.tar.gz
vyos-1x-88dfa47ded706ea53a7b10ed058ddd5023226896.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf
index 5a4e03015..3929edf0b 100644
--- a/data/vyos-firewall-init.conf
+++ b/data/vyos-firewall-init.conf
@@ -65,11 +65,9 @@ table inet vrf_zones {
     # Chain for inbound traffic
     chain vrf_zones_ct_in {
         type filter hook prerouting priority raw; policy accept;
-        counter ct original zone set iifname map @ct_iface_map
     }
     # Chain for locally-generated traffic
     chain vrf_zones_ct_out {
         type filter hook output priority raw; policy accept;
-        counter ct original zone set oifname map @ct_iface_map
     }
 }
author	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2024-02-27 21:38:24 +0100
committer	Mergify <37929162+mergify[bot]@users.noreply.github.com>	2024-02-28 19:36:10 +0000
commit	88dfa47ded706ea53a7b10ed058ddd5023226896 (patch)
tree	90f70d19c3c44f3671c1d77417308356fcbfd7f7 /data/vyos-firewall-init.conf
parent	e1f34b0c019b9771ace1d6c723d4d84658be5cd8 (diff)
download	vyos-1x-88dfa47ded706ea53a7b10ed058ddd5023226896.tar.gz vyos-1x-88dfa47ded706ea53a7b10ed058ddd5023226896.zip