Merge pull request #3059 from vyos/mergify/bp/sagitta/pr-3055

vrf: conntrack: T6073: Populate VRF zoning chains only while conntrack is required (backport #3055)
author: Christian Breunig <christian@breunig.cc> 2024-02-28 20:56:54 +0100
committer: GitHub <noreply@github.com> 2024-02-28 20:56:54 +0100
commit: 5896eacd12f16d1b9810b325c205179a1606c885 (patch)
tree: 90f70d19c3c44f3671c1d77417308356fcbfd7f7 /data/vyos-firewall-init.conf
parent: fdfe194634f7a15c2299a3a3bffbe64fe578f466 (diff)
parent: 88dfa47ded706ea53a7b10ed058ddd5023226896 (diff)
download: vyos-1x-5896eacd12f16d1b9810b325c205179a1606c885.tar.gz
vyos-1x-5896eacd12f16d1b9810b325c205179a1606c885.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf
index 5a4e03015..3929edf0b 100644
--- a/data/vyos-firewall-init.conf
+++ b/data/vyos-firewall-init.conf
@@ -65,11 +65,9 @@ table inet vrf_zones {
     # Chain for inbound traffic
     chain vrf_zones_ct_in {
         type filter hook prerouting priority raw; policy accept;
-        counter ct original zone set iifname map @ct_iface_map
     }
     # Chain for locally-generated traffic
     chain vrf_zones_ct_out {
         type filter hook output priority raw; policy accept;
-        counter ct original zone set oifname map @ct_iface_map
     }
 }
author	Christian Breunig <christian@breunig.cc>	2024-02-28 20:56:54 +0100
committer	GitHub <noreply@github.com>	2024-02-28 20:56:54 +0100
commit	5896eacd12f16d1b9810b325c205179a1606c885 (patch)
tree	90f70d19c3c44f3671c1d77417308356fcbfd7f7 /data/vyos-firewall-init.conf
parent	fdfe194634f7a15c2299a3a3bffbe64fe578f466 (diff)
parent	88dfa47ded706ea53a7b10ed058ddd5023226896 (diff)
download	vyos-1x-5896eacd12f16d1b9810b325c205179a1606c885.tar.gz vyos-1x-5896eacd12f16d1b9810b325c205179a1606c885.zip