diff options
| author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-05-24 16:44:41 +0000 |
|---|---|---|
| committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-06-04 13:22:24 +0000 |
| commit | 770edf016838523c248e3c8a36c5f327a0b98415 (patch) | |
| tree | aaee1527f0efe6359d1dc1269d35de4795bbe082 /interface-definitions/include | |
| parent | 6871c5541c1962e63d7a9b75d2bb43df2a8d372b (diff) | |
| download | vyos-1x-770edf016838523c248e3c8a36c5f327a0b98415.tar.gz vyos-1x-770edf016838523c248e3c8a36c5f327a0b98415.zip | |
T3900: T6394: extend functionalities in firewall; move netfilter sysctl timeout parameters defined in conntrack to firewall global-opton section.
Diffstat (limited to 'interface-definitions/include')
| -rw-r--r-- | interface-definitions/include/firewall/action-and-notrack.xml.i | 2 | ||||
| -rw-r--r-- | interface-definitions/include/firewall/global-options.xml.i | 8 | ||||
| -rw-r--r-- | interface-definitions/include/firewall/timeout-common-protocols.xml.i (renamed from interface-definitions/include/conntrack/timeout-common-protocols.xml.i) | 3 | ||||
| -rw-r--r-- | interface-definitions/include/version/firewall-version.xml.i | 2 |
4 files changed, 11 insertions, 4 deletions
diff --git a/interface-definitions/include/firewall/action-and-notrack.xml.i b/interface-definitions/include/firewall/action-and-notrack.xml.i index e063c58d5..de11f7dd5 100644 --- a/interface-definitions/include/firewall/action-and-notrack.xml.i +++ b/interface-definitions/include/firewall/action-and-notrack.xml.i @@ -35,7 +35,7 @@ </valueHelp> <valueHelp> <format>notrack</format> - <description>Igone connection tracking</description> + <description>Ignore connection tracking</description> </valueHelp> <constraint> <regex>(accept|continue|jump|notrack|reject|return|drop|queue)</regex> diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i index 9cd0b3239..9039b76fd 100644 --- a/interface-definitions/include/firewall/global-options.xml.i +++ b/interface-definitions/include/firewall/global-options.xml.i @@ -244,6 +244,14 @@ </properties> <defaultValue>enable</defaultValue> </leafNode> + <node name="timeout"> + <properties> + <help>Connection timeout options</help> + </properties> + <children> + #include <include/firewall/timeout-common-protocols.xml.i> + </children> + </node> <leafNode name="twa-hazards-protection"> <properties> <help>RFC1337 TCP TIME-WAIT assasination hazards protection</help> diff --git a/interface-definitions/include/conntrack/timeout-common-protocols.xml.i b/interface-definitions/include/firewall/timeout-common-protocols.xml.i index 2676d846e..037d7d2b1 100644 --- a/interface-definitions/include/conntrack/timeout-common-protocols.xml.i +++ b/interface-definitions/include/firewall/timeout-common-protocols.xml.i @@ -1,4 +1,4 @@ -<!-- include start from conntrack/timeout-common-protocols.xml.i --> +<!-- include start from firewall/timeout-common-protocols.xml.i --> <leafNode name="icmp"> <properties> <help>ICMP timeout in seconds</help> @@ -169,4 +169,3 @@ </leafNode> </children> </node> -<!-- include end --> diff --git a/interface-definitions/include/version/firewall-version.xml.i b/interface-definitions/include/version/firewall-version.xml.i index fa8e26f78..560ed9e5f 100644 --- a/interface-definitions/include/version/firewall-version.xml.i +++ b/interface-definitions/include/version/firewall-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/firewall-version.xml.i --> -<syntaxVersion component='firewall' version='15'></syntaxVersion> +<syntaxVersion component='firewall' version='16'></syntaxVersion> <!-- include end --> |