T7512: firewall: Modify accepting invalid traffic for VLAN aware bridge

Allow accepting invalid packets for ethernet types `8021q` and `8021ad` in addition to ARP and UDP types so that stateful bridge firewall works for VLAN-aware bridges in addition to regular bridges.
author: Indrajit Raychaudhuri <irc@indrajit.com> 2025-06-01 23:32:13 -0500
committer: Indrajit Raychaudhuri <irc@indrajit.com> 2025-06-01 23:52:08 -0500
commit: b47adae7a3e963bfca3b775f4b84d5121907c76d (patch)
tree: e5c9cf3ea824fa87b52bb9bef4ed4b163139bde4 /interface-definitions/include
parent: b8cd453177feebc44aee53657bfd2bbcea7a8d66 (diff)
download: vyos-1x-b47adae7a3e963bfca3b775f4b84d5121907c76d.tar.gz
vyos-1x-b47adae7a3e963bfca3b775f4b84d5121907c76d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i
index 7393ff5c9..01ea16bc6 100644
--- a/interface-definitions/include/firewall/global-options.xml.i
+++ b/interface-definitions/include/firewall/global-options.xml.i
@@ -51,7 +51,7 @@
       <children>
         <leafNode name="invalid-connections">
           <properties>
-            <help>Accept ARP, DHCP and PPPoE despite they are marked as invalid connection</help>
+            <help>Accept ARP, 802.1q, 802.1ad, DHCP and PPPoE despite being marked as invalid connections</help>
             <valueless/>
           </properties>
         </leafNode>
author	Indrajit Raychaudhuri <irc@indrajit.com>	2025-06-01 23:32:13 -0500
committer	Indrajit Raychaudhuri <irc@indrajit.com>	2025-06-01 23:52:08 -0500
commit	b47adae7a3e963bfca3b775f4b84d5121907c76d (patch)
tree	e5c9cf3ea824fa87b52bb9bef4ed4b163139bde4 /interface-definitions/include
parent	b8cd453177feebc44aee53657bfd2bbcea7a8d66 (diff)
download	vyos-1x-b47adae7a3e963bfca3b775f4b84d5121907c76d.tar.gz vyos-1x-b47adae7a3e963bfca3b775f4b84d5121907c76d.zip