summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-05-31 23:01:10 +0200
committerChristian Poessinger <christian@poessinger.com>2021-05-31 23:02:48 +0200
commitec958eb3a97366f90a31bc8925be976a012b0fd5 (patch)
tree020b51b8fd5f841f27b0adb988b33b28f1b863a4 /interface-definitions
parentaf6485a0108cda618ff91423f6645dee8126c5d7 (diff)
downloadvyos-1x-ec958eb3a97366f90a31bc8925be976a012b0fd5.tar.gz
vyos-1x-ec958eb3a97366f90a31bc8925be976a012b0fd5.zip
conntrack: T3579: add module disable options
Some application layer gateway (ALG) modules can be disabled during runtime if requireq.
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/conntrack-module-disable.xml.i8
-rw-r--r--interface-definitions/system-conntrack.xml.in63
2 files changed, 71 insertions, 0 deletions
diff --git a/interface-definitions/include/conntrack-module-disable.xml.i b/interface-definitions/include/conntrack-module-disable.xml.i
new file mode 100644
index 000000000..f891225e0
--- /dev/null
+++ b/interface-definitions/include/conntrack-module-disable.xml.i
@@ -0,0 +1,8 @@
+<!-- include start from conntrack-module-disable.xml.i -->
+<leafNode name="disable">
+ <properties>
+ <help>Disable connection tracking helper</help>
+ <valueless/>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/system-conntrack.xml.in b/interface-definitions/system-conntrack.xml.in
index 07a2c401d..fa73df3db 100644
--- a/interface-definitions/system-conntrack.xml.in
+++ b/interface-definitions/system-conntrack.xml.in
@@ -35,6 +35,69 @@
</properties>
<defaultValue>32768</defaultValue>
</leafNode>
+ <node name="modules">
+ <properties>
+ <help>Connection tracking modules settings</help>
+ </properties>
+ <children>
+ <node name="ftp">
+ <properties>
+ <help>FTP connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ <node name="h323">
+ <properties>
+ <help>H.323 connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ <node name="nfs">
+ <properties>
+ <help>NFS connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ <node name="pptp">
+ <properties>
+ <help>PPTP connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ <node name="sip">
+ <properties>
+ <help>SIP connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ <node name="sqlnet">
+ <properties>
+ <help>SQLnet connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ <node name="tftp">
+ <properties>
+ <help>TFTP connection tracking settings</help>
+ </properties>
+ <children>
+ #include <include/conntrack-module-disable.xml.i>
+ </children>
+ </node>
+ </children>
+ </node>
<leafNode name="table-size">
<properties>
<help>Size of connection tracking table</help>