T3900: T6394: extend functionalities in firewall; move netfilter sysctl timeout parameters defined in conntrack to firewall global-opton section.

5 files changed, 11 insertions, 5 deletions

diff --git a/interface-definitions/include/firewall/action-and-notrack.xml.i b/interface-definitions/include/firewall/action-and-notrack.xml.i
index e063c58d5..de11f7dd5 100644
--- a/interface-definitions/include/firewall/action-and-notrack.xml.i
+++ b/interface-definitions/include/firewall/action-and-notrack.xml.i
@@ -35,7 +35,7 @@
     </valueHelp>
     <valueHelp>
       <format>notrack</format>
-      <description>Igone connection tracking</description>
+      <description>Ignore connection tracking</description>
     </valueHelp>
     <constraint>
       <regex>(accept|continue|jump|notrack|reject|return|drop|queue)</regex>
diff --git a/interface-definitions/include/firewall/global-options.xml.i b/interface-definitions/include/firewall/global-options.xml.i
index 9cd0b3239..9039b76fd 100644
--- a/interface-definitions/include/firewall/global-options.xml.i
+++ b/interface-definitions/include/firewall/global-options.xml.i
@@ -244,6 +244,14 @@
       </properties>
       <defaultValue>enable</defaultValue>
     </leafNode>
+    <node name="timeout">
+      <properties>
+        <help>Connection timeout options</help>
+      </properties>
+      <children>
+        #include <include/firewall/timeout-common-protocols.xml.i>
+      </children>
+    </node>
     <leafNode name="twa-hazards-protection">
       <properties>
         <help>RFC1337 TCP TIME-WAIT assasination hazards protection</help>
diff --git a/interface-definitions/include/conntrack/timeout-common-protocols.xml.i b/interface-definitions/include/firewall/timeout-common-protocols.xml.i
index 2676d846e..037d7d2b1 100644
--- a/interface-definitions/include/conntrack/timeout-common-protocols.xml.i
+++ b/interface-definitions/include/firewall/timeout-common-protocols.xml.i
@@ -1,4 +1,4 @@
-<!-- include start from conntrack/timeout-common-protocols.xml.i -->
+<!-- include start from firewall/timeout-common-protocols.xml.i -->
 <leafNode name="icmp">
   <properties>
     <help>ICMP timeout in seconds</help>
@@ -169,4 +169,3 @@
     </leafNode>
   </children>
 </node>
-<!-- include end -->
diff --git a/interface-definitions/include/version/firewall-version.xml.i b/interface-definitions/include/version/firewall-version.xml.i
index fa8e26f78..560ed9e5f 100644
--- a/interface-definitions/include/version/firewall-version.xml.i
+++ b/interface-definitions/include/version/firewall-version.xml.i
@@ -1,3 +1,3 @@
 <!-- include start from include/version/firewall-version.xml.i -->
-<syntaxVersion component='firewall' version='15'></syntaxVersion>
+<syntaxVersion component='firewall' version='16'></syntaxVersion>
 <!-- include end -->
diff --git a/interface-definitions/system_conntrack.xml.in b/interface-definitions/system_conntrack.xml.in
index 219c6e28e..33aa832a8 100644
--- a/interface-definitions/system_conntrack.xml.in
+++ b/interface-definitions/system_conntrack.xml.in
@@ -509,7 +509,6 @@
                   </node>
                 </children>
               </node>
-              #include <include/conntrack/timeout-common-protocols.xml.i>
             </children>
           </node>
         </children>