summaryrefslogtreecommitdiff
path: root/op-mode-definitions/show-ip-ports.xml
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-07-26 13:25:19 +0200
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-07-30 07:47:39 +0000
commit6fead781cb16eee0884615134d34edc31aec2705 (patch)
treecbf0ec6184b0f62d2950c6507718774a6d4e30c8 /op-mode-definitions/show-ip-ports.xml
parent6a6b8616a9f2cae6f2fa3e31b7ff75365bae86e6 (diff)
downloadvyos-1x-6fead781cb16eee0884615134d34edc31aec2705.tar.gz
vyos-1x-6fead781cb16eee0884615134d34edc31aec2705.zip
vrf: T6603: conntrack ct_iface_map must only contain one entry for iifname/oifname
When any of the following features NAT, NAT66 or Firewall is enabled, for every VRF on the CLI we install one rule into nftables for conntrack: chain vrf_zones_ct_in { type filter hook prerouting priority raw; policy accept; counter packets 3113 bytes 32227 ct original zone set iifname map @ct_iface_map counter packets 8550 bytes 80739 ct original zone set iifname map @ct_iface_map counter packets 5644 bytes 67697 ct original zone set iifname map @ct_iface_map } This is superfluous. (cherry picked from commit d6e9824f1612bd8c876437c071f31a1a0f44af5d)
Diffstat (limited to 'op-mode-definitions/show-ip-ports.xml')
0 files changed, 0 insertions, 0 deletions