diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-08-14 22:47:02 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-08-14 22:47:02 +0200 |
| commit | 2aa26f836caf777255a06083208ee7bb9dab4726 (patch) | |
| tree | b3b4da382fe38782344bfc054abe849662157937 /python | |
| parent | 948efe77310820a39083745573ae99644e30ef6e (diff) | |
| parent | ebcb9c6e9a5b55219c3d538686df4a55cdcdc86d (diff) | |
| download | vyos-1x-2aa26f836caf777255a06083208ee7bb9dab4726.tar.gz vyos-1x-2aa26f836caf777255a06083208ee7bb9dab4726.zip | |
Merge pull request #3983 from vyos/mergify/bp/circinus/pr-3981
T6646: conntrack: in ignore rules, if protocols=all, do not append it to the rule (backport #3981)
Diffstat (limited to 'python')
| -rwxr-xr-x[-rw-r--r--] | python/vyos/template.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py index e8d7ba669..768c43387 100644..100755 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -694,7 +694,8 @@ def conntrack_rule(rule_conf, rule_id, action, ipv6=False): else: for protocol, protocol_config in rule_conf['protocol'].items(): proto = protocol - output.append(f'meta l4proto {proto}') + if proto != 'all': + output.append(f'meta l4proto {proto}') tcp_flags = dict_search_args(rule_conf, 'tcp', 'flags') if tcp_flags and action != 'timeout': |