summaryrefslogtreecommitdiff
path: root/src/conf_mode/system_conntrack.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/conf_mode/system_conntrack.py')
-rwxr-xr-xsrc/conf_mode/system_conntrack.py3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/conf_mode/system_conntrack.py b/src/conf_mode/system_conntrack.py
index 031fe63b0..d9c38fd95 100755
--- a/src/conf_mode/system_conntrack.py
+++ b/src/conf_mode/system_conntrack.py
@@ -18,6 +18,7 @@ import os
from sys import exit
+from vyos.base import Warning
from vyos.config import Config
from vyos.configdep import set_dependents, call_dependents
from vyos.utils.dict import dict_search
@@ -165,6 +166,8 @@ def verify(conntrack):
if not group_obj:
Warning(f'{error_group} "{group_name}" has no members!')
+ Warning(f'It is prefered to defined {inet} conntrack ignore rules in the <firewall {inet} prerouting raw> section')
+
if dict_search_args(conntrack, 'timeout', 'custom', inet, 'rule') != None:
for rule, rule_config in conntrack['timeout']['custom'][inet]['rule'].items():
if 'protocol' not in rule_config:
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 16:31:43 +0000