3 files changed, 32 insertions, 19 deletions
diff --git a/src/conf_mode/system_conntrack.py b/src/conf_mode/system_conntrack.py
index 2a55daed4..a1472aaaa 100755
--- a/src/conf_mode/system_conntrack.py
+++ b/src/conf_mode/system_conntrack.py
@@ -58,6 +58,11 @@ module_map = {
         'nftables': ['tcp dport {1723} ct helper set "pptp_tcp" return'],
         'ipv4': True
      },
+    'rtsp': {
+        'ko': ['nf_nat_rtsp', 'nf_conntrack_rtsp'],
+        'nftables': ['tcp dport {554} ct helper set "rtsp_tcp" return'],
+        'ipv4': True
+    },
     'sip': {
         'ko': ['nf_nat_sip', 'nf_conntrack_sip'],
         'nftables': ['tcp dport {5060,5061} ct helper set "sip_tcp" return',
@@ -195,7 +200,7 @@ def generate(conntrack):
 def apply(conntrack):
     # Depending on the enable/disable state of the ALG (Application Layer Gateway)
     # modules we need to either insmod or rmmod the helpers.
-    
+
     add_modules = []
     rm_modules = []
 
diff --git a/src/helpers/vyos_config_sync.py b/src/helpers/vyos_config_sync.py
index 7cfa8fe88..572fea61f 100755
--- a/src/helpers/vyos_config_sync.py
+++ b/src/helpers/vyos_config_sync.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2023 VyOS maintainers and contributors
+# Copyright (C) 2023-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -60,6 +60,7 @@ def post_request(url: str,
     return response
 
 
+
 def retrieve_config(section: str = None) -> Optional[Dict[str, Any]]:
     """Retrieves the configuration from the local server.
 
@@ -71,8 +72,6 @@ def retrieve_config(section: str = None) -> Optional[Dict[str, Any]]:
     """
     if section is None:
         section = []
-    else:
-        section = section.split()
 
     conf = Config()
     config = conf.get_config_dict(section, get_first_key=True)
@@ -101,8 +100,6 @@ def set_remote_config(
 
     if path is None:
         path = []
-    else:
-        path = path.split()
     headers = {'Content-Type': 'application/json'}
 
     # Disable the InsecureRequestWarning
@@ -127,17 +124,16 @@ def set_remote_config(
 
 def is_section_revised(section: str) -> bool:
     from vyos.config_mgmt import is_node_revised
-    return is_node_revised([section])
+    return is_node_revised(section)
 
 
 def config_sync(secondary_address: str,
                 secondary_key: str,
-                sections: List[str],
+                sections: List[list],
                 mode: str):
     """Retrieve a config section from primary router in JSON format and send it to
        secondary router
     """
-    # Config sync only if sections changed
     if not any(map(is_section_revised, sections)):
         return
 
@@ -188,5 +184,17 @@ if __name__ == '__main__':
             "Missing required configuration data for config synchronization.")
         exit(0)
 
+    # Generate list_sections of sections/subsections
+    # [
+    #   ['interfaces', 'pseudo-ethernet'], ['interfaces', 'virtual-ethernet'], ['nat'], ['nat66']
+    # ]
+    list_sections = []
+    for section, subsections in sections.items():
+        if subsections:
+            for subsection in subsections:
+                list_sections.append([section, subsection])
+        else:
+            list_sections.append([section])
+
     config_sync(secondary_address, secondary_key,
-                sections, mode)
+                list_sections, mode)
diff --git a/src/migration-scripts/policy/1-to-2 b/src/migration-scripts/policy/1-to-2
index c70490ce9..c7a983bba 100755
--- a/src/migration-scripts/policy/1-to-2
+++ b/src/migration-scripts/policy/1-to-2
@@ -32,23 +32,23 @@ file_name = argv[1]
 with open(file_name, 'r') as f:
     config_file = f.read()
 
-base = ['policy', 'ipv6-route']
+base = ['policy']
 config = ConfigTree(config_file)
 
 if not config.exists(base):
     # Nothing to do
     exit(0)
 
-config.rename(base, 'route6')
-config.set_tag(['policy', 'route6'])
+if config.exists(base + ['ipv6-route']):
+    config.rename(base + ['ipv6-route'],'route6')
+    config.set_tag(['policy', 'route6'])
 
 for route in ['route', 'route6']:
-    route_path = ['policy', route]
-    if config.exists(route_path):
-        for name in config.list_nodes(route_path):
-            if config.exists(route_path + [name, 'rule']):
-                for rule in config.list_nodes(route_path + [name, 'rule']):
-                    rule_tcp_flags = route_path + [name, 'rule', rule, 'tcp', 'flags']
+    if config.exists(base + [route]):
+        for name in config.list_nodes(base + [route]):
+            if config.exists(base + [route, name, 'rule']):
+                for rule in config.list_nodes(base + [route, name, 'rule']):
+                    rule_tcp_flags = base + [route, name, 'rule', rule, 'tcp', 'flags']
 
                     if config.exists(rule_tcp_flags):
                         tmp = config.return_value(rule_tcp_flags)