diff options
| author | Alain Lamar <alain_lamar@yahoo.de> | 2024-06-24 14:55:23 +0200 |
|---|---|---|
| committer | Alain Lamar <alain_lamar@yahoo.de> | 2024-06-24 14:55:23 +0200 |
| commit | a95d2c9744c8e08efac2bb562d5ad1f8956a4c12 (patch) | |
| tree | a2c3a267cd973d6b89db3376a023374537975d3b /docs/configuration/system | |
| parent | dcc1645e54fe6573efd8a2b808c9a7b8c9341652 (diff) | |
| parent | ea35f9d6641ae11fa71c4aa5f19e1b8085d45b6d (diff) | |
| download | vyos-documentation-a95d2c9744c8e08efac2bb562d5ad1f8956a4c12.tar.gz vyos-documentation-a95d2c9744c8e08efac2bb562d5ad1f8956a4c12.zip | |
wireless: T6320: Merge remote-tracking branch 'upstream' into T6320
Diffstat (limited to 'docs/configuration/system')
| -rw-r--r-- | docs/configuration/system/conntrack.rst | 39 |
1 files changed, 6 insertions, 33 deletions
diff --git a/docs/configuration/system/conntrack.rst b/docs/configuration/system/conntrack.rst index 1401e02e..6d551575 100644 --- a/docs/configuration/system/conntrack.rst +++ b/docs/configuration/system/conntrack.rst @@ -64,39 +64,7 @@ Configure Contrack Timeouts ================= -VyOS supports setting timeouts for connections according to the -connection type. You can set timeout values for generic connections, for ICMP -connections, UDP connections, or for TCP connections in a number of different -states. - -.. cfgcmd:: set system conntrack timeout icmp <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout other <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp close <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp close-wait <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp established <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp fin-wait <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp last-ack <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp syn-recv <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp syn-sent <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout tcp time-wait <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout udp other <1-21474836> - :defaultvalue: -.. cfgcmd:: set system conntrack timeout udp stream <1-21474836> - :defaultvalue: - - Set the timeout in seconds for a protocol or state. - -You can also define custom timeout values to apply to a specific subset of +You can define custom timeout values to apply to a specific subset of connections, based on a packet and flow selector. To do this, you need to create a rule defining the packet and flow selector. @@ -177,6 +145,11 @@ create a rule defining the packet and flow selector. Conntrack ignore rules ====================== +.. note:: **Important note about conntrack ignore rules:** + Starting from vyos-1.5-rolling-202406120020, ignore rules can be defined in + ``set firewall [ipv4 | ipv6] prerouting raw ...``. It's expected that in + the future the conntrack ignore rules will be removed. + Customized ignore rules, based on a packet and flow selector. .. cfgcmd:: set system conntrack ignore [ipv4 | ipv6] rule <1-999999> |