Currently we have these options in set firewall global-options:
vyos@vyos# set firewall global-options
Possible completions:
all-ping Policy for handling of all IPv4 ICMP echo requests (default:
enable)
broadcast-ping Policy for handling broadcast IPv4 ICMP echo and timestamp
requests (default: disable)
ip-src-route Policy for handling IPv4 packets with source route option
(default: disable)
ipv6-receive-redirects
Policy for handling received ICMPv6 redirect messages (default:
disable)
ipv6-src-route Policy for handling IPv6 packets with routing extension header
(default: disable)
log-martians Policy for logging IPv4 packets with invalid addresses (default:
enable)
receive-redirects Policy for handling received IPv4 ICMP redirect messages
(default: disable)
resolver-cache Retains last successful value if domain resolution fails
resolver-interval Domain resolver update interval (default: 300)
send-redirects Policy for sending IPv4 ICMP redirect messages (default: enable)
source-validation Policy for source validation by reversed path, as specified in
RFC3704 (default: disable)
syn-cookies Policy for using TCP SYN cookies with IPv4 (default: enable)
twa-hazards-protection
RFC1337 TCP TIME-WAIT assasination hazards protection (default:
disable)But the option for disable-directed-broadcast is located in the set system ip context:
vyos@vyos# set system ip
Possible completions:
> arp Parameters for ARP cache
disable-directed-broadcast
Disable IPv4 directed broadcast forwarding on all interfaces
disable-forwarding Disable IPv4 forwarding on all interfaces
> multipath IPv4 multipath settings
+> protocol Filter routing info exchanged between routing protocol and zebra
> tcp IPv4 TCP parametersSuggestion to move disable-directed-broadcast so it becomes member of set firewall global-options.