Page MenuHomeVyOS Platform
Create Task
Maniphest T6394

Migrate conntrack timeout sysctl parameter to firewall
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

Sysctl parameters defined in set system conntrack timeout should be moved to set firewall global-options, since that's the place were all sysctl parameters related to firwall/netfilter are defined.

vyos@clear-legacy# set system conntrack timeout 
Possible completions:
 > custom               Define custom timeouts per connection
   icmp                 ICMP timeout in seconds (default: 30)
   other                Generic connection timeout in seconds (default: 600)
 > tcp                  TCP connection timeout options
 > udp                  UDP timeout options

      
[edit]
vyos@clear-legacy# set system conntrack timeout

All nodes, except custom, should be migrated to firewall section

Details

Difficulty level
Unknown (require assessment)
Version
1.5-rolling-202405240020
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Event Timeline

n.fort created this task.May 24 2024, 12:33 PM
n.fort changed the task status from Open to In progress.
n.fort claimed this task.
n.fort triaged this task as Normal priority.
n.fort changed Version from - to 1.5-rolling-202405240020.
n.fort changed the task status from In progress to Needs testing.Thu, Jun 6, 3:24 PM

PR: https://github.com/vyos/vyos-1x/pull/3578

pasik subscribed.Thu, Jun 6, 3:28 PM
n.fort closed this task as Resolved.Fri, Jun 14, 7:04 PM