According to /boot/config-6.1.47-amd64-vyos (in VyOS 1.4-rolling-202308260020) all conntrack helpers are compiled and available as modules:
CONFIG_NF_CONNTRACK_AMANDA=m CONFIG_NF_CONNTRACK_FTP=m CONFIG_NF_CONNTRACK_H323=m CONFIG_NF_CONNTRACK_IRC=m CONFIG_NF_CONNTRACK_BROADCAST=m CONFIG_NF_CONNTRACK_NETBIOS_NS=m CONFIG_NF_CONNTRACK_SNMP=m CONFIG_NF_CONNTRACK_PPTP=m CONFIG_NF_CONNTRACK_SANE=m CONFIG_NF_CONNTRACK_SIP=m CONFIG_NF_CONNTRACK_TFTP=m
VyOS config-mode gives me these options:
vyos@vyos# set system conntrack modules Possible completions: ftp FTP connection tracking h323 H.323 connection tracking nfs NFS connection tracking pptp PPTP connection tracking sip SIP connection tracking sqlnet SQLnet connection tracking tftp TFTP connection tracking
According to https://wiki.nftables.org/wiki-nftables/index.php/Conntrack_helpers these are the helpers available through kernel and userspace conntrackd:
Supported conntrack helpers Conntrack provides the following helpers: FTP TFTP NetBIOS IRC SIP H.323 SNMP PPTP SANE Amanda The conntrackd daemon also provides support for userspace helpers, such as: DHCPv6 MDNS SLP SSDP RPC NFS version 3 Oracle TNS
- Suggestion to add the missing helpers to config-mode (from kernel: Amanda, IRC, NetBIOS, SANE, SNMP - from conntrackd: DHCPv6, MDNS, SLP, SSDP, RPC, Oracle TNS).
- Where does the helper sqlnet come from?