projects / openwrt / staging / yousong.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a6781ef) | patch
firewall3: drop support for automatic NOTRACK rules
authorJo-Philipp Wich <jo@mein.io>
Tue, 13 Dec 2016 23:44:22 +0000 (00:44 +0100)
committerJo-Philipp Wich <jo@mein.io>
Wed, 14 Dec 2016 00:05:06 +0000 (01:05 +0100)
commit2daab45cae3cfc09bae96f4326a3963a7504e86d
tree893dfbe7971eac247f7000e135ab475932044edbtree | snapshot
parenta6781ef4c12a95fb29394a8b7f6f7906e5f0d6e3commit | diff
firewall3: drop support for automatic NOTRACK rules

Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.

The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
package/network/config/firewall/Makefile diff | blob | history
Yousong Zhou staging tree