projects / project / firewall3.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0367860) | patch
global: remove automatic notrack rules
authorJo-Philipp Wich <jo@mein.io>
Tue, 29 Nov 2016 11:27:42 +0000 (12:27 +0100)
committerJo-Philipp Wich <jo@mein.io>
Tue, 29 Nov 2016 11:27:42 +0000 (12:27 +0100)
commit13698aafb52c45817ee7815da3405e620657c8d0
tree2773965e8ecf70d33b3fa4987404dac71c853bf0tree | snapshot
parent0367860636aa55e9ee064709ec2814906e1f246bcommit | diff
global: remove automatic notrack rules

With recent Kernel versions and the introduction of the conntrack routing
cache there is no need to maintain performance hacks in userspace anymore,
so simply drop the generation of automatic -j CT --notrack rules for zones.

This also fixes some cases where traffic is not matched for zones that do
not explicitely enforce connection tracking.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
forwards.c diff | blob | history
options.h diff | blob | history
redirects.c diff | blob | history
snats.c diff | blob | history
utils.c diff | blob | history
zones.c diff | blob | history
OpenWrt firewall configuration utility