]> git.ipfire.org Git - people/ms/ipfire-2.x.git/commit
projects / people / ms / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 181ee89) | patch
iptables: Replace state module by conntrack module.
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 8 Jul 2013 13:14:15 +0000 (15:14 +0200)
committerAlexander Marx <amarx@ipfire.org>
Thu, 8 Aug 2013 05:52:01 +0000 (07:52 +0200)
commit6c2258160078bdbac8c1cfca080dfca94550ac92
treecf9c874708e028042d4200d9025ee5ffe5a7b50ftree
parent181ee895b6b60c6ebc416fd9c4b04b7b62f75757commit | diff
iptables: Replace state module by conntrack module.

The state module is deprecated in recent releases of iptables
and should not be used any more.

Additionally, this patch adds an extra chain for all
connection tracking rules, so we can keep the entire ruleset
more small and clean.
config/forwardfw/rules.pl diff | blob | blame | history
src/initscripts/init.d/firewall diff | blob | blame | history
Michael's tree of IPFire 2.x.