]> git.ipfire.org Git - people/ms/ipfire-2.x.git/commit
projects / people / ms / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b6deb78) | patch
firewall: Disable all connection tracking helpers by default
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 2 Mar 2021 10:04:46 +0000 (10:04 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 2 Mar 2021 10:04:46 +0000 (10:04 +0000)
commit74d3d9cbe3e3b198e6c7a8c30ec2a0c58b6c5e2c
tree34e0c68c6155ed75aaa754892f81cf16d2c0b706tree
parentb6deb78d91664a8ef7b9eac2cbfd44b5d9cfaf2ccommit | diff
firewall: Disable all connection tracking helpers by default

This will mitigate exploiting networks secured by IPFire using NAT
Slipstreaming:

https://lists.ipfire.org/pipermail/development/2021-February/009303.html

Suggested-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/configroot diff | blob | blame | history
Michael's tree of IPFire 2.x.