From 53a6b00c4fc7e863b8a1b22cc01f90b016184363 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 12 Aug 2015 12:46:07 +0100
Subject: [PATCH] firewall: Disable the PPTP and AMANDA conntrack helpers by
 default

These do not seem to work at the moment.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 lfs/configroot | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lfs/configroot b/lfs/configroot
index 8de5e6b517..5ed1476fb0 100644
--- a/lfs/configroot
+++ b/lfs/configroot
@@ -136,10 +136,15 @@ $(TARGET) :
 	echo  "POLICY1=MODE2"		>> $(CONFIG_ROOT)/firewall/settings
 
 	# Add conntrack helper default settings
-	for proto in AMANDA FTP H323 IRC PPTP SIP TFTP; do \
+	for proto in FTP H323 IRC SIP TFTP; do \
 		echo "CONNTRACK_$${proto}=on" >> $(CONFIG_ROOT)/optionsfw/settings; \
 	done
 
+	# Do not enable these by default because these are broken
+	for proto in AMANDA PPTP; do \
+		echo "CONNTRACK_$${proto}=off" >> $(CONFIG_ROOT)/optionsfw/settings; \
+	done
+
 	# set converters executable
 	chmod 755 /usr/sbin/convert-*
 
-- 
2.39.5