]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - lfs/configroot
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'ms/iptables-conntrack' into next
[ipfire-2.x.git] / lfs / configroot
diff --git a/lfs/configroot b/lfs/configroot
index cb749969446fdb0e048fcf16e381c5fbe0c9f860..f8e9ce417197f5d1acbcd110465eb1575f2469e1 100644 (file)
--- a/lfs/configroot
+++ b/lfs/configroot
@@ -135,6 +135,16 @@ $(TARGET) :
        echo  "POLICY=MODE2"            >> $(CONFIG_ROOT)/firewall/settings
        echo  "POLICY1=MODE2"           >> $(CONFIG_ROOT)/firewall/settings
 
+       # Add conntrack helper default settings
+       for proto in FTP H323 IRC SIP TFTP; do \
+               echo "CONNTRACK_$${proto}=on" >> $(CONFIG_ROOT)/optionsfw/settings; \
+       done
+
+       # Do not enable these by default because these are broken
+       for proto in AMANDA PPTP; do \
+               echo "CONNTRACK_$${proto}=off" >> $(CONFIG_ROOT)/optionsfw/settings; \
+       done
+
        # set converters executable
        chmod 755 /usr/sbin/convert-*
 
IPFire 2.x development tree