From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 12 Aug 2015 11:46:07 +0000 (+0100)
Subject: firewall: Disable the PPTP and AMANDA conntrack helpers by default
X-Git-Tag: v2.19-core100~70^2~2
X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=53a6b00c4fc7e863b8a1b22cc01f90b016184363

firewall: Disable the PPTP and AMANDA conntrack helpers by default

These do not seem to work at the moment.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/lfs/configroot b/lfs/configroot
index 8de5e6b517..5ed1476fb0 100644
--- a/lfs/configroot
+++ b/lfs/configroot
@@ -136,10 +136,15 @@ $(TARGET) :
 	echo  "POLICY1=MODE2"		>> $(CONFIG_ROOT)/firewall/settings
 
 	# Add conntrack helper default settings
-	for proto in AMANDA FTP H323 IRC PPTP SIP TFTP; do \
+	for proto in FTP H323 IRC SIP TFTP; do \
 		echo "CONNTRACK_$${proto}=on" >> $(CONFIG_ROOT)/optionsfw/settings; \
 	done
 
+	# Do not enable these by default because these are broken
+	for proto in AMANDA PPTP; do \
+		echo "CONNTRACK_$${proto}=off" >> $(CONFIG_ROOT)/optionsfw/settings; \
+	done
+
 	# set converters executable
 	chmod 755 /usr/sbin/convert-*