Don't use connection tracking for loopback traffic.

author Michael Tremer <michael.tremer@ipfire.org>

Sun, 28 Apr 2013 11:26:27 +0000 (13:26 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Sun, 28 Apr 2013 11:26:27 +0000 (13:26 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Sun, 28 Apr 2013 11:26:27 +0000 (13:26 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Sun, 28 Apr 2013 11:26:27 +0000 (13:26 +0200)
diff --git a/functions.firewall b/functions.firewall

index 3f0d5ff85394e039c222d1add7878a2598ab1a25..40cb9326d515d408bb861bc5e7f927cf67e2a6a4 100644 (file)
--- a/functions.firewall
+++ b/functions.firewall
@@ -251,8 +251,8 @@ function firewall_localhost_create_chains() {
         log DEBUG "Creating firewall chains for localhost..."
  
         # Accept everything on lo
-       iptables "${protocol}" -A INPUT  -i lo -m conntrack --ctstate NEW -j ACCEPT
-       iptables "${protocol}" -A OUTPUT -o lo -m conntrack --ctstate NEW -j ACCEPT
+       iptables "${protocol}" -A INPUT  -i lo -j ACCEPT
+       iptables "${protocol}" -A OUTPUT -o lo -j ACCEPT
  }
  
  function firewall_zone_create_chains() {
author	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 28 Apr 2013 11:26:27 +0000 (13:26 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 28 Apr 2013 11:26:27 +0000 (13:26 +0200)