From: Michael Tremer Date: Tue, 13 Dec 2022 17:56:40 +0000 (+0000) Subject: kernel: Disable all connection tracking helper modules X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f51bf39207cf3f9bf5cc52ae30c10e22f487015a;p=ipfire-3.x.git kernel: Disable all connection tracking helper modules Signed-off-by: Michael Tremer --- diff --git a/kernel/config-generic b/kernel/config-generic index fa8734651..acb729190 100644 --- a/kernel/config-generic +++ b/kernel/config-generic @@ -887,30 +887,23 @@ CONFIG_NF_CONNTRACK_TIMEOUT=y CONFIG_NF_CONNTRACK_TIMESTAMP=y CONFIG_NF_CONNTRACK_LABELS=y CONFIG_NF_CT_PROTO_DCCP=y -CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y -CONFIG_NF_CONNTRACK_AMANDA=m -CONFIG_NF_CONNTRACK_FTP=m -CONFIG_NF_CONNTRACK_H323=m -CONFIG_NF_CONNTRACK_IRC=m -CONFIG_NF_CONNTRACK_BROADCAST=m -CONFIG_NF_CONNTRACK_NETBIOS_NS=m -CONFIG_NF_CONNTRACK_SNMP=m -CONFIG_NF_CONNTRACK_PPTP=m -CONFIG_NF_CONNTRACK_SANE=m -CONFIG_NF_CONNTRACK_SIP=m -CONFIG_NF_CONNTRACK_TFTP=m +# CONFIG_NF_CONNTRACK_AMANDA is not set +# CONFIG_NF_CONNTRACK_FTP is not set +# CONFIG_NF_CONNTRACK_H323 is not set +# CONFIG_NF_CONNTRACK_IRC is not set +# CONFIG_NF_CONNTRACK_NETBIOS_NS is not set +# CONFIG_NF_CONNTRACK_SNMP is not set +# CONFIG_NF_CONNTRACK_PPTP is not set +# CONFIG_NF_CONNTRACK_SANE is not set +# CONFIG_NF_CONNTRACK_SIP is not set +# CONFIG_NF_CONNTRACK_TFTP is not set CONFIG_NF_CT_NETLINK=m CONFIG_NF_CT_NETLINK_TIMEOUT=m CONFIG_NF_CT_NETLINK_HELPER=m CONFIG_NETFILTER_NETLINK_GLUE_CT=y CONFIG_NF_NAT=m -CONFIG_NF_NAT_AMANDA=m -CONFIG_NF_NAT_FTP=m -CONFIG_NF_NAT_IRC=m -CONFIG_NF_NAT_SIP=m -CONFIG_NF_NAT_TFTP=m CONFIG_NF_NAT_REDIRECT=y CONFIG_NF_NAT_MASQUERADE=y CONFIG_NETFILTER_SYNPROXY=m @@ -1015,9 +1008,7 @@ CONFIG_IP_VS_MH_TAB_INDEX=12 # # IPVS application helper # -CONFIG_IP_VS_FTP=m CONFIG_IP_VS_NFCT=y -CONFIG_IP_VS_PE_SIP=m # # IP: Netfilter Configuration @@ -1034,9 +1025,6 @@ CONFIG_NF_DUP_IPV4=m CONFIG_NF_LOG_ARP=m CONFIG_NF_LOG_IPV4=m CONFIG_NF_REJECT_IPV4=m -CONFIG_NF_NAT_SNMP_BASIC=m -CONFIG_NF_NAT_PPTP=m -CONFIG_NF_NAT_H323=m # CONFIG_IP_NF_IPTABLES is not set # CONFIG_IP_NF_ARPTABLES is not set # end of IP: Netfilter Configuration diff --git a/kernel/kernel.nm b/kernel/kernel.nm index c5c660f50..e1fb4a836 100644 --- a/kernel/kernel.nm +++ b/kernel/kernel.nm @@ -5,7 +5,7 @@ name = kernel version = 6.0.6 -release = 0.10 +release = 0.11 thisapp = linux-%{version} maintainer = Arne Fitzenreiter