diff options
author | Jo-Philipp Wich <jo@mein.io> | 2016-12-14 00:44:22 +0100 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2016-12-14 01:05:06 +0100 |
commit | 2daab45cae3cfc09bae96f4326a3963a7504e86d (patch) | |
tree | 893dfbe7971eac247f7000e135ab475932044edb /toolchain | |
parent | a6781ef4c12a95fb29394a8b7f6f7906e5f0d6e3 (diff) | |
download | upstream-2daab45cae3cfc09bae96f4326a3963a7504e86d.tar.gz upstream-2daab45cae3cfc09bae96f4326a3963a7504e86d.tar.bz2 upstream-2daab45cae3cfc09bae96f4326a3963a7504e86d.zip |
firewall3: drop support for automatic NOTRACK rules
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.
The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'toolchain')
0 files changed, 0 insertions, 0 deletions