From: Jo-Philipp Wich Date: Tue, 13 Dec 2016 23:44:22 +0000 (+0100) Subject: firewall3: drop support for automatic NOTRACK rules X-Git-Tag: v17.01.0-rc1~552 X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fopenwrt.git;a=commitdiff_plain;h=2daab45cae3cfc09bae96f4326a3963a7504e86d firewall3: drop support for automatic NOTRACK rules Update to current HEAD in order to drop automatic generation of per-zone NOTRACK rules. The NOTRACK rules used to provide a little performance improvement but the later introduction of the netfilter conntrack cache made those rules largely unnecessary. Additionally, those rules caused various issues which broke stateful firewalling in some scenarios. Signed-off-by: Jo-Philipp Wich --- diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile index 24b2e05569..3d59c09371 100644 --- a/package/network/config/firewall/Makefile +++ b/package/network/config/firewall/Makefile @@ -9,15 +9,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall -PKG_VERSION:=2016-11-07 +PKG_VERSION:=2016-11-29 PKG_RELEASE:=$(PKG_SOURCE_VERSION) PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(LEDE_GIT)/project/firewall3.git PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=0367860636aa55e9ee064709ec2814906e1f246b +PKG_SOURCE_VERSION:=13698aafb52c45817ee7815da3405e620657c8d0 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz -PKG_MIRROR_MD5SUM:=1a087c92c73c3736dd19445d2f470abc2c1eb623956ddd55284c2e6a733198ce +PKG_MIRROR_MD5SUM:=fd5468488e67b2a67a95228cb2e2efe66a44426748d294ecd9c7806c6bbe0978 PKG_MAINTAINER:=Jo-Philipp Wich PKG_LICENSE:=ISC