public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/release-notes: document conntrack helper changes

Browse Source
This commit is contained in:
Franz Pletz 2017-01-22 19:53:19 +01:00
parent 2d9152d509
commit 8d5a4c53b8
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nixos/doc/manual/release-notes/rl-1703.xml
View File

@ -133,6 +133,19 @@ following incompatible changes:</para>
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Autoloading connection tracking helpers is now disabled by default.
This default was also changed in the Linux kernel and is considered
insecure if not configured properly in your firewall. If you need
connection tracking helpers (i.e. for active FTP) please enable
<literal>networking.firewall.autoLoadConntrackHelpers</literal> and
tune <literal>networking.firewall.connectionTrackingModules</literal>
to suit your needs.
</para>
</listitem>
</itemizedlist> </itemizedlist>