summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2014-08-07 19:30:36 +0000
committerFelix Fietkau <nbd@openwrt.org>2014-08-07 19:30:36 +0000
commit517ad9ff0d3413d793116fee7fa9722636a36a47 (patch)
tree97fb679908e5a18eb0872c9df35df44b8bfa3c02
parent4d39f186bcf88889355c6c59c337bde11089e994 (diff)
downloadmtk-20170518-517ad9ff0d3413d793116fee7fa9722636a36a47.zip
mtk-20170518-517ad9ff0d3413d793116fee7fa9722636a36a47.tar.gz
mtk-20170518-517ad9ff0d3413d793116fee7fa9722636a36a47.tar.bz2
base-files: enable option to skip the netfilter "filter" table for established connection packets by default
Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 42048
-rw-r--r--package/base-files/files/etc/sysctl.conf1
1 files changed, 1 insertions, 0 deletions
diff --git a/package/base-files/files/etc/sysctl.conf b/package/base-files/files/etc/sysctl.conf
index 9e5714e..eb7fe82 100644
--- a/package/base-files/files/etc/sysctl.conf
+++ b/package/base-files/files/etc/sysctl.conf
@@ -21,6 +21,7 @@ net.netfilter.nf_conntrack_max=16384
net.netfilter.nf_conntrack_tcp_timeout_established=7440
net.netfilter.nf_conntrack_udp_timeout=60
net.netfilter.nf_conntrack_udp_timeout_stream=180
+net.netfilter.nf_conntrack_skip_filter=1
# disable bridge firewalling by default
net.bridge.bridge-nf-call-arptables=0