diff options
| author | Franz Pletz <fpletz@fnordicwalking.de> | 2017-01-22 19:53:19 +0100 |
|---|---|---|
| committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-01-25 01:14:05 +0100 |
| commit | 8d5a4c53b8734b1fc10ab4acdcba28451b836fd9 (patch) | |
| tree | 064566b0593d5b80e8fcbc29e1050bfa20ad35d7 /nixos/doc/manual/release-notes/rl-1703.xml | |
| parent | 2d9152d509da7fb6b4d156b094ca7525358634bd (diff) | |
| download | nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.tar nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.tar.gz nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.tar.bz2 nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.tar.lz nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.tar.xz nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.tar.zst nixpkgs-8d5a4c53b8734b1fc10ab4acdcba28451b836fd9.zip | |
nixos/release-notes: document conntrack helper changes
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-1703.xml')
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-1703.xml | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1703.xml b/nixos/doc/manual/release-notes/rl-1703.xml index aa864b7a757..177010e2a32 100644 --- a/nixos/doc/manual/release-notes/rl-1703.xml +++ b/nixos/doc/manual/release-notes/rl-1703.xml @@ -133,6 +133,19 @@ following incompatible changes:</para> </para> </listitem> + + <listitem> + <para> + Autoloading connection tracking helpers is now disabled by default. + This default was also changed in the Linux kernel and is considered + insecure if not configured properly in your firewall. If you need + connection tracking helpers (i.e. for active FTP) please enable + <literal>networking.firewall.autoLoadConntrackHelpers</literal> and + tune <literal>networking.firewall.connectionTrackingModules</literal> + to suit your needs. + </para> + </listitem> + </itemizedlist> |