Hello, Here's a patch which provides a way to disable helper assignement by default To preserve backward compatibility, this feature is disabled by default. Once the feature is activated, the user has to manually define the helper assignement by using the CT target. This patch is aiming at improving the situation described in the 'Secure use of iptables and connection tracking helpers' document: https://home.regit.org/netfilter-en/secure-use-of-helpers/ where a ports=0 loading option was given to emulate this behaviour. BR, -- Eric Leblond <eric@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
