Hi,
I still get the warning from the kernel
# tftp -g server -r test.c
[ 1359.853269] nf_conntrack: automatic helper assignment is deprecated
and it will be removed soon. Use the iptables CT target to attach
helpers instead.
test.c 100%
|************************************************************************|
804 0:00:00 ETA
# nft list ruleset
table ip filter {
chain output {
type filter hook output priority 0;
udp dport tftp ct helper "tftp"
}
chain input {
type filter hook input priority 0;
oifname "lo" accept
ct state { established, related} accept
ct state new tcp dport ssh accept
ip protocol icmp accept
drop
}
chain forward {
type filter hook forward priority 0;
drop
}
}
Can you help ?
Thanks
Christophe
Le 26/11/2014 19:08, leroy christophe a écrit :
I need to do something equivalent to
iptables -t raw -A OUTPUT -p udp -d 192.168.2.1 --dport tftp -j CT
--helper tftp
I tried the following
nft add rule filter output ct helper "tftp" udp dport tftp
But it looks like it doesn't work, I still get.
[ 1113.706274] nf_conntrack: automatic helper assignment is deprecated
and it will be removed soon. Use the iptables CT target to attach
helpers instead.
What is the correct syntaxe for that ?
Christophe
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
