sysctl: Allow using conntrack helpers

Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>

sysctl/global.conf

@@ -57,6 +57,11 @@ net.netfilter.nf_conntrack_max = 16777216
 net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 1
 
 
+#
+# Allow loading conntrack helper (e.g. for TFTP)
+net.netfilter.nf_conntrack_helper = 1
+
+
 #
 # Don't filter packet passing a bridge and not being routed on this host.
 net.bridge.bridge-nf-call-iptables = 0

sysctl/init.sls

@@ -37,10 +37,3 @@ reload-sysctl:
 /etc/sysctl.d/router.conf:
   file.absent
 {% endif %}
-
-
-{# Remove old files #}
-{% for file in ['20-arp_caches.conf', '21-ip_forward.conf', '22-kernel.conf', 'NAT.conf', 'nf-ignore-bridge.conf'] %}
-/etc/sysctl.d/{{ file }}:
-  file.absent
-{% endfor %}