Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
@@ -57,6 +57,11 @@ net.netfilter.nf_conntrack_max = 16777216
net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 1
+#
+# Allow loading conntrack helper (e.g. for TFTP)
+net.netfilter.nf_conntrack_helper = 1
+
#
# Don't filter packet passing a bridge and not being routed on this host.
net.bridge.bridge-nf-call-iptables = 0
@@ -37,10 +37,3 @@ reload-sysctl:
/etc/sysctl.d/router.conf:
file.absent
{% endif %}
-
-{# Remove old files #}
-{% for file in ['20-arp_caches.conf', '21-ip_forward.conf', '22-kernel.conf', 'NAT.conf', 'nf-ignore-bridge.conf'] %}
-/etc/sysctl.d/{{ file }}:
- file.absent
-{% endfor %}