|
@@ -57,6 +57,11 @@ net.netfilter.nf_conntrack_max = 16777216
|
|
net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 1
|
|
net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 1
|
|
|
|
|
|
|
|
|
|
|
|
+#
|
|
|
|
+# Allow loading conntrack helper (e.g. for TFTP)
|
|
|
|
+net.netfilter.nf_conntrack_helper = 1
|
|
|
|
+
|
|
|
|
+
|
|
#
|
|
#
|
|
# Don't filter packet passing a bridge and not being routed on this host.
|
|
# Don't filter packet passing a bridge and not being routed on this host.
|
|
net.bridge.bridge-nf-call-iptables = 0
|
|
net.bridge.bridge-nf-call-iptables = 0
|