b0b73ea971
There is an issue with newer kernels (it seems to happen with 4.15.x) that when conntrack is reloaded while a connection has packets in flight, this connection going forward is neither considered INVALID nor RELATED nor ESTABLISHED by the stateful tracking. While this is certainly a bug somewhere in the kernel, we can be easily avoiding this by just not using stateful filtering for ssh connections, as we accept any connection from anywhere anyway. Change-Id: I1b20644ce888930cd28d6eaf2c23787315e8199c |
||
|---|---|---|
| .. | ||
| 05-record-details | ||
| 06-record-builddate | ||
| 20-iptables | ||
| 50-disable-metadata-cloudinit | ||
| 91-venv-os-testr | ||
| 96-clean-cron | ||
| 99-disable-rfc3041 | ||