From 577121b69bf7584d078d6e9f33aa340a2c745715 Mon Sep 17 00:00:00 2001 From: Thomas Jensen Date: Mon, 7 Mar 2022 20:10:34 +0100 Subject: add short info about conntrack modules (#731) --- docs/configuration/system/conntrack.disable | 2 -- docs/configuration/system/conntrack.rst | 33 +++++++++++++++++++++++++++++ docs/configuration/system/index.rst | 1 + 3 files changed, 34 insertions(+), 2 deletions(-) delete mode 100644 docs/configuration/system/conntrack.disable create mode 100644 docs/configuration/system/conntrack.rst (limited to 'docs/configuration') diff --git a/docs/configuration/system/conntrack.disable b/docs/configuration/system/conntrack.disable deleted file mode 100644 index 7d5d4308..00000000 --- a/docs/configuration/system/conntrack.disable +++ /dev/null @@ -1,2 +0,0 @@ -conntrack -######### \ No newline at end of file diff --git a/docs/configuration/system/conntrack.rst b/docs/configuration/system/conntrack.rst new file mode 100644 index 00000000..7f7e4b77 --- /dev/null +++ b/docs/configuration/system/conntrack.rst @@ -0,0 +1,33 @@ +################### +Connection tracking +################### + +Modules +------- + +.. code-block:: none + + conntrack { + modules { + ftp + h323 + nfs + pptp + sip + sqlnet + tftp + } + } + +Enables ``conntrack`` modules. All modules are now disabled by default, while they +used to be enabled in previous versions. Enabling the modules ensures backwards +compatibility — keeping the previous behavior. + +In most cases they can be disabled by removing the block of configuration. + +.. code-block:: none + + delete system conntrack modules + +For some scenarios it is in fact recommended, like in this example: +:ref:`example-high-availability`. diff --git a/docs/configuration/system/index.rst b/docs/configuration/system/index.rst index 2e428333..9b4bf2e3 100644 --- a/docs/configuration/system/index.rst +++ b/docs/configuration/system/index.rst @@ -7,6 +7,7 @@ System :maxdepth: 1 :includehidden: + conntrack console flow-accounting host-name -- cgit v1.2.3