From fcd91bbdc7cfcc87830d8fec6c3e4adfb78cdcfc Mon Sep 17 00:00:00 2001
From: Gaurav Sinha <gaurav.sinha@vyatta.com>
Date: Mon, 14 May 2012 13:23:22 -0700
Subject: don't add CTHELPER chain by default on boot. add when needed.

---
 scripts/firewall/firewall.init.in | 2 --
 1 file changed, 2 deletions(-)

(limited to 'scripts')

diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in
index 3052238..d7364fe 100644
--- a/scripts/firewall/firewall.init.in
+++ b/scripts/firewall/firewall.init.in
@@ -58,8 +58,6 @@ start () {
     iptables -t raw -N VYATTA_CT_HELPER
     iptables -t raw -A VYATTA_CT_HELPER -j RETURN
 
-    iptables -t raw -A PREROUTING -j VYATTA_CT_HELPER
-    iptables -t raw -A OUTPUT -j VYATTA_CT_HELPER
     # setup vrrp backup transition chain
     # we need to filter traffic to the vrrp mac addresses
     # on the vrrp backup router before we do anything else.
-- 
cgit v1.2.3