main/unbound: improve update-unbound-root-hints

nf_conntrack_ftp is needed for passive ftp to work through iptables with a default deny policy.
author: Stuart Cardall <developer@it-offshore.co.uk> 2016-09-03 18:45:38 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2016-09-05 10:50:46 +0000
commit: 3c3956a49518a177c28f2ba8e1f0f67bcfba38b5 (patch)
tree: d5a2014022da50cd98ff3845d88868d536d3f2bc /main/unbound/update-unbound-root-hints
parent: 3f5d9f5b72009b2fb8121347e01f81d7453ed017 (diff)
download: aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.bz2
aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/main/unbound/update-unbound-root-hints b/main/unbound/update-unbound-root-hints
index ee127ded37..69c5e537da 100644
--- a/main/unbound/update-unbound-root-hints
+++ b/main/unbound/update-unbound-root-hints
@@ -1,5 +1,9 @@
 #!/bin/sh
 
+# to allow passive ftp through a default deny iptables firewall:
+# modprobe nf_conntrack_ftp
+# echo nf_conntrack_ftp >> /etc/modules
+
 check_format() {
 	# check that we have some ipv4 addresses and some '.' hints
 	egrep -q '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]' "$1" \
author	Stuart Cardall <developer@it-offshore.co.uk>	2016-09-03 18:45:38 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2016-09-05 10:50:46 +0000
commit	3c3956a49518a177c28f2ba8e1f0f67bcfba38b5 (patch)
tree	d5a2014022da50cd98ff3845d88868d536d3f2bc /main/unbound/update-unbound-root-hints
parent	3f5d9f5b72009b2fb8121347e01f81d7453ed017 (diff)
download	aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.bz2 aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.xz