New conntrack syntax for Sagitta requires explicit enabling

2025-10-26 08:41:46 +01:00 · 2021-08-12 15:44:48 +03:00 · 2021-08-12 15:44:48 +03:00 · e8d4457826
commit e8d4457826
parent fcdb0ddd19
1 changed files with 6 additions and 10 deletions
--- a/docs/configexamples/ha.rst
+++ b/docs/configexamples/ha.rst
@ -306,21 +306,17 @@ public interface.
   set nat source rule 10 translation address '203.0.113.1'


-Configure conntrack-sync and disable helpers
+Configure conntrack-sync and enable helpers
 --------------------------------------------

-Most conntrack modules cause more problems than they're worth, especially in a
-complex network. Turn them off by default, and if you need to turn them on
-later, you can do so.
+Conntrack modules are disabled by default because they cause more problems
+than they're worth, especially in a complex network. You can enable them
+manually if you wish.

 .. code-block:: none

-   set system conntrack modules ftp disable
-   set system conntrack modules gre disable
-   set system conntrack modules nfs disable
-   set system conntrack modules pptp disable
-   set system conntrack modules sip disable
-   set system conntrack modules tftp disable
+   set system conntrack modules ftp enable
+   set system conntrack modules gre enable

 Now enable replication between nodes. Replace eth0.201 with bond0.201 on the
 hardware router.