From 88cb94908911e6e9c1f470b4e37bc29162ddd47d Mon Sep 17 00:00:00 2001
From: Darren 'Tadgy' Austin <darren@afterdark.org.uk>
Date: Thu, 25 Aug 2022 17:44:20 +0100
Subject: [PATCH] Remove loading of (unneeded) ftp helper module.

---
 rc.d/rc.firewall-complete | 2 --
 rc.d/rc.firewall-float    | 2 --
 2 files changed, 4 deletions(-)

diff --git a/rc.d/rc.firewall-complete b/rc.d/rc.firewall-complete
index ad511bf..25196f9 100755
--- a/rc.d/rc.firewall-complete
+++ b/rc.d/rc.firewall-complete
@@ -111,8 +111,6 @@ start_firewall() {
   ip6tables -A INPUT -i "$EX_IF" -p tcp --syn -m multiport --dports 80,443 -m conntrack --ctstate NEW -j ACCEPT
 
   # Service: FTP.
-  modprobe nf_conntrack_ftp
-  echo 1 >/proc/sys/net/netfilter/nf_conntrack_helper	# Required to allow nf_conntrack_ftp to actually work.
   iptables -A INPUT -i "$EX_IF" -p tcp --syn --dport 21 -m conntrack --ctstate NEW -j ACCEPT
   ip6tables -A INPUT -i "$EX_IF" -p tcp --syn --dport 21 -m conntrack --ctstate NEW -j ACCEPT
   iptables -A INPUT -i "$EX_IF" -p tcp --syn --dport 20 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
diff --git a/rc.d/rc.firewall-float b/rc.d/rc.firewall-float
index 4022065..9ee055f 100755
--- a/rc.d/rc.firewall-float
+++ b/rc.d/rc.firewall-float
@@ -111,8 +111,6 @@ start_firewall() {
   ip6tables -A INPUT -i "$EX_IF" -p tcp -d "$FLOATINGIP6" --syn -m multiport --dports 80,443 -m conntrack --ctstate NEW -j ACCEPT
 
   # Service: FTP.
-  modprobe nf_conntrack_ftp
-  echo 1 >/proc/sys/net/netfilter/nf_conntrack_helper	# Required to allow nf_conntrack_ftp to actually work.
   iptables -A INPUT -i "$EX_IF" -p tcp -d "$FLOATINGIP" --syn --dport 21 -m conntrack --ctstate NEW -j ACCEPT
   ip6tables -A INPUT -i "$EX_IF" -p tcp -d "$FLOATINGIP6" --syn --dport 21 -m conntrack --ctstate NEW -j ACCEPT
   iptables -A INPUT -i "$EX_IF" -p tcp -d "$FLOATINGIP" --syn --dport 20 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT