From 3e88f58bfebd2200bc2b7280cc07ff7bf64636b0 Mon Sep 17 00:00:00 2001
From: Derek Jennings <djennings@mageia.org>
Date: Sat, 20 Jul 2013 20:39:34 +0000
Subject: drakfirewall: replace obsolete state module with conntrack (mga#8225)

---
 NEWS                        | 1 +
 lib/network/drakfirewall.pm | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index cc91514..5d23db0 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,6 @@
 - net_applet: fix error dialog title after selecting a wireless network
 - install net_monitor package on demand (mga#157)
+- drakfirewall: replace obsolete state module with conntrack (mga#8225)
 
 1.24:
 - connection manager: extract gtk2 specific code in separate module
diff --git a/lib/network/drakfirewall.pm b/lib/network/drakfirewall.pm
index a5596f5..3a808c2 100644
--- a/lib/network/drakfirewall.pm
+++ b/lib/network/drakfirewall.pm
@@ -284,7 +284,7 @@ sub set_ifw {
                 my $proto = $_;
                 map {
                     my $multiport = /:/ && " -m multiport";
-                    "iptables -A Ifw -m state --state NEW -p $proto$multiport --dport $_ -j IFWLOG --log-prefix NEW\n";
+                    "iptables -A Ifw -m conntrack --ctstate NEW -p $proto$multiport --dport $_ -j IFWLOG --log-prefix NEW\n";
                 } @{$ports_by_proto->{$proto}};
             } intersection([ qw(tcp udp) ], [ keys %$ports_by_proto ]),
         );
-- 
cgit v1.2.1