Iptables

Deprecated nf_conntrack automatic helper assignment

For quite a while, I’ve been getting the “nf_conntrack: automatic helper assignment is deprecated and it will be removed soon” warning at boot. So I can’t say I was too surprised when I started getting “kernel: nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.” Back in January/February 2017 there was a post on the Linux-Kernel mailing list submitting a patch to print out the warning so firewall admins would at least have notice.