[source] firewall3: drop support for automatic NOTRACK rules

[LEDE Commits]

jow pushed a commit to source.git, branch master:
https://git.lede-project.org/2daab45cae3cfc09bae96f4326a3963a7504e86d

commit 2daab45cae3cfc09bae96f4326a3963a7504e86d
Author: Jo-Philipp Wich <jo at mein.io>
AuthorDate: Wed Dec 14 00:44:22 2016 +0100

    firewall3: drop support for automatic NOTRACK rules
    
    Update to current HEAD in order to drop automatic generation of per-zone
    NOTRACK rules.
    
    The NOTRACK rules used to provide a little performance improvement but the
    later introduction of the netfilter conntrack cache made those rules largely
    unnecessary. Additionally, those rules caused various issues which broke
    stateful firewalling in some scenarios.
    
    Signed-off-by: Jo-Philipp Wich <jo at mein.io>
---
 package/network/config/firewall/Makefile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile
index 24b2e05..3d59c09 100644
--- a/package/network/config/firewall/Makefile
+++ b/package/network/config/firewall/Makefile
@@ -9,15 +9,15 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=firewall
-PKG_VERSION:=2016-11-07
+PKG_VERSION:=2016-11-29
 PKG_RELEASE:=$(PKG_SOURCE_VERSION)
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(LEDE_GIT)/project/firewall3.git
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=0367860636aa55e9ee064709ec2814906e1f246b
+PKG_SOURCE_VERSION:=13698aafb52c45817ee7815da3405e620657c8d0
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
-PKG_MIRROR_MD5SUM:=1a087c92c73c3736dd19445d2f470abc2c1eb623956ddd55284c2e6a733198ce
+PKG_MIRROR_MD5SUM:=fd5468488e67b2a67a95228cb2e2efe66a44426748d294ecd9c7806c6bbe0978
 PKG_MAINTAINER:=Jo-Philipp Wich <jo at mein.io>
 PKG_LICENSE:=ISC