Ignore:
Timestamp:
2009-09-27T15:57:09+02:00 (7 years ago)
Author:
nico
Message:

[package] firewall: fix MSS issue affection RELATED new connections (closes: #5173)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/8.09/package/firewall/files/uci_firewall.sh

    r17757 r17762  
    5353        $IPTABLES -N zone_$1_prerouting -t nat 
    5454        [ "$6" == "1" ] && $IPTABLES -t nat -A POSTROUTING -j zone_$1_nat 
     55        [ "$7" == "1" ] && $IPTABLES -I FORWARD 1 -j zone_$1_MSSFIX 
    5556} 
    5657 
     
    213214        config_get network $1 network 
    214215        config_get masq $1 masq 
     216        config_get_bool mtu_fix $1 mtu_fix 0 
     217 
    215218        load_policy $1 
    216219 
    217220        [ -z "$network" ] && network=$name 
    218         create_zone "$name" "$network" "$input" "$output" "$forward" "$masq" 
     221        create_zone "$name" "$network" "$input" "$output" "$forward" "$masq" "$mtu_fix" 
    219222        fw_custom_chains_zone "$name" 
    220223} 
     
    287290        config_get src $1 src 
    288291        config_get dest $1 dest 
    289         config_get_bool mtu_fix $1 mtu_fix 0 
    290292        [ -n "$src" ] && z_src=zone_${src}_forward || z_src=forward 
    291293        [ -n "$dest" ] && z_dest=zone_${dest}_ACCEPT || z_dest=ACCEPT 
    292294        $IPTABLES -I $z_src 1 -j $z_dest 
    293         [ "$mtu_fix" -gt 0 -a -n "$dest" ] && $IPTABLES -I $z_src 1 -j zone_${dest}_MSSFIX 
    294295} 
    295296 
Note: See TracChangeset for help on using the changeset viewer.