diff options
| author | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-08-07 10:42:49 -0700 |
|---|---|---|
| committer | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-08-07 10:42:49 -0700 |
| commit | 7bd89f780b75b6e953be3924d392efdf172cae26 (patch) | |
| tree | 65eb17845c98eeea5c1aceb53369e78bf0783de3 | |
| parent | 221e4070c648d4a1786a61a290e95a0388a9fe85 (diff) | |
| download | vyatta-cfg-firewall-7bd89f780b75b6e953be3924d392efdf172cae26.tar.gz vyatta-cfg-firewall-7bd89f780b75b6e953be3924d392efdf172cae26.zip | |
add conntrack raw table ignore chain
| -rw-r--r-- | scripts/firewall/firewall.init.in | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 8aca606..20ece8b 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -48,6 +48,10 @@ start () { for mod in ${modules[@]} ; do modprobe --syslog $mod done + # raw table ignore connection tracking chain + iptables -t raw -N VYATTA_CT_IGNORE + iptables -t raw -A VYATTA_CT_IGNORE -j RETURN + # conection tracking timeout chain iptables -t raw -N VYATTA_CT_TIMEOUT iptables -t raw -A VYATTA_CT_TIMEOUT -j RETURN |