diff options
| author | Stig Thormodsrud <stig@vyatta.com> | 2010-06-12 15:47:11 -0700 |
|---|---|---|
| committer | Stig Thormodsrud <stig@vyatta.com> | 2010-06-12 15:47:11 -0700 |
| commit | 1492374dffb01f3ab748b1eeb989cfbe7e11ba96 (patch) | |
| tree | b4e4c48a3806d0b4b3c363933a45464a18d5db75 /scripts/firewall | |
| parent | 9c9c42dd87e68cff656967f612eaa8f32047fc3a (diff) | |
| download | vyatta-cfg-firewall-1492374dffb01f3ab748b1eeb989cfbe7e11ba96.tar.gz vyatta-cfg-firewall-1492374dffb01f3ab748b1eeb989cfbe7e11ba96.zip | |
Dont tear down conntrack if the other table is using it.
Diffstat (limited to 'scripts/firewall')
| -rwxr-xr-x | scripts/firewall/vyatta-firewall.pl | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/scripts/firewall/vyatta-firewall.pl b/scripts/firewall/vyatta-firewall.pl index eb115a6..c4d46bf 100755 --- a/scripts/firewall/vyatta-firewall.pl +++ b/scripts/firewall/vyatta-firewall.pl @@ -180,7 +180,9 @@ if (defined $teardown) { teardown_iptables($table, $iptables_cmd); # remove the conntrack setup. - ipt_disable_conntrack($iptables_cmd, 'FW_CONNTRACK'); + if (! is_tree_in_use($other_tree{$teardown})) { + ipt_disable_conntrack($iptables_cmd, 'FW_CONNTRACK'); + } exit 0; } |