diff options
| -rwxr-xr-x | lib/Vyatta/IpTables/Mgr.pm | 4 | ||||
| -rw-r--r-- | scripts/firewall/firewall.init.in | 24 |
2 files changed, 14 insertions, 14 deletions
diff --git a/lib/Vyatta/IpTables/Mgr.pm b/lib/Vyatta/IpTables/Mgr.pm index 79b842f..9247a44 100755 --- a/lib/Vyatta/IpTables/Mgr.pm +++ b/lib/Vyatta/IpTables/Mgr.pm @@ -52,8 +52,8 @@ sub ipt_find_chain_rule { } my %conntrack_hook_hash = - ('PREROUTING' => 'VYATTA_PRE_CT_PREROUTING_HOOK', - 'OUTPUT' => 'VYATTA_PRE_CT_OUTPUT_HOOK', + ('PREROUTING' => 'VYATTA_CT_PREROUTING_HOOK', + 'OUTPUT' => 'VYATTA_CT_OUTPUT_HOOK', ); sub ipt_enable_conntrack { diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 040078b..5228c66 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -51,24 +51,24 @@ start () { # set up notrack chains/rules for IPv4 # by default, nothing is tracked. - iptables -t raw -N VYATTA_PRE_CT_PREROUTING_HOOK - iptables -t raw -A VYATTA_PRE_CT_PREROUTING_HOOK -j RETURN - iptables -t raw -A PREROUTING -j VYATTA_PRE_CT_PREROUTING_HOOK + iptables -t raw -N VYATTA_CT_PREROUTING_HOOK + iptables -t raw -A VYATTA_CT_PREROUTING_HOOK -j RETURN + iptables -t raw -A PREROUTING -j VYATTA_CT_PREROUTING_HOOK iptables -t raw -A PREROUTING -j NOTRACK - iptables -t raw -N VYATTA_PRE_CT_OUTPUT_HOOK - iptables -t raw -A VYATTA_PRE_CT_OUTPUT_HOOK -j RETURN - iptables -t raw -A OUTPUT -j VYATTA_PRE_CT_OUTPUT_HOOK + iptables -t raw -N VYATTA_CT_OUTPUT_HOOK + iptables -t raw -A VYATTA_CT_OUTPUT_HOOK -j RETURN + iptables -t raw -A OUTPUT -j VYATTA_CT_OUTPUT_HOOK iptables -t raw -A OUTPUT -j NOTRACK if [ -d /proc/sys/net/ipv6 ] ; then # set up notrack chains/rules for IPv6 - ip6tables -t raw -N VYATTA_PRE_CT_PREROUTING_HOOK - ip6tables -t raw -A VYATTA_PRE_CT_PREROUTING_HOOK -j RETURN - ip6tables -t raw -A PREROUTING -j VYATTA_PRE_CT_PREROUTING_HOOK + ip6tables -t raw -N VYATTA_CT_PREROUTING_HOOK + ip6tables -t raw -A VYATTA_CT_PREROUTING_HOOK -j RETURN + ip6tables -t raw -A PREROUTING -j VYATTA_CT_PREROUTING_HOOK ip6tables -t raw -A PREROUTING -j NOTRACK - ip6tables -t raw -N VYATTA_PRE_CT_OUTPUT_HOOK - ip6tables -t raw -A VYATTA_PRE_CT_OUTPUT_HOOK -j RETURN - ip6tables -t raw -A OUTPUT -j VYATTA_PRE_CT_OUTPUT_HOOK + ip6tables -t raw -N VYATTA_CT_OUTPUT_HOOK + ip6tables -t raw -A VYATTA_CT_OUTPUT_HOOK -j RETURN + ip6tables -t raw -A OUTPUT -j VYATTA_CT_OUTPUT_HOOK ip6tables -t raw -A OUTPUT -j NOTRACK # set up post-firewall hook for IPv6 |