summaryrefslogtreecommitdiff
path: root/scripts/firewall/firewall.init.in
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/firewall/firewall.init.in')
-rw-r--r--scripts/firewall/firewall.init.in6
1 files changed, 6 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in
index acd951a..9f365db 100644
--- a/scripts/firewall/firewall.init.in
+++ b/scripts/firewall/firewall.init.in
@@ -52,6 +52,12 @@ start () {
# by default, nothing is tracked.
iptables -t raw -A PREROUTING -j NOTRACK
iptables -t raw -A OUTPUT -j NOTRACK
+
+ # set up post-firewall hook
+ iptables -N VYATTA_POST_FW_HOOK
+ iptables -A VYATTA_POST_FW_HOOK -j ACCEPT
+ iptables -A INPUT -j VYATTA_POST_FW_HOOK
+ iptables -A FORWARD -j VYATTA_POST_FW_HOOK
}
case "$ACTION" in
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 12:09:12 +0000