diff options
Diffstat (limited to 'scripts/firewall/firewall.init.in')
-rw-r--r-- | scripts/firewall/firewall.init.in | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 8e92225..49991d8 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -50,8 +50,8 @@ start () { done # conection tracking timeout chain - iptables -t raw -N CT_TIMEOUT - iptables -t raw -A CT_TIMEOUT -j RETURN + iptables -t raw -N VYATTA_CT_TIMEOUT + iptables -t raw -A VYATTA_CT_TIMEOUT -j RETURN # setup vrrp backup transition chain # we need to filter traffic to the vrrp mac addresses @@ -145,8 +145,8 @@ start () { iptables -t nat -A VYATTA_PRE_SNAT_HOOK -j RETURN iptables -t nat -A POSTROUTING -j VYATTA_PRE_SNAT_HOOK - iptables -t raw -I PREROUTING -j CT_TIMEOUT - iptables -t raw -I OUTPUT -j CT_TIMEOUT + iptables -t raw -I PREROUTING -j VYATTA_CT_TIMEOUT + iptables -t raw -I OUTPUT -j VYATTA_CT_TIMEOUT # Loosen the acceptability rules for TCP sequence and ACK numbers in # conntrack. This allows TCP connections through NAT to survive certain # cases of packet loss where conntrack can not accurately track the |