diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/firewall/firewall.init.in | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 49991d8..3052238 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -52,7 +52,14 @@ start () { # conection tracking timeout chain iptables -t raw -N VYATTA_CT_TIMEOUT iptables -t raw -A VYATTA_CT_TIMEOUT -j RETURN - + + # user space helpers chain, enables helpers using iptables --helper. + # FTP, sip and h323 to use this chain later on. + iptables -t raw -N VYATTA_CT_HELPER + iptables -t raw -A VYATTA_CT_HELPER -j RETURN + + iptables -t raw -A PREROUTING -j VYATTA_CT_HELPER + iptables -t raw -A OUTPUT -j VYATTA_CT_HELPER # setup vrrp backup transition chain # we need to filter traffic to the vrrp mac addresses # on the vrrp backup router before we do anything else. |