From 7bd89f780b75b6e953be3924d392efdf172cae26 Mon Sep 17 00:00:00 2001
From: Gaurav Sinha <gaurav.sinha@vyatta.com>
Date: Tue, 7 Aug 2012 10:42:49 -0700
Subject: add conntrack raw table ignore chain

---
 scripts/firewall/firewall.init.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in
index 8aca606..20ece8b 100644
--- a/scripts/firewall/firewall.init.in
+++ b/scripts/firewall/firewall.init.in
@@ -48,6 +48,10 @@ start () {
     for mod in ${modules[@]} ; do 
 	modprobe --syslog $mod
     done
+    # raw table ignore connection tracking chain
+    iptables -t raw -N VYATTA_CT_IGNORE
+    iptables -t raw -A VYATTA_CT_IGNORE -j RETURN
+ 
     # conection tracking timeout chain
     iptables -t raw -N VYATTA_CT_TIMEOUT 
     iptables -t raw -A VYATTA_CT_TIMEOUT -j RETURN
-- 
cgit v1.2.3