From 5510da8abc49783dc9b5b4f49577c668d3cb88fa Mon Sep 17 00:00:00 2001
From: Michael Larson <slioch@eng-140.vyatta.com>
Date: Tue, 10 Jun 2008 11:05:53 -0700
Subject: fix for iptables rules in tcp state. should fix main problem with wan
 lb.

---
 src/lbdecision.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lbdecision.cc b/src/lbdecision.cc
index 005726b..c959303 100644
--- a/src/lbdecision.cc
+++ b/src/lbdecision.cc
@@ -169,14 +169,14 @@ LBDecision::run(LBData &lb_data)
     while (w_iter != w_end) {
       sprintf(fbuf,"%f",w_iter->second);
       sprintf(dbuf,"%d",w_iter->first);
-      execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf);
+      execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW,ESTABLISHED -m statistic --mode random --probability " + fbuf + " -j ISP_" + dbuf);
 
       ++w_iter;
     }
     //last one is special case, the catch all rule
     ++w_iter;
     sprintf(dbuf,"%d",w_iter->first);
-    execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW -j ISP_" + dbuf);
+    execute(string("iptables -t mangle -A PREROUTING ") + app_cmd + " -m state --state NEW,ESTABLISHED -j ISP_" + dbuf);
     ++iter;
   }
 }
-- 
cgit v1.2.3