KumiSystems/openwrtv4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

relates connections should be mss clamped too

Browse source 
SVN-Revision: 1142
This commit is contained in:
Oleg I. Vdovikin 2005-06-05 06:20:09 +00:00
parent 34cdd1fc82
commit dd45857be1
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
openwrt/target/default/target_skeleton/etc/init.d/S45firewall
View file

@ -63,8 +63,8 @@ iptables -t nat -N postrouting_rule
# base case # base case
iptables -P FORWARD DROP iptables -P FORWARD DROP
iptables -A FORWARD -m state --state INVALID -j DROP iptables -A FORWARD -m state --state INVALID -j DROP
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
# allow # allow
iptables -A FORWARD -i br0 -o br0 -j ACCEPT iptables -A FORWARD -i br0 -o br0 -j ACCEPT