relates connections should be mss clamped too

SVN-Revision: 1142
author: Oleg I. Vdovikin <oleg@cs.msu.su> 2005-06-05 06:20:09 +0000
committer: Oleg I. Vdovikin <oleg@cs.msu.su> 2005-06-05 06:20:09 +0000
commit: dd45857be19af777c10d12c69f6cd676db7408a6 (patch)
tree: bf85cd34f3b23753b0d9468eb6ae370d3ee67e09
parent: 34cdd1fc82492cc5b416aa6d647156aaf06685d6 (diff)
download: upstream-dd45857be19af777c10d12c69f6cd676db7408a6.tar.gz
upstream-dd45857be19af777c10d12c69f6cd676db7408a6.tar.bz2
upstream-dd45857be19af777c10d12c69f6cd676db7408a6.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/openwrt/target/default/target_skeleton/etc/init.d/S45firewall b/openwrt/target/default/target_skeleton/etc/init.d/S45firewall
index 072f411a9f..8f9b9404e5 100755
--- a/openwrt/target/default/target_skeleton/etc/init.d/S45firewall
+++ b/openwrt/target/default/target_skeleton/etc/init.d/S45firewall
@@ -63,8 +63,8 @@ iptables -t nat -N postrouting_rule
   # base case
   iptables -P FORWARD DROP 
   iptables -A FORWARD -m state --state INVALID -j DROP
-  iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
   iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+  iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
 
   # allow
   iptables -A FORWARD -i br0 -o br0 -j ACCEPT
author	Oleg I. Vdovikin <oleg@cs.msu.su>	2005-06-05 06:20:09 +0000
committer	Oleg I. Vdovikin <oleg@cs.msu.su>	2005-06-05 06:20:09 +0000
commit	dd45857be19af777c10d12c69f6cd676db7408a6 (patch)
tree	bf85cd34f3b23753b0d9468eb6ae370d3ee67e09
parent	34cdd1fc82492cc5b416aa6d647156aaf06685d6 (diff)
download	upstream-dd45857be19af777c10d12c69f6cd676db7408a6.tar.gz upstream-dd45857be19af777c10d12c69f6cd676db7408a6.tar.bz2 upstream-dd45857be19af777c10d12c69f6cd676db7408a6.zip