diff options
| author | Jo-Philipp Wich <jow@openwrt.org> | 2013-01-28 15:53:44 +0000 |
|---|---|---|
| committer | Jo-Philipp Wich <jow@openwrt.org> | 2013-01-28 15:53:44 +0000 |
| commit | 839f3ab0e72df77d6264349801cd7f512b567fe5 (patch) | |
| tree | 8ae3df10c7b07333a2e1683e7964a8b80c9f7364 /package/network/config/firewall/files | |
| parent | ec41a6a08ce79da472372fde532136643153f752 (diff) | |
| download | upstream-839f3ab0e72df77d6264349801cd7f512b567fe5.tar.gz upstream-839f3ab0e72df77d6264349801cd7f512b567fe5.tar.bz2 upstream-839f3ab0e72df77d6264349801cd7f512b567fe5.zip | |
firewall: flush conntrack table after changing interface rules
SVN-Revision: 35348
Diffstat (limited to 'package/network/config/firewall/files')
| -rw-r--r-- | package/network/config/firewall/files/lib/core_interface.sh | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/package/network/config/firewall/files/lib/core_interface.sh b/package/network/config/firewall/files/lib/core_interface.sh index 3d6718431f..7400e2d351 100644 --- a/package/network/config/firewall/files/lib/core_interface.sh +++ b/package/network/config/firewall/files/lib/core_interface.sh @@ -106,6 +106,9 @@ fw_configure_interface() { fw $action $mode r PREROUTING ${chain}_notrack $ { -i "$ifname" $inet } fw $action $mode n POSTROUTING ${chain}_nat $ { -o "$ifname" $onet } + # Flush conntrack table + echo f >/proc/net/nf_conntrack 2>/dev/null + lock -u /var/run/firewall-interface.lock } |