qi-hardware/openwrt-xburst
1
0
Fork 0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2025-04-21 12:27:27 +03:00
Code Activity

[package] firewall: relocate TCPMSS rules into mangle table, add code to selectively clear them out again

Browse Source 
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@28669 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
jow
2011-10-29 18:02:45 +00:00
parent a0b9641a8f
commit 41db87f4cc
4 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package/firewall/files/lib/core_interface.sh
View File

@@ -96,7 +96,9 @@ fw_configure_interface() {
fw $action $mode f ${chain}_REJECT reject $ { -o "$ifname" $onet }
fw $action $mode f ${chain}_REJECT reject $ { -i "$ifname" $inet }
fw $action $mode f ${chain}_MSSFIX TCPMSS $ { -o "$ifname" -p tcp --tcp-flags SYN,RST SYN --clamp-mss-to-pmtu $onet }
[ "$(uci_get_state firewall core "${zone}_tcpmss")" == 1 ] && \
fw $action $mode m ${chain}_MSSFIX TCPMSS $ \
{ -o "$ifname" -p tcp --tcp-flags SYN,RST SYN --clamp-mss-to-pmtu $onet }
fw $action $mode f input ${chain} $ { -i "$ifname" $inet }
fw $action $mode f forward ${chain}_forward $ { -i "$ifname" $inet }