hak5
/
openwrt-owl
mirror of https://github.com/hak5/openwrt-owl.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixes firewall for trunk, custom chains were never reched, as policies apply beforehand 

SVN-Revision: 12978
owl
John Crispin 2008-10-14 10:53:55 +00:00
parent 46d856ac86
commit 3830b905e3
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
package/firewall/files/uci_firewall.sh
View File

@ -158,6 +158,9 @@ fw_defaults() {
config_get syn_burst $1 syn_burst config_get syn_burst $1 syn_burst
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst [ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
echo "Adding custom chains"
fw_custom_chains
$IPTABLES -N input $IPTABLES -N input
$IPTABLES -N output $IPTABLES -N output
$IPTABLES -N forward $IPTABLES -N forward
@ -170,9 +173,6 @@ fw_defaults() {
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset $IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable $IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
echo "Adding custom chains"
fw_custom_chains
fw_set_chain_policy INPUT "$DEF_INPUT" fw_set_chain_policy INPUT "$DEF_INPUT"
fw_set_chain_policy OUTPUT "$DEF_OUTPUT" fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
fw_set_chain_policy FORWARD "$DEF_FORWARD" fw_set_chain_policy FORWARD "$DEF_FORWARD"