mirror of
https://github.com/openwrt/openwrt.git
synced 2025-02-21 09:42:09 +00:00
fixes firewall for trunk, custom chains were never reched, as policies apply beforehand
SVN-Revision: 12978
This commit is contained in:
parent
46d856ac86
commit
3830b905e3
@ -157,6 +157,9 @@ fw_defaults() {
|
|||||||
config_get syn_rate $1 syn_rate
|
config_get syn_rate $1 syn_rate
|
||||||
config_get syn_burst $1 syn_burst
|
config_get syn_burst $1 syn_burst
|
||||||
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
|
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
|
||||||
|
|
||||||
|
echo "Adding custom chains"
|
||||||
|
fw_custom_chains
|
||||||
|
|
||||||
$IPTABLES -N input
|
$IPTABLES -N input
|
||||||
$IPTABLES -N output
|
$IPTABLES -N output
|
||||||
@ -170,9 +173,6 @@ fw_defaults() {
|
|||||||
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
|
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
|
||||||
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
|
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
|
||||||
|
|
||||||
echo "Adding custom chains"
|
|
||||||
fw_custom_chains
|
|
||||||
|
|
||||||
fw_set_chain_policy INPUT "$DEF_INPUT"
|
fw_set_chain_policy INPUT "$DEF_INPUT"
|
||||||
fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
|
fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
|
||||||
fw_set_chain_policy FORWARD "$DEF_FORWARD"
|
fw_set_chain_policy FORWARD "$DEF_FORWARD"
|
||||||
|
Loading…
x
Reference in New Issue
Block a user