diff options
author | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2013-01-28 15:53:44 +0000 |
---|---|---|
committer | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2013-01-28 15:53:44 +0000 |
commit | 97e868a3e7bc81075df3f8ad2e9914c13f43f864 (patch) | |
tree | 2a800d5921d3ddb411660bb4a1b25e94aa491ff6 | |
parent | d13c2f4628849e9b804e636bc6b62dfe7b44de3d (diff) |
firewall: flush conntrack table after changing interface rules
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35348 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r-- | package/network/config/firewall/Makefile | 4 | ||||
-rw-r--r-- | package/network/config/firewall/files/lib/core_interface.sh | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile index 1cfc734a3..fce0a808c 100644 --- a/package/network/config/firewall/Makefile +++ b/package/network/config/firewall/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2008-2012 OpenWrt.org +# Copyright (C) 2008-2013 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall PKG_VERSION:=2 -PKG_RELEASE:=56 +PKG_RELEASE:=57 include $(INCLUDE_DIR)/package.mk diff --git a/package/network/config/firewall/files/lib/core_interface.sh b/package/network/config/firewall/files/lib/core_interface.sh index 3d6718431..7400e2d35 100644 --- a/package/network/config/firewall/files/lib/core_interface.sh +++ b/package/network/config/firewall/files/lib/core_interface.sh @@ -106,6 +106,9 @@ fw_configure_interface() { fw $action $mode r PREROUTING ${chain}_notrack $ { -i "$ifname" $inet } fw $action $mode n POSTROUTING ${chain}_nat $ { -o "$ifname" $onet } + # Flush conntrack table + echo f >/proc/net/nf_conntrack 2>/dev/null + lock -u /var/run/firewall-interface.lock } |