From 97e868a3e7bc81075df3f8ad2e9914c13f43f864 Mon Sep 17 00:00:00 2001
From: jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Mon, 28 Jan 2013 15:53:44 +0000
Subject: firewall: flush conntrack table after changing interface rules

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35348 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/network/config/firewall/files/lib/core_interface.sh | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'package/network/config/firewall/files/lib')

diff --git a/package/network/config/firewall/files/lib/core_interface.sh b/package/network/config/firewall/files/lib/core_interface.sh
index 3d6718431..7400e2d35 100644
--- a/package/network/config/firewall/files/lib/core_interface.sh
+++ b/package/network/config/firewall/files/lib/core_interface.sh
@@ -106,6 +106,9 @@ fw_configure_interface() {
 		fw $action $mode r PREROUTING ${chain}_notrack    $ { -i "$ifname" $inet }
 		fw $action $mode n POSTROUTING ${chain}_nat       $ { -o "$ifname" $onet }
 
+		# Flush conntrack table
+		echo f >/proc/net/nf_conntrack 2>/dev/null
+
 		lock -u /var/run/firewall-interface.lock
 	}
 
-- 
cgit v1.2.3