From 825ab4dd9aceb0fd02ac7c92a8b2786457947089 Mon Sep 17 00:00:00 2001 From: "Oleg I. Vdovikin" Date: Sun, 5 Jun 2005 06:20:09 +0000 Subject: [PATCH] relates connections should be mss clamped too SVN-Revision: 1142 --- openwrt/target/default/target_skeleton/etc/init.d/S45firewall | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openwrt/target/default/target_skeleton/etc/init.d/S45firewall b/openwrt/target/default/target_skeleton/etc/init.d/S45firewall index 072f411a9f..8f9b9404e5 100755 --- a/openwrt/target/default/target_skeleton/etc/init.d/S45firewall +++ b/openwrt/target/default/target_skeleton/etc/init.d/S45firewall @@ -63,8 +63,8 @@ iptables -t nat -N postrouting_rule # base case iptables -P FORWARD DROP iptables -A FORWARD -m state --state INVALID -j DROP - iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT # allow iptables -A FORWARD -i br0 -o br0 -j ACCEPT -- 2.30.2