webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-18 23:12:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

firewall: Don't filter output INVALID packets

Browse Source 
This should never cause any problems, but will cause that certain more
complicated featured like SYNPROXY won't work.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2024-04-18 21:11:40 +00:00
parent 6342bb596b
commit be2774c0c6
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/initscripts/system/firewall
View File

@@ -156,7 +156,6 @@ iptables_init() {
iptables -N CTOUTPUT
iptables -A CTOUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
iptables -A CTOUTPUT -m conntrack --ctstate INVALID -j CTINVALID
iptables -A CTOUTPUT -p icmp -m conntrack --ctstate RELATED -j ACCEPT
# Restore any connection marks