firewall: Always restore all connection marks

This was done by tc only when QoS was enabled

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

src/initscripts/system/firewall

@@ -100,6 +100,9 @@ iptables_init() {
 	iptables -t raw -N CONNTRACK
 	iptables -t raw -A PREROUTING -j CONNTRACK
 
+	# Restore any connection marks
+	iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
+
 	# Fix for braindead ISPs
 	iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu