X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=src%2Finitscripts%2Fsystem%2Ffirewall;h=7a7d52d577b9f55ae2a6e004083d2794b3a05cb0;hb=c825fcef40f63c8ce39a50b7285dbca98e2db60b;hp=9d023a349b98b3752608e41fcc71eeeb846fe43b;hpb=45329c0a66d2f1f7bf4d215489ece6bc1714dfe3;p=people%2Fpmueller%2Fipfire-2.x.git

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index 9d023a349b..7a7d52d577 100644
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -100,6 +100,9 @@ iptables_init() {
 	iptables -t raw -N CONNTRACK
 	iptables -t raw -A PREROUTING -j CONNTRACK
 
+	# Restore any connection marks
+	iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
+
 	# Fix for braindead ISPs
 	iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu