- echo "POLICY=MODE0" >> $(CONFIG_ROOT)/forward/settings
-
- # set rules.pl executable
- chmod 755 $(CONFIG_ROOT)/forward/bin/rules.pl
+ echo "DROPOUTGOING=on" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "DROPSAMBA=off" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "DROPPROXY=off" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "SHOWREMARK=on" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "SHOWCOLORS=on" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "SHOWTABLES=off" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "SHOWDROPDOWN=off" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "DROPWIRELESSINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "DROPWIRELESSFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "POLICY=MODE2" >> $(CONFIG_ROOT)/firewall/settings
+ echo "POLICY1=MODE2" >> $(CONFIG_ROOT)/firewall/settings
+
+ # Add conntrack helper default settings
+ for proto in FTP PPTP SIP TFTP; do \
+ echo "CONNTRACK_$${proto}=on" >> $(CONFIG_ROOT)/optionsfw/settings; \
+ done
+
+ # set converters executable
+ chmod 755 /usr/sbin/convert-*
+