From: Christian Schmidt <maniacikarus@ipfire.org>
Date: Tue, 16 Feb 2010 18:34:53 +0000 (+0100)
Subject: Updated firewall script to be compatible to newest kernel.
X-Git-Tag: v2.9-beta1~412^2~59^2~12
X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=9efdd8993752539a4a03ef7c171ae955252aa457;ds=sidebyside

Updated firewall script to be compatible to newest kernel.
---

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 410ff87371..bc511832df 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -132,7 +132,7 @@ case "$1" in
 	# original do nothing line
 	#/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 10/sec
 	# the correct one, but the negative '!' do nothing...
-	#/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit ! --limit 10/sec -j DROP
+	#/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN ! -m limit --limit 10/sec -j DROP
 
 	# Fix for braindead ISP's
 	/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu