From 9efdd8993752539a4a03ef7c171ae955252aa457 Mon Sep 17 00:00:00 2001
From: Christian Schmidt <maniacikarus@ipfire.org>
Date: Tue, 16 Feb 2010 19:34:53 +0100
Subject: [PATCH] Updated firewall script to be compatible to newest kernel.

---
 src/initscripts/init.d/firewall | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 410ff87371..bc511832df 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -132,7 +132,7 @@ case "$1" in
 	# original do nothing line
 	#/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 10/sec
 	# the correct one, but the negative '!' do nothing...
-	#/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit ! --limit 10/sec -j DROP
+	#/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN ! -m limit --limit 10/sec -j DROP
 
 	# Fix for braindead ISP's
 	/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-- 
2.39.2