Merge remote-tracking branch 'amarx/difflang' into fifteen

author Michael Tremer <michael.tremer@ipfire.org>

Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)

committer Michael Tremer <michael.tremer@ipfire.org>

Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)
author Michael Tremer <michael.tremer@ipfire.org>
Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)
committer Michael Tremer <michael.tremer@ipfire.org>
Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)
diff --git a/config/rootfiles/common/iptables b/config/rootfiles/common/iptables

index 907783052746fc9b6826cf4a57f620d7f27a87d4..a0f12900800373654797bce70bdcd1447fda4698 100644 (file)
--- a/config/rootfiles/common/iptables
+++ b/config/rootfiles/common/iptables
@@ -76,6 +76,7 @@ lib/xtables
  #lib/xtables/libxt_RATEEST.so
  #lib/xtables/libxt_SECMARK.so
  #lib/xtables/libxt_SET.so
+#lib/xtables/libxt_SYNPROXY.so
  #lib/xtables/libxt_TCPMSS.so
  #lib/xtables/libxt_TCPOPTSTRIP.so
  #lib/xtables/libxt_TEE.so
diff --git a/lfs/iptables b/lfs/iptables

index f3fb70868ea93630200e07a2b2ee6b6a8b6c57a4..5a1764be0a302c716d536e5c8d06c6d8960ea987 100644 (file)
--- a/lfs/iptables
+++ b/lfs/iptables
@@ -24,7 +24,7 @@
  
  include Config
  
-VER        = 1.4.20
+VER        = 1.4.21
  
  THISAPP    = iptables-$(VER)
  DL_FILE    = $(THISAPP).tar.bz2
@@ -49,7 +49,7 @@ libnetfilter_queue-1.0.1.tar.bz2      = $(URL_IPFIRE)/libnetfilter_queue-1.0.1.tar.bz
  libnetfilter_conntrack-1.0.2.tar.bz2   = $(URL_IPFIRE)/libnetfilter_conntrack-1.0.2.tar.bz2
  libnetfilter_cttimeout-1.0.0.tar.bz2   = $(URL_IPFIRE)/libnetfilter_cttimeout-1.0.0.tar.bz2
  
-$(DL_FILE)_MD5 = 387b92d3efcf4f07fe31c3bf0f1d18f5
+$(DL_FILE)_MD5 = 536d048c8e8eeebcd9757d0863ebb0c0
  netfilter-layer7-v2.22.tar.gz_MD5 = 98dff8a3d5a31885b73341633f69501f
  libnfnetlink-1.0.0.tar.bz2_MD5 = 016fdec8389242615024c529acc1adb8
  libnetfilter_queue-1.0.1.tar.bz2_MD5 = 08b968cb2d36c24deb7f26a69f5d8602
diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall

index 37ef351ed748b2d9da24fd9315d6f516633ac0f6..f23f7f4eb485d78d594ef16ba33aecd39d848c48 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -177,6 +177,10 @@ iptables_init() {
         /sbin/iptables -N FORWARDFW
         /sbin/iptables -A FORWARD -j FORWARDFW
  
+       # SNAT rules
+       /sbin/iptables -t nat -N NAT_SOURCE
+       /sbin/iptables -t nat -A POSTROUTING -j NAT_SOURCE
+
         # RED chain, used for the red interface
         /sbin/iptables -N REDINPUT
         /sbin/iptables -A INPUT -j REDINPUT
@@ -195,10 +199,6 @@ iptables_init() {
         /sbin/iptables -t nat -N NAT_DESTINATION
         /sbin/iptables -t nat -A PREROUTING -j NAT_DESTINATION
  
-       # SNAT rules
-       /sbin/iptables -t nat -N NAT_SOURCE
-       /sbin/iptables -t nat -A POSTROUTING -j NAT_SOURCE
-
         # upnp chain for our upnp daemon
         /sbin/iptables -t nat -N UPNPFW
         /sbin/iptables -t nat -A PREROUTING -j UPNPFW
author	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)
config/rootfiles/common/iptables		patch \| blob \| blame \| history
lfs/iptables		patch \| blob \| blame \| history
src/initscripts/init.d/firewall		patch \| blob \| blame \| history