projects / feed / routing.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge remote-tracking branch 'nodogsplash/master'
[feed/routing.git] / nodogsplash / patches / 002-deprecated_iptables_syntax.patch
1 --- a/src/fw_iptables.c
2 +++ b/src/fw_iptables.c
3 @@ -449,7 +449,7 @@ iptables_fw_init(void) {
4 /* CHAIN_TO_ROUTER, related and established packets ACCEPT */
5 rc |= iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -m state --state RELATED,ESTABLISHED -j ACCEPT");
6 /* CHAIN_TO_ROUTER, bogus SYN packets DROP */
7 - rc |= iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p tcp --tcp-flags SYN SYN --tcp-option \\! 2 -j DROP");
8 + rc |= iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p tcp --tcp-flags SYN SYN \\! --tcp-option 2 -j DROP");
9
10 /* CHAIN_TO_ROUTER, packets to HTTP listening on gw_port on router ACCEPT */
11 rc |= iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p tcp --dport %d -j ACCEPT", gw_port);
Mirror of routing feed