From 9df887ee263194da0b265df7101395ce901693d2 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Mon, 28 Jan 2013 15:59:01 +0000
Subject: [PATCH] AA: firewall: backport r35348

SVN-Revision: 35350
---
 package/firewall/Makefile                    | 4 ++--
 package/firewall/files/lib/core_interface.sh | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index 4d7970a502..b2be06b30c 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2008-2012 OpenWrt.org
+# Copyright (C) 2008-2013 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall
 
 PKG_VERSION:=2
-PKG_RELEASE:=55
+PKG_RELEASE:=55.1
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/package/firewall/files/lib/core_interface.sh b/package/firewall/files/lib/core_interface.sh
index 3d6718431f..7400e2d351 100644
--- a/package/firewall/files/lib/core_interface.sh
+++ b/package/firewall/files/lib/core_interface.sh
@@ -106,6 +106,9 @@ fw_configure_interface() {
 		fw $action $mode r PREROUTING ${chain}_notrack    $ { -i "$ifname" $inet }
 		fw $action $mode n POSTROUTING ${chain}_nat       $ { -o "$ifname" $onet }
 
+		# Flush conntrack table
+		echo f >/proc/net/nf_conntrack 2>/dev/null
+
 		lock -u /var/run/firewall-interface.lock
 	}
 
-- 
2.30.2