This was done by tc only when QoS was enabled
Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- config/qos/makeqosscripts.pl | 1 - src/initscripts/system/firewall | 3 +++ 2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/config/qos/makeqosscripts.pl b/config/qos/makeqosscripts.pl index 3af046ac3..5bdd5b811 100644 --- a/config/qos/makeqosscripts.pl +++ b/config/qos/makeqosscripts.pl @@ -370,7 +370,6 @@ print <<END ip link set $qossettings{'IMQ_DEV'} up
tc filter add dev $qossettings{'RED_DEV'} parent ffff: protocol all u32 match u32 0 0 \ - action connmark \ action mirred egress redirect dev $qossettings{'IMQ_DEV'}
### ADD HTB QDISC FOR $qossettings{'IMQ_DEV'} diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall index 9d023a349..7a7d52d57 100644 --- a/src/initscripts/system/firewall +++ b/src/initscripts/system/firewall @@ -100,6 +100,9 @@ iptables_init() { iptables -t raw -N CONNTRACK iptables -t raw -A PREROUTING -j CONNTRACK
+ # Restore any connection marks + iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark + # Fix for braindead ISPs iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu