AA: firewall: backport r35348

[12.09/openwrt.git] / package / firewall / files / lib / core_interface.sh

diff --git a/package/firewall/files/lib/core_interface.sh b/package/firewall/files/lib/core_interface.sh
index 3d67184..7400e2d 100644 (file)
--- a/package/firewall/files/lib/core_interface.sh
+++ b/package/firewall/files/lib/core_interface.sh
@@ -106,6 +106,9 @@ fw_configure_interface() {
                fw $action $mode r PREROUTING ${chain}_notrack    $ { -i "$ifname" $inet }
                fw $action $mode n POSTROUTING ${chain}_nat       $ { -o "$ifname" $onet }
 
+               # Flush conntrack table
+               echo f >/proc/net/nf_conntrack 2>/dev/null
+
                lock -u /var/run/firewall-interface.lock
        }