X-Git-Url: https://git.archive.openwrt.org/?p=project%2Fluci.git;a=blobdiff_plain;f=modules%2Ffreifunk%2Froot%2Fetc%2Ffirewall.freifunk;h=c70ac3a2acc71b85ce0bea297d28bd0cd5fd67b6;hp=ac3fcc55df7217bae27d5e293800569f7d43f487;hb=6ca3b275fc9bd83ccc9a4decf6d04d819f0efcf9;hpb=58d15fdedb105997156c86aedde87a18786da433

diff --git a/modules/freifunk/root/etc/firewall.freifunk b/modules/freifunk/root/etc/firewall.freifunk
index ac3fcc55d..c70ac3a2a 100644
--- a/modules/freifunk/root/etc/firewall.freifunk
+++ b/modules/freifunk/root/etc/firewall.freifunk
@@ -13,6 +13,8 @@ apply_advanced() {
 	local accept_source_route
 
 	config_get_bool tcp_ecn $1 tcp_ecn 1
+	config_get ip_conntrack_max $1 ip_conntrack_max
+	config_get_bool tcp_westwood $1 tcp_westwood 0
 	config_get_bool tcp_window_scaling $1 tcp_window_scaling 1
 	config_get_bool accept_redirects $1 accept_redirects 0
 	config_get_bool accept_source_route $1 accept_source_route 0
@@ -24,6 +26,8 @@ apply_advanced() {
 
 	sysctl -w net.ipv4.tcp_ecn=$tcp_ecn >/dev/null
 	sysctl -w net.ipv4.tcp_window_scaling=$tcp_window_scaling >/dev/null
+	sysctl -w net.ipv4.tcp_westwood=$tcp_westwood >/dev/null
+	sysctl -w net.ipv4.ip_conntrack_max=$ip_conntrack_max >/dev/null
 
 	for f in /proc/sys/net/ipv4/conf/*/accept_redirects; do
 		echo $accept_redirects > $f
@@ -48,4 +52,8 @@ apply_nat_fix() {
 	(ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/22-firewall-nat-fix )
 }
 
+uci_set_state firewall core loaded 1
+config_foreach fw_addif interface
 config_foreach apply_nat_fix interface
+
+[ -x /etc/init.d/luci_splash ] && /etc/init.d/luci_splash start