From fe7a87ec257bf9a5a3c3ef3e1a79fbdb46d77a1e Mon Sep 17 00:00:00 2001 From: gngpp Date: Wed, 12 Apr 2023 21:17:08 +0800 Subject: [PATCH] firewall: fix TCP MSS settings issue (#40) --- package/network/config/firewall/Makefile | 6 +-- .../config/firewall/files/firewall.config | 2 +- .../001-firewall3-fix-locking-issue.patch | 38 ------------------- 3 files changed, 4 insertions(+), 42 deletions(-) delete mode 100644 package/network/config/firewall/patches/001-firewall3-fix-locking-issue.patch diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile index d7470f23b..7f8c655c5 100644 --- a/package/network/config/firewall/Makefile +++ b/package/network/config/firewall/Makefile @@ -13,9 +13,9 @@ PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/firewall3.git -PKG_SOURCE_DATE:=2021-03-23 -PKG_SOURCE_VERSION:=61db17edddb1f05e8107f0dbef6f7d060ce67483 -PKG_MIRROR_HASH:=b2eb09816640e14e2dae21fb54ea05c33858fe0004844fe8d99e541a2e19e9c0 +PKG_SOURCE_DATE:=2022-02-17 +PKG_SOURCE_VERSION:=4cd7d4f36bea731bf901cb067456f1d460294926 +PKG_MIRROR_HASH:=ce9e8ac1bcf22afbb0a80c3da1a8e8e887851299681097e3dfbfc347f2c4c80f PKG_MAINTAINER:=Jo-Philipp Wich PKG_LICENSE:=ISC diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config index cdb4d0880..42e3f27df 100644 --- a/package/network/config/firewall/files/firewall.config +++ b/package/network/config/firewall/files/firewall.config @@ -3,7 +3,7 @@ config defaults option input ACCEPT option output ACCEPT option forward REJECT - option fullcone 2 + option fullcone 0 # Uncomment this line to disable ipv6 rules # option disable_ipv6 1 diff --git a/package/network/config/firewall/patches/001-firewall3-fix-locking-issue.patch b/package/network/config/firewall/patches/001-firewall3-fix-locking-issue.patch deleted file mode 100644 index 8657b5c71..000000000 --- a/package/network/config/firewall/patches/001-firewall3-fix-locking-issue.patch +++ /dev/null @@ -1,38 +0,0 @@ -From df1306a96127e91ff2d513a0a67345baaf61d113 Mon Sep 17 00:00:00 2001 -From: Florian Eckert -Date: Fri, 19 Nov 2021 09:51:02 +0100 -Subject: [PATCH] firewall3: fix locking issue - -By calling the command 'fw3 reload' several times at the same time, I -noticed that the locking was not working properly. It happened from time -to time that some firewall rules were present twice in the system! - -By removing the 'unlink' systemcall, this error no longer occurred on my -systems. - -Since fw3 does not run as a service, it makes no sense to delete this -lock file every time a filehandler is no longer open on this lock file, -because fw3 binary is not running. - -If fw3 does run as a service then we can remove this lock file on -service stop. But this is not the case for fw3. - -Signed-off-by: Florian Eckert ---- - utils.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/utils.c b/utils.c -index 17d5bf9..92e966c 100644 ---- a/utils.c -+++ b/utils.c -@@ -397,7 +397,6 @@ fw3_unlock_path(int *fd, const char *lockpath) - warn("Cannot release exclusive lock: %s", strerror(errno)); - - close(*fd); -- unlink(FW3_LOCKFILE); - - *fd = -1; - } --- -2.30.2