From f861f8da35af949dc9c69463be4c8bcbc132e0cd Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 29 Dec 2017 12:38:58 -0800 Subject: [PATCH] Add :syn to each TCP entry in the conntrack file Signed-off-by: Tom Eastep --- Shorewall/configfiles/conntrack | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Shorewall/configfiles/conntrack b/Shorewall/configfiles/conntrack index 5fea6b94f..9bad818d3 100644 --- a/Shorewall/configfiles/conntrack +++ b/Shorewall/configfiles/conntrack @@ -14,16 +14,16 @@ CT:helper:amanda:PO - - udp 10080 ?endif ?if __FTP_HELPER -CT:helper:ftp:PO - - tcp 21 +CT:helper:ftp:PO - - tcp:syn 21 ?endif ?if __H323_HELPER CT:helper:RAS:PO - - udp 1719 -CT:helper:Q.931:PO - - tcp 1720 +CT:helper:Q.931:PO - - tcp:syn 1720 ?endif ?if __IRC_HELPER -CT:helper:irc:PO - - tcp 6667 +CT:helper:irc:PO - - tcp:syn 6667 ?endif ?if __NETBIOS_NS_HELPER @@ -31,11 +31,11 @@ CT:helper:netbios-ns:PO - - udp 137 ?endif ?if __PPTP_HELPER -CT:helper:pptp:PO - - tcp 1723 +CT:helper:pptp:PO - - tcp:syn 1723 ?endif ?if __SANE_HELPER -CT:helper:sane:PO - - tcp 6566 +CT:helper:sane:PO - - tcp:syn 6566 ?endif ?if __SIP_HELPER