From e8ebfb5a11fa0a9b5bf94561eaf9e5e8acfa082c Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Mon, 7 Sep 2015 15:46:14 -0700
Subject: [PATCH] Correct PSH,FIN check

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Misc.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index aa5786950..c41c48eb1 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -1009,7 +1009,7 @@ sub add_common_rules ( $ ) {
 	add_ijump $chainref , g => $disposition, p => 'tcp --tcp-flags SYN,RST SYN,RST';
 	add_ijump $chainref , g => $disposition, p => 'tcp --tcp-flags FIN,RST FIN,RST';
 	add_ijump $chainref , g => $disposition, p => 'tcp --tcp-flags SYN,FIN SYN,FIN';
-	add_ijump $chainref , g => $disposition, p => 'tcp --tcp-flags PSH,FIN PSH,FIN';
+	add_ijump $chainref , g => $disposition, p => 'tcp --tcp-flags ACK,PSH,FIN PSH,FIN';
 	add_ijump $chainref , g => $disposition, p => 'tcp --syn --sport 0';
 
 	for my $hostref  ( @$list ) {