* Fixed firewall scripts

2 files changed, 6 insertions, 6 deletions

diff --git a/contrib/init.d/luci_fw b/contrib/init.d/luci_fw
index f393719ab..4cb9c4799 100644
--- a/contrib/init.d/luci_fw
+++ b/contrib/init.d/luci_fw
@@ -15,12 +15,14 @@ apply_portfw() {
 	
 	if ([ "$proto" == "tcpudp" ] || [ "$proto" == "tcp" ]); then
 		iptables -t nat -A luci_prerouting -i "$iface" -p tcp --dport "$dport" -j DNAT --to "$to"
-		iptables -A luci_forward -i "$iface" -p tcp -d "$ip" "$ports" -j ACCEPT
+		iptables -t nat -A luci_postrouting -p tcp -d "$ip" $ports -j MASQUERADE
+		iptables -A luci_forward -i "$iface" -p tcp -d "$ip" $ports -j ACCEPT
 	fi
 
 	if ([ "$proto" == "tcpudp" ] || [ "$proto" == "udp" ]); then
 		iptables -t nat -A luci_prerouting -i "$iface" -p udp --dport "$dport" -j DNAT --to "$to"
-		iptables -A luci_forward -i "$iface" -p udp -d "$ip" "$ports" -j ACCEPT
+		iptables -t nat -A luci_postrouting -p udp -d "$ip" $ports -j MASQUERADE
+		iptables -A luci_forward -i "$iface" -p udp -d "$ip" $ports -j ACCEPT
 	fi
 }
 
@@ -66,9 +68,6 @@ apply_rule() {
 	config_get jump "$cfg" jump
 	[ -n "$jump" ] && cmd="$cmd -j $jump"	
 
-	config_get state "$cfg" state
-	[ -n "$state" ] && cmd="$cmd -m state --state $state"	
-
 	config_get command "$cfg" command
 	[ -n "$command" ] && cmd="$cmd $command"	
 
diff --git a/contrib/uci/luci b/contrib/uci/luci
index 640faf170..ba9ad4745 100644
--- a/contrib/uci/luci
+++ b/contrib/uci/luci
@@ -19,4 +19,5 @@ config event uci_oncommit
         option network	"/etc/init.d/network restart"
         option wireless	"/etc/init.d/network restart"
         option olsrd	"/etc/init.d/olsrd restart"
-        option dhcp		"/etc/init.d/dhcp restart"
\ No newline at end of file
+        option dhcp		"/etc/init.d/dhcp restart"
+        option luci_fw  "/etc/init.d/luci_fw restart"
\ No newline at end of file