From 3975b50621061f9ff5febbeecb06953715b274d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Mon, 10 May 2010 12:26:34 +0300
Subject: [PATCH] Removed state handling from ip6tables. IPv6 states are broken
 on EL5.

---
 firewall/templates/ip6tables.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/firewall/templates/ip6tables.erb b/firewall/templates/ip6tables.erb
index 7639e44..1a664ed 100644
--- a/firewall/templates/ip6tables.erb
+++ b/firewall/templates/ip6tables.erb
@@ -13,7 +13,7 @@
     rule = /(tcp|udp)\/([\d:]+)( .+)?/.match(rule)
     if not rule[3] or IPAddr.new(rule[3].strip()).ipv6?
 -%>
--A INPUT<% if rule[1] == "tcp" %> -m state --state NEW<% end %> -m <%= rule[1] %> -p <%= rule[1] %><% if rule[3] %> -s<%= rule[3] %><% end %> --dport <%= rule[2] %> -j ACCEPT
+-A INPUT -m <%= rule[1] %> -p <%= rule[1] %><% if rule[3] %> -s<%= rule[3] %><% end %> --dport <%= rule[2] %> -j ACCEPT
 <%
     end
   end