Enable the creation of state invalid catch rules by default to prevent
unnatted traffic from leaking onto the wan.
Fixes OpenWrt ticket #21738.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
defs->tcp_syncookies = true;
defs->tcp_window_scaling = true;
defs->custom_chains = true;
defs->tcp_syncookies = true;
defs->tcp_window_scaling = true;
defs->custom_chains = true;
+ defs->drop_invalid = true;
uci_foreach_element(&p->sections, e)
{
uci_foreach_element(&p->sections, e)
{