fix default firewall script and kernel mod dependencies

mk/modules.mk

@@ -342,6 +342,10 @@ $(eval $(call KMOD_template,NETFILTER_XT_TARGET_NFQUEUE,netfilter-xt-target-nfqu
 	$(MODULES_DIR)/kernel/net/netfilter/xt_NFQUEUE \
 ,50))
 
+$(eval $(call KMOD_template,NETFILTER_XT_TARGET_TCPMSS,netfilter-xt-target-tcpmss,\
+	$(MODULES_DIR)/kernel/net/netfilter/xt_TCPMSS \
+,50))
+
 $(eval $(call KMOD_template,NETFILTER_XT_TARGET_NOTRACK,netfilter-xt-target-notrack,\
 	$(MODULES_DIR)/kernel/net/netfilter/xt_NOTRACK \
 ,50))

package/iptables/Makefile

@@ -9,7 +9,7 @@ PKG_RELEASE:=		1
 PKG_MD5SUM:=		c67cf30e281a924def6426be0973df56
 PKG_DESCR:=		The netfilter firewalling software
 PKG_SECTION:=		net
-PKG_DEPENDS:=		kmod-ip-nf-iptables kmod-nf-conntrack kmod-nf-conntrack-ipv4 kmod-nf-nat kmod-ip-nf-target-masquerade kmod-ip-nf-target-reject kmod-ip-nf-filter
+PKG_DEPENDS:=		kmod-ip-nf-iptables kmod-nf-conntrack kmod-nf-conntrack-ipv4 kmod-nf-nat kmod-ip-nf-target-masquerade kmod-ip-nf-target-reject kmod-ip-nf-filter kmod-ip-nf-match-state kmod-netfilter-xt-target-tcpmss
 PKG_URL:=		http://www.netfilter.org
 PKG_SITES:=		http://www.netfilter.org/projects/iptables/files/ \
 			ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \

package/iptables/files/firewall.conf

@@ -1,13 +1,11 @@
 #!/bin/sh
-
-
 echo "configure /etc/firewall.conf first."
 exit 1
 
 ### Interfaces
 WAN=ppp0
 LAN=br0
-WLAN=
+WLAN=wlan0
 
 ######################################################################
 ### Default ruleset
@@ -29,7 +27,7 @@ iptables -P FORWARD DROP
 # base case
 iptables -A INPUT -m state --state INVALID -j DROP
 iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j DROP
+iptables -A INPUT -p tcp --tcp-flags SYN SYN \! --tcp-option 2 -j DROP
 
 # custom rules
 iptables -A INPUT -j input_rule

target/linux/config/Config.in.netfilter

@@ -189,6 +189,11 @@ config ADK_KPACKAGE_KMOD_NETFILTER_XT_TARGET_NFQUEUE
 	  As opposed to QUEUE, it supports 65535 different queues,
 	  not just one.
 
+config ADK_KPACKAGE_KMOD_NETFILTER_XT_TARGET_TCPMSS
+	tristate 'TCPMSS target'
+	select ADK_KERNEL_NETFILTER_XTABLES
+	help
+
 endmenu
 
 menu "IP: Netfilter Configuration"