From 6bb2c7a8e4dd62feab0959f699cd6d55f7891dbb Mon Sep 17 00:00:00 2001
From: Niels Werensteijn <niels.werensteijn@teamspeak.com>
Date: Thu, 20 Oct 2016 19:04:18 +0200
Subject: [PATCH] mind fragments in fw simple example

---
 examples/simple/create-fw.sh | 6 ++++--
 examples/simple/delete-fw.sh | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/examples/simple/create-fw.sh b/examples/simple/create-fw.sh
index 58e5ab8..569408d 100755
--- a/examples/simple/create-fw.sh
+++ b/examples/simple/create-fw.sh
@@ -35,8 +35,10 @@ RANDOM_FILE=`pwd`/${RANDOM_FILE_NAME}
 #disable connection tracking for ts3 server
 sudo ${IPTABLES} -t raw -A PREROUTING -p udp --dport 9987 -j CT --notrack
 
-#move ts3 traffic to TS3_TRAFFIC chain, and filetransfer to TCP chain
-sudo ${IPTABLES} -A INPUT -p udp --dport 9987 -j TS3_UDP_TRAFFIC
+#move ts3 traffic to TS3_TRAFFIC chain (do not allow fragments)
+sudo ${IPTABLES} -A INPUT -p udp --dport 9987 \! -f -j TS3_UDP_TRAFFIC
+
+#move filetransfer to TCP chain
 sudo ${IPTABLES} -A INPUT -p tcp --dport 30033 -j TS3_TCP_TRAFFIC
 
 #Allow authorized clients on UDP
diff --git a/examples/simple/delete-fw.sh b/examples/simple/delete-fw.sh
index 01d0ecd..b86294c 100755
--- a/examples/simple/delete-fw.sh
+++ b/examples/simple/delete-fw.sh
@@ -13,7 +13,7 @@ fi
 
 #clear up ${IPTABLES}
 sudo ${IPTABLES} -t raw -D PREROUTING -p udp --dport 9987 -j CT --notrack
-sudo ${IPTABLES} -D INPUT -p udp --dport 9987 -j TS3_UDP_TRAFFIC
+sudo ${IPTABLES} -D INPUT -p udp --dport 9987 \! -f -j TS3_UDP_TRAFFIC
 sudo ${IPTABLES} -D INPUT -p tcp --dport 30033 -j TS3_TCP_TRAFFIC
 
 sudo ${IPTABLES} -F TS3_UDP_TRAFFIC