From: nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Sat, 10 Oct 2009 18:08:26 +0000 (+0000)
Subject: firewall: do not process rules in reverse
X-Git-Url: https://git.rohieb.name/openwrt.git/commitdiff_plain/71394ccb5e8adc47f44414e5e2b5f354829d7f68

firewall: do not process rules in reverse

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@18015 3c298f89-4303-0410-b956-a3cf2f4a3e73
---

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 3aa1f69c4..64e052fcb 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -280,7 +280,7 @@ fw_rule() {
 	[ -n "$src" -a -n "$dest" ] && ZONE=zone_${src}_forward
 	[ -n "$dest" ] && TARGET=zone_${dest}_$target
 	add_rule() {
-		$IPTABLES -I $ZONE 1 \
+		$IPTABLES -A $ZONE \
 			${proto:+-p $proto} \
 			${icmp_type:+--icmp-type $icmp_type} \
 			${src_ip:+-s $src_ip} \