From: blogic Date: Tue, 14 Oct 2008 10:53:55 +0000 (+0000) Subject: fixes firewall for trunk, custom chains were never reched, as policies apply beforehand X-Git-Url: https://git.rohieb.name/openwrt.git/commitdiff_plain/e9ded9eef53effd2804a16f0fa04c18f031fcbdb fixes firewall for trunk, custom chains were never reched, as policies apply beforehand git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12978 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh index 0f7e2ff05..f46a533ef 100755 --- a/package/firewall/files/uci_firewall.sh +++ b/package/firewall/files/uci_firewall.sh @@ -157,6 +157,9 @@ fw_defaults() { config_get syn_rate $1 syn_rate config_get syn_burst $1 syn_burst [ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst + + echo "Adding custom chains" + fw_custom_chains $IPTABLES -N input $IPTABLES -N output @@ -170,9 +173,6 @@ fw_defaults() { $IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset $IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable - echo "Adding custom chains" - fw_custom_chains - fw_set_chain_policy INPUT "$DEF_INPUT" fw_set_chain_policy OUTPUT "$DEF_OUTPUT" fw_set_chain_policy FORWARD "$DEF_FORWARD"