aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Crispin <blogic@openwrt.org>2008-10-14 10:53:55 +0000
committerJohn Crispin <blogic@openwrt.org>2008-10-14 10:53:55 +0000
commitb4b461e666f5dd301fd1ce47fa332faf259391eb (patch)
tree40178aadca4db4531a67d352526af4f59142a78a
parentc26489faa755084c2bdd20666ae9db2574735e0b (diff)
downloadupstream-b4b461e666f5dd301fd1ce47fa332faf259391eb.tar.gz
upstream-b4b461e666f5dd301fd1ce47fa332faf259391eb.tar.bz2
upstream-b4b461e666f5dd301fd1ce47fa332faf259391eb.zip
fixes firewall for trunk, custom chains were never reched, as policies apply beforehand
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12978 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rwxr-xr-xpackage/firewall/files/uci_firewall.sh6
1 files changed, 3 insertions, 3 deletions
diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 0f7e2ff058..f46a533efd 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -157,6 +157,9 @@ fw_defaults() {
config_get syn_rate $1 syn_rate
config_get syn_burst $1 syn_burst
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
+
+ echo "Adding custom chains"
+ fw_custom_chains
$IPTABLES -N input
$IPTABLES -N output
@@ -170,9 +173,6 @@ fw_defaults() {
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
- echo "Adding custom chains"
- fw_custom_chains
-
fw_set_chain_policy INPUT "$DEF_INPUT"
fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
fw_set_chain_policy FORWARD "$DEF_FORWARD"