diff options
author | John Crispin <john@openwrt.org> | 2008-10-14 10:53:55 +0000 |
---|---|---|
committer | John Crispin <john@openwrt.org> | 2008-10-14 10:53:55 +0000 |
commit | 3830b905e323af2da404584e27da92803ab06005 (patch) | |
tree | e7ddd5204f3355da8bf44761fc1fb7eff972aa53 /package/firewall | |
parent | 46d856ac86d3dd78d4d88cac9909ea773b3f1901 (diff) | |
download | upstream-3830b905e323af2da404584e27da92803ab06005.tar.gz upstream-3830b905e323af2da404584e27da92803ab06005.tar.bz2 upstream-3830b905e323af2da404584e27da92803ab06005.zip |
fixes firewall for trunk, custom chains were never reched, as policies apply beforehand
SVN-Revision: 12978
Diffstat (limited to 'package/firewall')
-rwxr-xr-x | package/firewall/files/uci_firewall.sh | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh index 0f7e2ff058..f46a533efd 100755 --- a/package/firewall/files/uci_firewall.sh +++ b/package/firewall/files/uci_firewall.sh @@ -157,6 +157,9 @@ fw_defaults() { config_get syn_rate $1 syn_rate config_get syn_burst $1 syn_burst [ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst + + echo "Adding custom chains" + fw_custom_chains $IPTABLES -N input $IPTABLES -N output @@ -170,9 +173,6 @@ fw_defaults() { $IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset $IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable - echo "Adding custom chains" - fw_custom_chains - fw_set_chain_policy INPUT "$DEF_INPUT" fw_set_chain_policy OUTPUT "$DEF_OUTPUT" fw_set_chain_policy FORWARD "$DEF_FORWARD" |