summaryrefslogtreecommitdiff
path: root/package/firewall/files/uci_firewall.sh
diff options
context:
space:
mode:
authorJohn Crispin <john@openwrt.org>2008-10-14 10:53:55 +0000
committerJohn Crispin <john@openwrt.org>2008-10-14 10:53:55 +0000
commit3830b905e323af2da404584e27da92803ab06005 (patch)
treee7ddd5204f3355da8bf44761fc1fb7eff972aa53 /package/firewall/files/uci_firewall.sh
parent46d856ac86d3dd78d4d88cac9909ea773b3f1901 (diff)
downloadmtk-20170518-3830b905e323af2da404584e27da92803ab06005.zip
mtk-20170518-3830b905e323af2da404584e27da92803ab06005.tar.gz
mtk-20170518-3830b905e323af2da404584e27da92803ab06005.tar.bz2
fixes firewall for trunk, custom chains were never reched, as policies apply beforehand
SVN-Revision: 12978
Diffstat (limited to 'package/firewall/files/uci_firewall.sh')
-rwxr-xr-xpackage/firewall/files/uci_firewall.sh6
1 files changed, 3 insertions, 3 deletions
diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 0f7e2ff..f46a533 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -157,6 +157,9 @@ fw_defaults() {
config_get syn_rate $1 syn_rate
config_get syn_burst $1 syn_burst
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
+
+ echo "Adding custom chains"
+ fw_custom_chains
$IPTABLES -N input
$IPTABLES -N output
@@ -170,9 +173,6 @@ fw_defaults() {
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
- echo "Adding custom chains"
- fw_custom_chains
-
fw_set_chain_policy INPUT "$DEF_INPUT"
fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
fw_set_chain_policy FORWARD "$DEF_FORWARD"