From: Felix Fietkau <nbd@openwrt.org>
Date: Sat, 10 Oct 2009 18:08:26 +0000 (+0000)
Subject: firewall: do not process rules in reverse
X-Git-Tag: reboot~22197
X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=2ecfe91b617efe7cb7c015e5ee7f239a2f6adea4;p=openwrt%2Fstaging%2Fblogic.git

firewall: do not process rules in reverse

SVN-Revision: 18015
---

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 3aa1f69c46f9..64e052fcb2e5 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -280,7 +280,7 @@ fw_rule() {
 	[ -n "$src" -a -n "$dest" ] && ZONE=zone_${src}_forward
 	[ -n "$dest" ] && TARGET=zone_${dest}_$target
 	add_rule() {
-		$IPTABLES -I $ZONE 1 \
+		$IPTABLES -A $ZONE \
 			${proto:+-p $proto} \
 			${icmp_type:+--icmp-type $icmp_type} \
 			${src_ip:+-s $src_ip} \