From: John Crispin <john@openwrt.org>
Date: Tue, 14 Oct 2008 10:53:55 +0000 (+0000)
Subject: fixes firewall for trunk, custom chains were never reched, as policies apply beforehand
X-Git-Tag: reboot~25410
X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=3830b905e323af2da404584e27da92803ab06005;p=openwrt%2Fopenwrt.git

fixes firewall for trunk, custom chains were never reched, as policies apply beforehand

SVN-Revision: 12978
---

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 0f7e2ff058..f46a533efd 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -157,6 +157,9 @@ fw_defaults() {
 	config_get syn_rate $1 syn_rate
 	config_get syn_burst $1 syn_burst
 	[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
+	
+	echo "Adding custom chains"
+	fw_custom_chains
 
 	$IPTABLES -N input
 	$IPTABLES -N output
@@ -170,9 +173,6 @@ fw_defaults() {
 	$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
 	$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
 
-	echo "Adding custom chains"
-	fw_custom_chains
-
 	fw_set_chain_policy INPUT "$DEF_INPUT"
 	fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
 	fw_set_chain_policy FORWARD "$DEF_FORWARD"