X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=src%2Finitscripts%2Fsystem%2Ffirewall;fp=src%2Finitscripts%2Fsystem%2Ffirewall;h=1effbf51eb31c4318fd04b3518d4d254e7a4be0a;hb=92c53b3e0a7d772498ff0b1e91078152910e92b4;hp=ebc8168ae7e219c6dea70bbf1e04001f4153fb5d;hpb=15de7a78feecdfe2fed7ab27d3d8182d8ffa27b3;p=people%2Fpmueller%2Fipfire-2.x.git

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index ebc8168ae7..1effbf51eb 100644
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -141,8 +141,8 @@ iptables_init() {
 
 	# Log and drop any traffic from and to networks known as being hostile, posing
 	# a technical threat to our users (i. e. listed at Spamhaus DROP et al.)
+	iptables -N DROP_HOSTILE
 	if [ "$DROPHOSTILE" == "on" ]; then
-		iptables -N DROP_HOSTILE
 		iptables -A DROP_HOSTILE  -m limit --limit 10/second -j LOG  --log-prefix "DROP_HOSTILE "
 
 		iptables -A INPUT   -i $IFACE -m geoip --src-cc XD -j DROP_HOSTILE