+iptables_red_down() {
+ # Prohibit packets to reach the masquerading rule
+ # while the wan interface is down - this is required to
+ # circumvent udp related NAT issues
+ # http://forum.ipfire.org/index.php?topic=11127.0
+ if [ -n "${IFACE}" ]; then
+ iptables -F REDFORWARD
+ iptables -A REDFORWARD -o "${IFACE}" -j DROP
+ fi
+
+ # Reload all rules.
+ /usr/local/bin/firewallctrl
+}
+