firewall/rules.pl: Make geoipsettings hash and locations array

[ipfire-2.x.git] / config / firewall / rules.pl

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 86db47367a31ee4823b81650b1a101a4caded5ed..33ccc9135a058b1c1f40e9d8fa53f29a8cdac473 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -55,6 +55,10 @@ my %customgrp=();
 my %configinputfw=();
 my %configoutgoingfw=();
 my %confignatfw=();
+my %geoipsettings = (
+       "GEOIPBLOCK_ENABLED" => "off"
+);
+
 my @p2ps=();
 
 my $configfwdfw                = "${General::swroot}/firewall/config";
@@ -73,6 +77,15 @@ my $netsettings              = "${General::swroot}/ethernet/settings";
 &General::readhasharray($configoutgoing, \%configoutgoingfw);
 &General::readhasharray($configgrp, \%customgrp);
 
+# Check if the geoip settings file exists
+if (-e "$geoipfile") {
+       # Read settings file
+       &General::readhash("$geoipfile", \%geoipsettings);
+}
+
+# Get all GeoIP locations.
+my @locations = &fwlib::get_geoip_locations();
+
 my @log_limit_options = &make_log_limit_options();
 
 my $POLICY_INPUT_ALLOWED   = 0;
@@ -583,27 +596,15 @@ sub p2pblock {
 }
 
 sub geoipblock {
-       my %geoipsettings = ();
-       $geoipsettings{'GEOIPBLOCK_ENABLED'} = "off";
-
        # Flush iptables chain.
        run("$IPTABLES -F GEOIPBLOCK");
 
-       # Check if the geoip settings file exists
-       if (-e "$geoipfile") {
-               # Read settings file
-               &General::readhash("$geoipfile", \%geoipsettings);
-       }
-
        # If geoip blocking is not enabled, we are finished here.
        if ($geoipsettings{'GEOIPBLOCK_ENABLED'} ne "on") {
                # Exit submodule. Process remaining script.
                return;
        }
 
-       # Get supported locations.
-       my @locations = &fwlib::get_geoip_locations();
-
        # Loop through all supported geoip locations and
        # create iptables rules, if blocking this country
        # is enabled.