From: Peter Müller <peter.mueller@ipfire.org>
Date: Sat, 29 Jan 2022 17:59:31 +0000 (+0000)
Subject: firewall: Align chain name to Collectd configuration
X-Git-Tag: v2.27-core164~44^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=37a9a0ba036af3cbca761e86e25bd808e20abbe6;p=ipfire-2.x.git

firewall: Align chain name to Collectd configuration

This fixes broken firewall hits graphs.

Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index 1effbf51eb..7d081bbc36 100644
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -141,17 +141,15 @@ iptables_init() {
 
 	# Log and drop any traffic from and to networks known as being hostile, posing
 	# a technical threat to our users (i. e. listed at Spamhaus DROP et al.)
-	iptables -N DROP_HOSTILE
+	iptables -N HOSTILE
 	if [ "$DROPHOSTILE" == "on" ]; then
-		iptables -A DROP_HOSTILE  -m limit --limit 10/second -j LOG  --log-prefix "DROP_HOSTILE "
-
-		iptables -A INPUT   -i $IFACE -m geoip --src-cc XD -j DROP_HOSTILE
-		iptables -A FORWARD -i $IFACE -m geoip --src-cc XD -j DROP_HOSTILE
-		iptables -A FORWARD -o $IFACE -m geoip --dst-cc XD -j DROP_HOSTILE
-		iptables -A OUTPUT  -o $IFACE -m geoip --src-cc XD -j DROP_HOSTILE
-
-		iptables -A DROP_HOSTILE -j DROP -m comment --comment "DROP_HOSTILE"
+		iptables -A HOSTILE -m limit --limit 10/second -j LOG  --log-prefix "DROP_HOSTILE "
+		iptables -A INPUT   -i $IFACE -m geoip --src-cc XD -j HOSTILE
+		iptables -A FORWARD -i $IFACE -m geoip --src-cc XD -j HOSTILE
+		iptables -A FORWARD -o $IFACE -m geoip --dst-cc XD -j HOSTILE
+		iptables -A OUTPUT  -o $IFACE -m geoip --src-cc XD -j HOSTILE
 	fi
+	iptables -A HOSTILE -j DROP -m comment --comment "DROP_HOSTILE"
 
 	# P2PBLOCK
 	iptables -N P2PBLOCK