From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 21 Aug 2014 14:12:43 +0000 (+0200)
Subject: firewall: Fix initialization when RED has not been brought up yet
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e7204c2d95f34802c2719cce613e4c7aafabb687;p=people%2Fms%2Fipfire-2.x.git

firewall: Fix initialization when RED has not been brought up yet
---

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 0d80e7cd6d..c7f8b679d6 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -369,8 +369,10 @@ iptables_red_down() {
 	# while the wan interface is down - this is required to
 	# circumvent udp related NAT issues
 	# http://forum.ipfire.org/index.php?topic=11127.0
-	iptables -F REDFORWARD
-	iptables -A REDFORWARD -o $IFACE -j DROP
+	if [ -n "${IFACE}" ]; then
+		iptables -F REDFORWARD
+		iptables -A REDFORWARD -o "${IFACE}" -j DROP
+	fi
 
 	# Reload all rules.
 	/usr/local/bin/firewallctrl