From 5b0eca95280d4eca42d54b007f4fd41c33a82152 Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Sat, 12 Feb 2022 18:00:09 +0000
Subject: [PATCH] firewall: initialize IFACE if it is empty

at first boot there is no IFACE set which result in iptables
errors at boot.

fixes #12767

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 src/initscripts/system/firewall | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index f35b6b6e18..577c10c89d 100644
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -7,6 +7,9 @@ eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
 eval $(/usr/local/bin/readhash /var/ipfire/optionsfw/settings)
 IFACE=`/bin/cat /var/ipfire/red/iface 2> /dev/null | /usr/bin/tr -d '\012'`
+if [ -z $IFACE]; then
+	IFACE="red0"
+fi
 
 if [ -f /var/ipfire/red/device ]; then
 	DEVICE=`/bin/cat /var/ipfire/red/device 2> /dev/null | /usr/bin/tr -d '\012'`
@@ -39,9 +42,6 @@ iptables_init() {
 	iptables -P FORWARD DROP
 	iptables -P OUTPUT ACCEPT
 
-	# Ensure the xt_geoip module is always loaded (#12767)
-	modprobe xt_geoip
-
 	# Enable TRACE logging to syslog
 	modprobe nf_log_ipv4
 	sysctl -q -w net.netfilter.nf_log.2=nf_log_ipv4
-- 
2.39.5