From e7204c2d95f34802c2719cce613e4c7aafabb687 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 21 Aug 2014 16:12:43 +0200
Subject: [PATCH] firewall: Fix initialization when RED has not been brought up
 yet

---
 src/initscripts/init.d/firewall | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 0d80e7cd6d..c7f8b679d6 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -369,8 +369,10 @@ iptables_red_down() {
 	# while the wan interface is down - this is required to
 	# circumvent udp related NAT issues
 	# http://forum.ipfire.org/index.php?topic=11127.0
-	iptables -F REDFORWARD
-	iptables -A REDFORWARD -o $IFACE -j DROP
+	if [ -n "${IFACE}" ]; then
+		iptables -F REDFORWARD
+		iptables -A REDFORWARD -o "${IFACE}" -j DROP
+	fi
 
 	# Reload all rules.
 	/usr/local/bin/firewallctrl
-- 
2.39.2