iptables: Cleanup creating SNAT/DNAT chains.

[ipfire-2.x.git] / src / initscripts / init.d / firewall

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 772701eae1a736d56adce5cf3c7cd6002c26a8cc..3f181b1380aa05ee5a76b267932a2716e97a6e66 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -178,17 +178,19 @@ iptables_init() {
        /sbin/iptables -t nat -A POSTROUTING -j REDNAT
 
        iptables_red
-               
-       # Custom prerouting chains (for transparent proxy and port forwarding)
+
+       # Custom prerouting chains (for transparent proxy)
        /sbin/iptables -t nat -N SQUID
        /sbin/iptables -t nat -A PREROUTING -j SQUID
+
+       # DNAT rules
        /sbin/iptables -t nat -N NAT_DESTINATION
-       /sbin/iptables -t nat -N NAT_SOURCE
        /sbin/iptables -t nat -A PREROUTING -j NAT_DESTINATION
-       /sbin/iptables -t nat -I POSTROUTING 3 -j NAT_SOURCE
-       
-       
-       
+
+       # SNAT rules
+       /sbin/iptables -t nat -N NAT_SOURCE
+       /sbin/iptables -t nat -A POSTROUTING -j NAT_SOURCE
+
        # upnp chain for our upnp daemon
        /sbin/iptables -t nat -N UPNPFW
        /sbin/iptables -t nat -A PREROUTING -j UPNPFW