From: Alexander Marx <alexander.marx@ipfire.org>
Date: Wed, 11 Mar 2015 13:26:55 +0000 (+0100)
Subject: BUG10620: move reload of firewall.local to main()
X-Git-Tag: v2.17-core91~163^2~9
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=2d0c7a9f7b8f830a5e2b193ffea4334409e25bf1

BUG10620: move reload of firewall.local to main()
---

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 97b8897af8..8abc675f7f 100755
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -88,14 +88,27 @@ sub main {
 	# Flush all chains.
 	&flush();
 
-	# Reload firewall rules.
-	&preparerules();
+	# Prepare firewall rules.
+	if (! -z  "${General::swroot}/firewall/input"){
+		&buildrules(\%configinputfw);
+	}
+	if (! -z  "${General::swroot}/firewall/outgoing"){
+		&buildrules(\%configoutgoingfw);
+	}
+	if (! -z  "${General::swroot}/firewall/config"){
+		&buildrules(\%configfwdfw);
+	}
 
 	# Load P2P block rules.
 	&p2pblock();
 
 	# Reload firewall policy.
 	run("/usr/sbin/firewall-policy");
+
+	#Reload firewall.local if present
+	if ( -f '/etc/sysconfig/firewall.local'){
+		run("/etc/sysconfig/firewall.local reload");
+	}
 }
 
 sub run {
@@ -146,18 +159,6 @@ sub flush {
 	run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX");
 }
 
-sub preparerules {
-	if (! -z  "${General::swroot}/firewall/input"){
-		&buildrules(\%configinputfw);
-	}
-	if (! -z  "${General::swroot}/firewall/outgoing"){
-		&buildrules(\%configoutgoingfw);
-	}
-	if (! -z  "${General::swroot}/firewall/config"){
-		&buildrules(\%configfwdfw);
-	}
-}
-
 sub buildrules {
 	my $hash = shift;
 
@@ -512,10 +513,6 @@ sub buildrules {
 			}
 		}
 	}
-	#Reload firewall.local if present
-	if ( -f '/etc/sysconfig/firewall.local'){
-		run("/etc/sysconfig/firewall.local reload");
-	}
 }
 
 # Formats the given timestamp into the iptables format which is "hh:mm" UTC.