firewall: initialize IFACE if it is empty

at first boot there is no IFACE set which result in iptables
errors at boot.

fixes #12767

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index f35b6b6e18a9147e29a0b459ab6e2416a3335e2a..577c10c89d8c71c6125b120fd0899f4011bb0c76 100644 (file)
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -7,6 +7,9 @@ eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
 eval $(/usr/local/bin/readhash /var/ipfire/optionsfw/settings)
 IFACE=`/bin/cat /var/ipfire/red/iface 2> /dev/null | /usr/bin/tr -d '\012'`
+if [ -z $IFACE]; then
+       IFACE="red0"
+fi
 
 if [ -f /var/ipfire/red/device ]; then
        DEVICE=`/bin/cat /var/ipfire/red/device 2> /dev/null | /usr/bin/tr -d '\012'`
@@ -39,9 +42,6 @@ iptables_init() {
        iptables -P FORWARD DROP
        iptables -P OUTPUT ACCEPT
 
-       # Ensure the xt_geoip module is always loaded (#12767)
-       modprobe xt_geoip
-
        # Enable TRACE logging to syslog
        modprobe nf_log_ipv4
        sysctl -q -w net.netfilter.nf_log.2=nf_log_ipv4