firewall: Fix initialization when RED has not been brought up yet

author Michael Tremer <michael.tremer@ipfire.org>

Thu, 21 Aug 2014 14:12:43 +0000 (16:12 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Thu, 21 Aug 2014 14:12:43 +0000 (16:12 +0200)
author Michael Tremer <michael.tremer@ipfire.org>
Thu, 21 Aug 2014 14:12:43 +0000 (16:12 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Thu, 21 Aug 2014 14:12:43 +0000 (16:12 +0200)
diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall

index 0d80e7cd6d9e4d5cc4c0e8d64b601a10345b9e42..c7f8b679d617b875a49f724f304b7dbe30336360 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -369,8 +369,10 @@ iptables_red_down() {
         # while the wan interface is down - this is required to
         # circumvent udp related NAT issues
         # http://forum.ipfire.org/index.php?topic=11127.0
-       iptables -F REDFORWARD
-       iptables -A REDFORWARD -o $IFACE -j DROP
+       if [ -n "${IFACE}" ]; then
+               iptables -F REDFORWARD
+               iptables -A REDFORWARD -o "${IFACE}" -j DROP
+       fi
  
         # Reload all rules.
         /usr/local/bin/firewallctrl
author	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 21 Aug 2014 14:12:43 +0000 (16:12 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 21 Aug 2014 14:12:43 +0000 (16:12 +0200)