From ed31c098f5306caf1bf0abefaf7814ccb6636362 Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Mon, 15 Apr 2013 09:50:39 +0200
Subject: [PATCH] Forward Firewall: added drop rules to firewall's stop script
 so that collectd is working

---
 src/initscripts/init.d/firewall | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 57bdef901..24dee132a 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -316,6 +316,13 @@ case "$1" in
 		/sbin/iptables -A FORWARD -m limit --limit 10/minute -j LOG --log-prefix "DROP_FORWARD "
 	fi
 	/sbin/iptables -A FORWARD -j DROP -m comment --comment "DROP_FORWARD"
+	
+	#Only for firewall Hits statistik
+	/sbin/iptables -A POLICYFWD -j DROP  -m comment --comment "DROP_FORWARD"
+	/sbin/iptables -A POLICYOUT -j DROP  -m comment --comment "DROP_OUTPUT"
+	
+	
+	
 	;;
   stopovpn)
 	# stop openvpn
-- 
2.39.2