fixes firewall for trunk, custom chains were never reched, as policies apply beforehand

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12978 3c298f89-4303-0410-b956-a3cf2f4a3e73

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 0f7e2ff0580e51f80ee71515f4a670f43327c60d..f46a533efd0e07ebb65aefe594b7057ec50f4886 100755 (executable)
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -157,6 +157,9 @@ fw_defaults() {
        config_get syn_rate $1 syn_rate
        config_get syn_burst $1 syn_burst
        [ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst
+       
+       echo "Adding custom chains"
+       fw_custom_chains
 
        $IPTABLES -N input
        $IPTABLES -N output
@@ -170,9 +173,6 @@ fw_defaults() {
        $IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset
        $IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable
 
-       echo "Adding custom chains"
-       fw_custom_chains
-
        fw_set_chain_policy INPUT "$DEF_INPUT"
        fw_set_chain_policy OUTPUT "$DEF_OUTPUT"
        fw_set_chain_policy FORWARD "$DEF_FORWARD"