From 5895f5a99b52be20f18db12fef3023c2603e867e Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Mon, 21 Mar 2022 14:35:20 +0100
Subject: [PATCH] minifirewall: upstream release 22.03.3

---
 CHANGELOG.md                    |  2 +-
 minifirewall/files/minifirewall | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 43ddbf67..3c377089 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,7 +18,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * evolinux-base: backup-server-state release 22.03.3
 * evolinux-base: Add non-free repos & install non-free firmware on dedicated hardware
 * generate-ldif: Add services check for bkctld
-* minifirewall: upstream release 22.03.2 and use includes directory
+* minifirewall: upstream release 22.03.3 and use includes directory
 
 ### Fixed
 
diff --git a/minifirewall/files/minifirewall b/minifirewall/files/minifirewall
index 0367968a..9e8ff67f 100755
--- a/minifirewall/files/minifirewall
+++ b/minifirewall/files/minifirewall
@@ -28,7 +28,7 @@
 # Description:       Firewall designed for standalone server
 ### END INIT INFO
 
-VERSION="22.03.2"
+VERSION="22.03.3"
 
 NAME="minifirewall"
 # shellcheck disable=SC2034
@@ -298,6 +298,11 @@ start() {
         ${IPT6} -A LOG_ACCEPT -j ACCEPT
     fi
 
+    # Source additional rules and commands
+    # * from legacy configuration file (/etc/default/minifirewall)
+    # * from configuration directory (/etc/minifirewall.d/*)
+    source_includes
+
     # Trusted ip addresses
     ${IPT} -N ONLYTRUSTED
     ${IPT} -A ONLYTRUSTED -j LOG_DROP
@@ -713,9 +718,6 @@ start() {
         source_file_or_error "${config_file}"
     fi
 
-    # Source files present in optional directory
-    source_includes
-
     trap - INT TERM EXIT
 
     echo "...starting IPTables rules is now finish : OK"