From 80b0d35e2f1c17cf6aea7a7a440effc667fe1a75 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 28 Apr 2022 18:55:53 +0200
Subject: [PATCH] source legacy config after macros but before DROP policy

---
 CHANGELOG    | 1 +
 minifirewall | 8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 2500a1f..20c4908 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -15,6 +15,7 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
 
 * use long options in some places
 * output is normalized
+* source legacy config after macros but before DROP policy
 
 ### Deprecated
 
diff --git a/minifirewall b/minifirewall
index d6019d9..6f6ce42 100755
--- a/minifirewall
+++ b/minifirewall
@@ -842,6 +842,10 @@ start() {
         ${IPT6} -A INPUT -p icmpv6 -j ACCEPT
     fi
 
+    # source config file for remaining commands
+    if is_legacy_config; then
+        source_file_or_error "${config_file}"
+    fi
 
     # IPTables policy
     #################
@@ -878,10 +882,6 @@ start() {
         ${IPT6} -A OUTPUT -p udp -j DROP
     fi
 
-    if is_legacy_config; then
-        source_file_or_error "${config_file}"
-    fi
-
     # Finish
     ########################