Fix configuration execution order
External configuration must be applied before macros are executed. Otherwise, a specific rule in a configuration car be overwritten by IP/PORTS rules from macros.
This commit is contained in:
parent
0f682c346e
commit
b778613d4f
|
@ -298,6 +298,11 @@ start() {
|
|||
${IPT6} -A LOG_ACCEPT -j ACCEPT
|
||||
fi
|
||||
|
||||
# Source additional rules and commands
|
||||
# * from legacy configuration file (/etc/default/minifirewall)
|
||||
# * from configuration directory (/etc/minifirewall.d/*)
|
||||
source_includes
|
||||
|
||||
# Trusted ip addresses
|
||||
${IPT} -N ONLYTRUSTED
|
||||
${IPT} -A ONLYTRUSTED -j LOG_DROP
|
||||
|
@ -713,9 +718,6 @@ start() {
|
|||
source_file_or_error "${config_file}"
|
||||
fi
|
||||
|
||||
# Source files present in optional directory
|
||||
source_includes
|
||||
|
||||
trap - INT TERM EXIT
|
||||
|
||||
echo "...starting IPTables rules is now finish : OK"
|
||||
|
|
Loading…
Reference in New Issue