webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-17 06:23:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

rules.pl: Move flush of LOCATIONBLOCK into main flush() function.

Browse Source 
It is required to get rid of all ipset based rules before all of
the loaded ipset lists can be destroyed.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Stefan Schantl
2022-02-14 19:42:47 +01:00
committed by Peter Müller
parent 19e5c03f15
commit bbeb2a5067
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
config/firewall/rules.pl
View File

@@ -186,6 +186,9 @@ sub flush {
run("$IPTABLES -t nat -F $CHAIN_NAT_SOURCE");
run("$IPTABLES -t nat -F $CHAIN_NAT_DESTINATION");
run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX");
# Flush LOCATIONBLOCK chain.
run("$IPTABLES -F LOCATIONBLOCK");
}
sub buildrules {
@@ -638,8 +641,7 @@ sub p2pblock {
}
sub locationblock {
# Flush iptables chain.
run("$IPTABLES -F LOCATIONBLOCK");
# The LOCATIONBLOCK chain now gets flushed by the flush() function.
# If location blocking is not enabled, we are finished here.
if ($locationsettings{'LOCATIONBLOCK_ENABLED'} ne "on") {