X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=blobdiff_plain;f=package%2Ffirewall%2Ffiles%2Fuci_firewall.sh;h=f6e82bcb69fea3ac8992daa508e7eb6cb0492eaf;hp=99663c67717d2402c52a13cec601d9a23b07a39a;hb=76da0f2b1440a2619557c3f9e7a7cd0a70e5032c;hpb=a51bcef6de8c04a10bbc1a3f23ae34b5e1465a59

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 99663c6771..f6e82bcb69 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -261,6 +261,19 @@ fw_addif() {
 	(ACTION="ifup" INTERFACE="$1" . /etc/hotplug.d/iface/20-firewall)
 }
 
+fw_custom_chains() {
+	$IPTABLES -N input_rule
+	$IPTABLES -N output_rule
+	$IPTABLES -N forward_rule
+	$IPTABLES -N prerouting_rule -t nat
+	$IPTABLES -N postrouting_rule -t nat
+	$IPTABLES -A INPUT -j input_rule
+	$IPTABLES -A OUTPUT -j output_rule
+	$IPTABLES -A FORWARD -j forward_rule
+	$IPTABLES -A PREROUTING -t nat -j prerouting_rule
+	$IPTABLES -A POSTROUTING -t nat -j postrouting_rule
+}
+
 fw_init() {
 	echo "Loading defaults"
 	config_foreach fw_defaults defaults
@@ -274,7 +287,9 @@ fw_init() {
 	config_foreach fw_redirect redirect
 	echo "Loading includes"
 	config_foreach fw_include include
-	
+	echo "Adding custom chains"
+	fw_custom_chains
+
 	uci_set_state firewall core "" firewall_state 
 	uci_set_state firewall core loaded 1
 	unset CONFIG_APPEND