From f96ecd026d6c8fdb48d1eaec71838193559850a0 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Tue, 2 Mar 2010 11:02:24 +0000
Subject: [PATCH] firewall: insert rules at the beginning of chains again while
 maintaining non reversed order, fixes wrong ordering introduced by r18015

SVN-Revision: 19946
---
 package/firewall/files/uci_firewall.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 4921b91bae..8d7538201b 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -294,8 +294,11 @@ fw_rule() {
 	[ -n "$src" -a -z "$dest" ] && ZONE=zone_$src
 	[ -n "$src" -a -n "$dest" ] && ZONE=zone_${src}_forward
 	[ -n "$dest" ] && TARGET=zone_${dest}_$target
+
+	eval 'RULE_COUNT=$((++RULE_COUNT_'$ZONE'))'
+
 	add_rule() {
-		$IPTABLES -A $ZONE \
+		$IPTABLES -I $ZONE $RULE_COUNT \
 			${proto:+-p $proto} \
 			${icmp_type:+--icmp-type $icmp_type} \
 			${src_ip:+-s $src_ip} \
-- 
GitLab