From 5d2407391cbfc274aa819a9a62a688250ecaf627 Mon Sep 17 00:00:00 2001
From: Stig Thormodsrud <stig@vyatta.com>
Date: Mon, 13 Apr 2009 13:56:18 -0700
Subject: Fix bug where an empty firewall rule deletes the default drop policy.

---
 scripts/firewall/vyatta-firewall.pl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/firewall/vyatta-firewall.pl b/scripts/firewall/vyatta-firewall.pl
index ed29bc3..ae9129b 100755
--- a/scripts/firewall/vyatta-firewall.pl
+++ b/scripts/firewall/vyatta-firewall.pl
@@ -350,6 +350,7 @@ sub update_rules {
       # note that this clears the counters on the default DROP rule.
       # we could delete rule one by one if those are important.
       run_cmd("$iptables_cmd -t $table -F $name", 1, 1);
+      set_default_policy($table, $name, $iptables_cmd, $policy);
       next;
     }
 
-- 
cgit v1.2.3