From b5c7f91e5a24b334162bf4798e0a130044fcdcf9 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 13 Feb 2003 14:59:34 +0000
Subject: [PATCH] Run user init script before stripping files; improve comment
 in hosts file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@445 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall | 6 +++---
 Shorewall/hosts    | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index d7cf77801..5104bda3f 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -3343,12 +3343,14 @@ initialize_netfilter () {
     determine_interfaces
     determine_hosts
     
+    run_user_exit init
+
     #
     # The some files might be large so strip them while the firewall is still running
     # (restart command). This reduces the length of time that the firewall isn't
     # accepting new connections.
     #
-
+ 
     strip_file rules
     strip_file proxyarp
     strip_file maclist
@@ -3366,8 +3368,6 @@ initialize_netfilter () {
 
     [ -n "$CLEAR_TC" ] && delete_tc
 
-    run_user_exit init
-
     echo "Deleting user chains..."
 
     setpolicy INPUT DROP
diff --git a/Shorewall/hosts b/Shorewall/hosts
index bd9a73b9d..1b8b2f00c 100644
--- a/Shorewall/hosts
+++ b/Shorewall/hosts
@@ -19,8 +19,8 @@
 #		  either:
 #
 #			a) The IP address of a host
-#			b) A subnetwork in the form
-#			   <subnet-address>/<mask width>
+#			b) A subnetwork in CIDR format
+#			   (<subnet-address>/<mask width>)
 #		  
 #		  The interface must be defined in the
 #		  /etc/shorewall/interfaces file.