From 381212c78d927221c8abe4052af10cac552ed48e Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 30 Apr 2007 00:38:51 +0000
Subject: [PATCH] Synflood chain handling

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6152 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-shell/compiler | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/Shorewall-shell/compiler b/Shorewall-shell/compiler
index f2b699a23..0e3ff37f8 100755
--- a/Shorewall-shell/compiler
+++ b/Shorewall-shell/compiler
@@ -765,11 +765,13 @@ setup_syn_flood_chain ()
 	    ;;
     esac
 
-    run_iptables -N $chain
-    run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN
-    [ -n "$3" ] && \
-	log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" ""
-    run_iptables -A $chain -j DROP
+    if ! havechain $chain ; then
+	run_iptables -N $chain
+	run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN
+	[ -n "$3" ] && \
+	    log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" ""
+	run_iptables -A $chain -j DROP
+    fi
 }
 
 setup_syn_flood_chains()