From cce2bee84e5f52f20f68bbd28013dfcf9873631d Mon Sep 17 00:00:00 2001
From: Adamm <28355318+Adamm00@users.noreply.github.com>
Date: Tue, 5 Nov 2024 22:59:41 +1000
Subject: [PATCH] Update firewall.sh

FIx drop log spam after network is restored
---
 firewall.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/firewall.sh b/firewall.sh
index 1fb12db..1a516b9 100644
--- a/firewall.sh
+++ b/firewall.sh
@@ -10,7 +10,7 @@
 #                                                                                                           #
 #                                 Router Firewall And Security Enhancements                                 #
 #                             By Adamm -  https://github.com/Adamm00/IPSet_ASUS                             #
-#                                            27/07/2024 - v7.6.3                                            #
+#                                            05/11/2024 - v7.6.4                                            #
 #############################################################################################################
 
 
@@ -563,6 +563,9 @@ Check_IPTables() {
 		if [ "$(nvram get fw_log_x)" = "drop" ] || [ "$(nvram get fw_log_x)" = "both" ] && [ "$loginvalid" = "enabled" ]; then
 			iptables -C logdrop -m state --state NEW -j LOG --log-prefix "[BLOCKED - INVALID] " --log-tcp-sequence --log-tcp-options --log-ip-options 2>/dev/null || fail="${fail}#24 "
 		fi
+		if [ "$(nvram get fw_log_x)" = "drop" ] || [ "$(nvram get fw_log_x)" = "both" ]; then
+			iptables -C logdrop -m state --state NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options 2>/dev/null || fail="${fail}#25 "
+		fi
 	fi
 	if [ -n "$fail" ]; then return 1; fi
 }