[LEDE-DEV] firewall issue

[e9hack]

Hi,

my firewall configuration set the default forward policy to reject and wan forward to drop.

iptable -L -v

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target            prot opt in        out source   destination
 330K  276M forwarding_rule     all -- any       any anywhere anywhere         /* !fw3: user chain for forwarding */
 325K  276M ACCEPT              all -- any       any anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
 3035  200K zone_lan_forward    all -- br-lan    any anywhere anywhere         /* !fw3 */
  483 21304 zone_wan_forward    all -- pppoe-wan any anywhere anywhere         /* !fw3 */
  167 10623 zone_guest1_forward all -- br-guest1 any anywhere anywhere         /* !fw3 */
            ...
   34  2040 reject              all -- any       any anywhere anywhere         /* !fw3 */

Chain zone_wan_forward (1 references)
 pkts bytes target            prot opt in  out source   destination
  483 21304 forwarding_wan_rule all -- any any anywhere anywhere               /* !fw3: user chain for forwarding */
  483 21304 ACCEPT              all -- any any anywhere anywhere  ctstate DNAT /* !fw3: Accept port forwards */
    0     0 zone_wan_dest_DROP  all -- any any anywhere anywhere               /* !fw3 */

Chain zone_wan_dest_DROP (9 references)
 pkts bytes target            prot opt in  out       source   destination
    0     0 DROP                all -- any pppoe-wan anywhere anywhere     /* !fw3 */

I expect, that the last line in zone_wan_forward is a drop rule with 'out' set to 'any' and not 'out' set to
'pppoe-wan'. The same occurs for ipv6.

Regards,
Hartmut