From 24e1ba98e43d44ad7ba5780afd0b98e19ee14570 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Sun, 10 Mar 2013 20:36:33 +0100
Subject: [PATCH] Only run includes and set sysctls if either v4 or v6 firewall
 was actually started

---
 main.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/main.c b/main.c
index 09baca9..3654c15 100644
--- a/main.c
+++ b/main.c
@@ -255,8 +255,6 @@ start(struct fw3_state *state, bool reload)
 
 	if (!print_rules && !reload)
 	{
-		fw3_set_defaults(state);
-
 		if (fw3_command_pipe(false, "ipset", "-exist", "-"))
 		{
 			fw3_create_ipsets(state);
@@ -311,11 +309,16 @@ start(struct fw3_state *state, bool reload)
 		rv = 0;
 	}
 
-	if (!reload && !print_rules)
-		fw3_run_includes(state);
+	if (!rv)
+	{
+		fw3_set_defaults(state);
+
+		if (!reload && !print_rules)
+			fw3_run_includes(state);
 
-	if (!rv && !print_rules)
-		fw3_write_statefile(state);
+		if (!print_rules)
+			fw3_write_statefile(state);
+	}
 
 	return rv;
 }
-- 
2.11.0