Woops, brocken patch - I'll send a fixed one.

Sorry for the noise.

-Stefan
> Skip creating forward rules if the input and the output device are
> the
> same.
> 
> Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
> ---
>  src/initscripts/system/suricata | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/initscripts/system/suricata
> b/src/initscripts/system/suricata
> index 5ede405ce..a40e02c83 100644
> --- a/src/initscripts/system/suricata
> +++ b/src/initscripts/system/suricata
> @@ -171,6 +171,11 @@ function generate_fw_rules {
>  
>                         # Create rules which are required to handle
> forwarded traffic.
>                         for enabled_ips_zone_forward in
> "${enabled_ips_zones[@]}"; do
> +                               # Skip loop iteration if both zones
> are the same.
> +                               if [ "$enabled_ips_zone" -eq
> "$enabled_ips_zone_forward" ]; then
> +                                       continue
> +                               fi
> +                               
>                                 # Check if the whetelist file is not
> empty.
>                                 if [ -s "$WHITELIST_FILE" ]; then
>                                         # Create rules to handle
> whitelisted hosts.