From 8f3c4343b54617f76f517be8b529566cccd99590 Mon Sep 17 00:00:00 2001
From: Zoltan Kelemen <misterzed88@gmail.com>
Date: Mon, 2 Sep 2019 13:01:22 +0200
Subject: [PATCH] Fix minor problem with wrong chain being checked resulting in
 multiple iptables entries created when script runs multiple times.

---
 user/security-in-qubes/firewall.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/user/security-in-qubes/firewall.md b/user/security-in-qubes/firewall.md
index eb1b330c..dbd280b0 100644
--- a/user/security-in-qubes/firewall.md
+++ b/user/security-in-qubes/firewall.md
@@ -369,8 +369,8 @@ if iptables -N MY-HTTPS; then
 
 fi
 
-# If no forward rule exist for my service
-if ! iptables -n -L FORWARD | grep --quiet MY-HTTPS; then
+# If no input rule exists for my service
+if ! iptables -n -L INPUT | grep --quiet MY-HTTPS; then
 
 # add a forward rule for the traffic (same reason)
   iptables -I INPUT 5 -d 10.137.2.x -p tcp --dport 443 -m conntrack --ctstate NEW -j MY-HTTPS