vm/qvm-firewall: force firewall reload on service start (#478)

This makes firewall reload triggered by qubes-netwatcher working again.

network/qubes_firewall

@@ -12,13 +12,20 @@ echo $$ >$PIDFILE
 
 trap 'exit 0' SIGTERM
 
+FIRST_TIME=yes
+
 while true; do
 
 	echo "1" > /proc/sys/net/ipv4/ip_forward
 
-	# Wait for changes in xenstore file
+	if [ "$FIRST_TIME" ]; then
-	/usr/bin/xenstore-watch-qubes $XENSTORE_IPTABLES
+		FIRST_TIME=
-	TRIGGER=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES)
+		TRIGGER=reload
+	else
+		# Wait for changes in xenstore file
+		/usr/bin/xenstore-watch-qubes $XENSTORE_IPTABLES
+		TRIGGER=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES)
+	fi
 
 	if ! [ "$TRIGGER" = "reload" ]; then continue ; fi