On ver 164 TEST and 165 TEST, there are 3 Firewall options.
‘Log dropped packets classified as INVALID by connection tracking’
‘Log dropped spoofed packets and marsians’
and
‘Drop packets from and to hostile networks (listed at Spamhaus DROP, etc.)’
which end up having no default values (no ON or OFF) after doing a backup restore from 159 or 161.
I’ve seen that before! Though I don’t remember why…
Since these options never existed in 159 or 161 it makes some sense. But it would be better to have a something set vs. nothing set.
Try setting them all to off and then hit Save. Then decide if you want to enable them!
Yes, I had aleady done that and yes they got saved and return back with my set values after a reboot.
I was just bringing this up as I was taking test ver 165 for a run looking for glitches, and anyone doing a restore after an upgrade would probably forget to check these undefined configs. It could lead to some break elsewhere with some head scratching 
One thing I noticed was that after I enabled ON those 3 options, saved and did a reboot, a strange message appeared on the console screen right after
‘Setting hostname to …’ , and
‘Setting up Firewall’.
/etc/rc.d/rcsysinit.d/S85firewall: line 177: /var/lib/location/ipset/CC_XD.ipset4: No such file or directory
iptables v1.8.7 (legacy): Set CC_XD doesn’t exist.
Try ‘iptables -h’ or ‘iptables --help’ for more information
iptables v1.8.7 (legacy): Set CC_XD doesn’t exist.
Try ‘iptables -h’ or ‘iptables --help’ for more information
iptables v1.8.7 (legacy): Set CC_XD doesn’t exist.
Try ‘iptables -h’ or ‘iptables --help’ for more information
iptables v1.8.7 (legacy): Set CC_XD doesn’t exist.
Try ‘iptables -h’ or ‘iptables --help’ for more information
INIT: Entering runlevel 3
If I set those 3 options to OFF, saved and reboot, the said ‘Set CC_XD doesn’t exist’ messages no longer appear.
I think I’ll raise a bug for it just in case.
Bug #12791 submitted