diff options
| author | Daniel sea McChlery <sea@members.fsf.org> | 2014-10-16 22:54:59 (EDT) |
|---|---|---|
| committer | Daniel sea McChlery <sea@members.fsf.org> | 2014-10-16 22:54:59 (EDT) |
| commit | 6928c623230d870fa54f63ac5c5128dbdd0b8e00 (patch) | |
| tree | 05a18bb9391ef17f129efe6d0893e6ee7aa83ef8 /iptables.pkg/iptables.init | |
| parent | 1497ded7c7184534907c6e327247b6bd13d9f7da (diff) | |
Applied pehjota's patch for the iptables init script.
Diffstat (limited to 'iptables.pkg/iptables.init')
| -rw-r--r-- | iptables.pkg/iptables.init | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/iptables.pkg/iptables.init b/iptables.pkg/iptables.init new file mode 100644 index 0000000..31a9311 --- /dev/null +++ b/iptables.pkg/iptables.init @@ -0,0 +1,38 @@ +#!/bin/sh /etc/rc.common + +START='25' +STOP='75' + +start() +{ + [ -r /etc/iptables ] || return 0 + + log 'Loading iptables rules' + + /bin/sh /etc/iptables +} + +stop() +{ + local table= + local chains= + local chain= + + [ -r /etc/iptables ] || return 0 + + log 'Flushing iptables rules' + + # For each table (raw, nat, mangle, filter, etc.): + for table in $(cat /proc/net/ip_tables_names); do + # Flush all the rules in all the chains and delete all the + # user-defined chains. + /usr/sbin/iptables -t "${table}" -F + /usr/sbin/iptables -t "${table}" -X + chains="$(/usr/sbin/iptables -t "${table}" -L -n | \ + sed -n 's/^Chain \([^ ]*\).*$/\1/p')" + for chain in ${chains}; do + # Set the chain's policy to the "ACCEPT" target. + iptables -t "${table}" -P "${chain}" ACCEPT + done + done +} |