diff options
Diffstat (limited to 'iptables.pkg/iptables.init')
| -rw-r--r-- | iptables.pkg/iptables.init | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/iptables.pkg/iptables.init b/iptables.pkg/iptables.init new file mode 100644 index 0000000..31a9311 --- /dev/null +++ b/iptables.pkg/iptables.init @@ -0,0 +1,38 @@ +#!/bin/sh /etc/rc.common + +START='25' +STOP='75' + +start() +{ + [ -r /etc/iptables ] || return 0 + + log 'Loading iptables rules' + + /bin/sh /etc/iptables +} + +stop() +{ + local table= + local chains= + local chain= + + [ -r /etc/iptables ] || return 0 + + log 'Flushing iptables rules' + + # For each table (raw, nat, mangle, filter, etc.): + for table in $(cat /proc/net/ip_tables_names); do + # Flush all the rules in all the chains and delete all the + # user-defined chains. + /usr/sbin/iptables -t "${table}" -F + /usr/sbin/iptables -t "${table}" -X + chains="$(/usr/sbin/iptables -t "${table}" -L -n | \ + sed -n 's/^Chain \([^ ]*\).*$/\1/p')" + for chain in ${chains}; do + # Set the chain's policy to the "ACCEPT" target. + iptables -t "${table}" -P "${chain}" ACCEPT + done + done +} |