#!/bin/sh /etc/rc.common

START='25'
STOP='75'

start()
{
	[ -r /etc/iptables ] || return 0

	log 'Loading iptables rules'

	/bin/sh /etc/iptables
}

stop()
{
	local table=
	local chains=
	local chain=

	[ -r /etc/iptables ] || return 0

	log 'Flushing iptables rules'

	# For each table (raw, nat, mangle, filter, etc.):
	for table in $(cat /proc/net/ip_tables_names); do
		# Flush all the rules in all the chains and delete all the
		# user-defined chains.
		/usr/sbin/iptables -t "${table}" -F
		/usr/sbin/iptables -t "${table}" -X
		chains="$(/usr/sbin/iptables -t "${table}" -L -n | \
			sed -n 's/^Chain \([^ ]*\).*$/\1/p')"
		for chain in ${chains}; do
			# Set the chain's policy to the "ACCEPT" target.
			iptables -t "${table}" -P "${chain}" ACCEPT
		done
	done
}