#!/bin/bash
#  Firewall Script by Bernhard Tittelbach
#
### BEGIN INIT INFO
# Provides:          firewall
# Required-Start:    $syslog $local_fs $network
# Required-Stop:     $syslog $local_fs $network
# Should-Start:      
# Should-Stop:       
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Firewall
# Description:       see above
### END INIT INFO

PATH=/bin:/sbin:/bin:/usr/sbin:/usr/bin

. /lib/lsb/init-functions

IPTABLES=iptables
IP6TABLES=ip6tables
OUTPUT=$(mktemp)
RC=0

FIREWALL_CONFIG=/flash/etc/firewall.conf

runrule()
{
  rule="$1"
  IPT=$IPTABLES
  if [ $(($2)) -eq 6 ]; then
    IPT=$IP6TABLES 
    ipv=6
  else
    ipv=4
  fi
  $IPT $rule &> $OUTPUT
  rc=$?
  if [ $rc -ne 0 ] ; then
    RC=$rc
    logger -s -i -p daemon.err "Error running ipv${ipv} rule: $rule, error was $(cat $OUTPUT)"
  fi
}

ip4()
{
  runrule "$*" 4
}

ip6()
{
  runrule "$*" 6
}

finish()
{
  rm -f $OUTPUT
}

. $FIREWALL_CONFIG


case "$1" in
  start)	log_daemon_msg "Starting " "firewall"
        start_firewall
        finish
        log_end_msg $RC
	;;
  stop)	log_daemon_msg "Stopping " "firewall"
        stop_firewall
        finish
        log_end_msg $RC
        ;;
  restart)	log_daemon_msg "Restarting " "firewall"
        stop_firewall
        start_firewall
        finish
        log_end_msg $RC
        ;;
*)	log_action_msg "Usage: /etc/init.d/cron {start|stop|restart}"
        exit 2
        ;;
esac
exit 0