Attachment #12474 for bug #21801

View | Details | Raw Unified | Return to bug 21801
Collapse All | Expand All




# later
# $Header: /home/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.2 2003/05/04 18:19:03 aliz Exp $

opts="start stop reload save"

depend() {
	need logger net

		fi

		for a in `cat /proc/net/ip_tables_names`; do
			/sbin/iptables -F -t $a
			/sbin/iptables -X -t $a

			if [ $a == nat ]; then
				/sbin/iptables -t nat -P PREROUTING ACCEPT
				/sbin/iptables -t nat -P POSTROUTING ACCEPT
				/sbin/iptables -t nat -P OUTPUT ACCEPT
			elif [ $a == mangle ]; then
				/sbin/iptables -t mangle -P PREROUTING ACCEPT
				/sbin/iptables -t mangle -P INPUT ACCEPT
				/sbin/iptables -t mangle -P FORWARD ACCEPT
				/sbin/iptables -t mangle -P OUTPUT ACCEPT
				/sbin/iptables -t mangle -P POSTROUTING ACCEPT
			elif [ $a == filter ]; then
				/sbin/iptables -t filter -P INPUT ACCEPT
				/sbin/iptables -t filter -P FORWARD ACCEPT
				/sbin/iptables -t filter -P OUTPUT ACCEPT
			fi
		done
	eend $?
}

reload() {
	ebegin "Flushing firewall"
		for a in `cat /proc/net/ip_tables_names`; do
			/sbin/iptables -F -t $a
			/sbin/iptables -X -t $a
		done;
        eend $?

	start
}

save() {
        ebegin "Saving iptables state"
        /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}

Return to bug 21801

Lines 4-10 Link Here

(-)iptables.init.orig (-14 / +25 lines)
4	# later	4	# later
5	# $Header: /home/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.2 2003/05/04 18:19:03 aliz Exp $	5	# $Header: /home/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.2 2003/05/04 18:19:03 aliz Exp $
6		6
7	opts="start stop save"	7	opts="start stop reload save"
8		8
9	depend() {	9	depend() {
10	need logger net	10	need logger net
Lines 41-68 Link Here
41	fi	41	fi
42		42
43	for a in `cat /proc/net/ip_tables_names`; do	43	for a in `cat /proc/net/ip_tables_names`; do
44	iptables -F -t $a	44	/sbin/iptables -F -t $a
45	iptables -X -t $a	45	/sbin/iptables -X -t $a
46		46
47	if [ $a == nat ]; then	47	if [ $a == nat ]; then
48	iptables -t nat -P PREROUTING ACCEPT	48	/sbin/iptables -t nat -P PREROUTING ACCEPT
49	iptables -t nat -P POSTROUTING ACCEPT	49	/sbin/iptables -t nat -P POSTROUTING ACCEPT
50	iptables -t nat -P OUTPUT ACCEPT	50	/sbin/iptables -t nat -P OUTPUT ACCEPT
51	elif [ $a == mangle ]; then	51	elif [ $a == mangle ]; then
52	iptables -t mangle -P PREROUTING ACCEPT	52	/sbin/iptables -t mangle -P PREROUTING ACCEPT
53	iptables -t mangle -P INPUT ACCEPT	53	/sbin/iptables -t mangle -P INPUT ACCEPT
54	iptables -t mangle -P FORWARD ACCEPT	54	/sbin/iptables -t mangle -P FORWARD ACCEPT
55	iptables -t mangle -P OUTPUT ACCEPT	55	/sbin/iptables -t mangle -P OUTPUT ACCEPT
56	iptables -t mangle -P POSTROUTING ACCEPT	56	/sbin/iptables -t mangle -P POSTROUTING ACCEPT
57	elif [ $a == filter ]; then	57	elif [ $a == filter ]; then
58	iptables -t filter -P INPUT ACCEPT	58	/sbin/iptables -t filter -P INPUT ACCEPT
59	iptables -t filter -P FORWARD ACCEPT	59	/sbin/iptables -t filter -P FORWARD ACCEPT
60	iptables -t filter -P OUTPUT ACCEPT	60	/sbin/iptables -t filter -P OUTPUT ACCEPT
61	fi	61	fi
62	done	62	done
63	eend $?	63	eend $?
64	}	64	}
65		65
		66	reload() {
		67	ebegin "Flushing firewall"
		68	for a in `cat /proc/net/ip_tables_names`; do
		69	/sbin/iptables -F -t $a
		70	/sbin/iptables -X -t $a
		71	done;
		72	eend $?
		73
		74	start
		75	}
		76
66	save() {	77	save() {
67	ebegin "Saving iptables state"	78	ebegin "Saving iptables state"
68	/sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}	79	/sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}