#!/sbin/runscript
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

depend() {
need net
	use logger apache2 proftpd postfix named courier-authlib courier-imapd courier-imapd-ssl courier-pop3d courier-pop3d-ssl
	after sshd
}

setipacct() {

	if ! [[ -d /var/log/vhcs2 ]]; then
		mkdir -p /var/log/vhcs2
	fi

	${RMMOD} ipchains 1>/var/log/vhcs2/vhcs2_network.log 2>/var/log/vhcs2/vhcs2_network.err.log

	# all traffic
	/sbin/iptables -I INPUT
	/sbin/iptables -I OUTPUT

	# web traffic
	/sbin/iptables -I INPUT -p tcp --dport 80
	/sbin/iptables -I OUTPUT -p tcp --sport 80

	# pop3 traffic
	/sbin/iptables -I INPUT -p tcp --dport 110
	/sbin/iptables -I OUTPUT -p tcp --sport 110

	# imap traffic
	/sbin/iptables -I INPUT -p tcp --dport 143
	/sbin/iptables -I OUTPUT -p tcp --sport 143

	# mail traffic
	/sbin/iptables -I INPUT  -p tcp --dport 25
	/sbin/iptables -I OUTPUT -p tcp --sport 25

}

start() {
	ebegin "Starting VHCS2"
		start-stop-daemon --start --quiet --exec ${DAEMON}  -- -p ${PID}
		if [[ ${USE_VHCS_IPTABLES} == "yes" ]]; then
			setipacct
		fi
	eend $?
}

stop() {
	ebegin "Stopping VHCS2"
		start-stop-daemon --stop --quiet --pidfile ${PID} --exec ${DAEMON}
	eend $?
}