#!/sbin/runscript
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $

opts="save"

ipset_bin="/usr/sbin/ipset"

depend() {
    before iptables ip6tables
    use logger
}

checkconfig() {
    if [[ ! -f ${IPSET_SAVE} ]] ; then
        eerror "Not starting ${SVCNAME}. First create some rules then run:"
        eerror "/etc/init.d/${SVCNAME} save"
        return 1
    fi
    return 0
}

start() {
    checkconfig || return 1
    ebegin "Loading ipset session'"
    ${ipset_bin} restore < "${IPSET_SAVE}"
    eend $?
}

stop() {
    service_started iptables && {
        eerror "Can't stop while iptables is running"
        return 1
    }
    service_started ip6tables && {
        eerror "Can't stop while ip6tables is running"
        return 1
    }
    if [[ "${SAVE_ON_STOP}" = "yes" ]] ; then
        save || return 1
    fi
    ebegin "Removing kernel IP sets"
    ${ipset_bin} destroy
    eend $?
}

save() {
    ebegin "Saving ipset session"
    touch "${IPSET_SAVE}"
    chmod 0600 "${IPSET_SAVE}"
    ${ipset_bin} save > "${IPSET_SAVE}"
    eend $?
}