#!/bin/sh
#		Written by Simon Richter <sjr@debian.org>
#		modified by Jonathan Wiltshire <jmw@debian.org>
#		with help from Christoph Anton Mitterer
#

### BEGIN INIT INFO
# Provides:          iptables-persistent
# Required-Start:    mountkernfs $local_fs
# Required-Stop:     $local_fs
# Default-Start:     S
# Default-Stop:      
# X-Start-Before:    $network
# X-Stop-After:      $network
# Short-Description: Set up iptables rules
### END INIT INFO

. /lib/lsb/init-functions

rc=0

load_rules()
{
	log_action_begin_msg "Loading iptables rules"

	#load IPv4 rules
	if [ -f /etc/iptables/rules.v4 ]; then
		log_action_cont_msg " IPv4"
		iptables-restore < /etc/iptables/rules.v4 2> /dev/null
		if [ $? -ne 0 ]; then
			rc=1
		fi
	fi

	#load IPv6 rules	
	if [ -f /etc/iptables/rules.v6 ]; then
		log_action_cont_msg " IPv6"
		ip6tables-restore < /etc/iptables/rules.v6 2> /dev/null
		if [ $? -ne 0 ]; then
			rc=1
		fi
	fi

	log_action_end_msg $rc
}

save_rules()
{
	log_action_begin_msg "Saving rules"

	#save IPv4 rules
	if [ -x /sbin/iptables-save ]; then
		log_action_cont_msg " IPv4"
		iptables-save > /etc/iptables/rules.v4
                if [ $? -ne 0 ]; then
                        rc=1
                fi
	fi

        #save IPv6 rules
        if [ -x /sbin/ip6tables-save ]; then
                log_action_cont_msg " IPv6"
                ip6tables-save > /etc/iptables/rules.v6
                if [ $? -ne 0 ]; then
                        rc=1
                fi
        fi

	log_action_end_msg $rc
}

case "$1" in
start|restart|reload|force-reload)
	load_rules
	;;
save)
	save_rules
	;;
stop)
	;;
*)
    echo "Usage: $0 {start|restart|reload|force-reload|save}" >&2
    exit 1
    ;;
esac

exit $rc
