#! /bin/sh
#
# skeleton	example file to build /etc/init.d/ scripts.
#		This file should be used to construct scripts for /etc/init.d.
#
#		Written by Miquel van Smoorenburg <miquels@cistron.nl>.
#		Modified for Debian GNU/Linux
#		by Ian Murdock <imurdock@gnu.ai.mit.edu>.
#
# Version:	@(#)skeleton  1.8  03-Mar-1998  miquels@cistron.nl
#
# This file was automatically customized by dh-make on Mon,  4 Mar 2002 12:21:10 -0600

PATH=/sbin:/bin:/usr/sbin:/usr/bin
SCRIPT=/etc/default/lokkit
NAME=lokkit
DESC="basic firewall rules"

if [ ! -f $SCRIPT ]; then
    echo "You must use lokkit or gnome-lokkit to configure the firewall."
    exit 0
fi

set -e

add_chains () {
    /sbin/iptables -I INPUT -j RH-Lokkit-0-50-INPUT && /sbin/iptables -I FORWARD -j RH-Lokkit-0-50-INPUT
}

remove_chains () {
    /sbin/iptables -D INPUT -j RH-Lokkit-0-50-INPUT 2>/dev/null || true
    /sbin/iptables -D FORWARD -j RH-Lokkit-0-50-INPUT 2>/dev/null || true
    return 0
}

case "$1" in
  start)
	echo -n "Starting $DESC: "
        if /bin/sh $SCRIPT; then
            remove_chains
            if add_chains; then
                echo "$NAME."
            else
                echo "failed."
            fi
        else
            echo "failed."
        fi
	;;
  stop)
	echo -n "Stopping $DESC: "
        if /sbin/iptables -F RH-Lokkit-0-50-INPUT; then
            remove_chains
            /sbin/iptables -X RH-Lokkit-0-50-INPUT || true
            echo "$NAME."
        else
            echo "failed."
        fi
	;;
  #reload)
	#
	#	If the daemon can reload its config files on the fly
	#	for example by sending it SIGHUP, do it here.
	#
	#	If the daemon responds to changes in its config file
	#	directly anyway, make this a do-nothing entry.
	#
	# echo "Reloading $DESC configuration files."
	# start-stop-daemon --stop --signal 1 --quiet --pidfile \
	#	/var/run/$NAME.pid --exec $DAEMON
  #;;
  restart|force-reload)
	#
	#	If the "reload" option is implemented, move the "force-reload"
	#	option to the "reload" entry above. If not, "force-reload" is
	#	just the same as "restart".
	#
	echo -n "Restarting $DESC: "
        if /bin/sh $SCRIPT 2>/dev/null; then
            # Suppress the "chain exists" error; we don't want to remove the
            # rule completely during the upgrade.
            remove_chains
            if add_chains; then
                echo "$NAME."
            else
                echo "failed."
            fi
        else
            echo "failed."
        fi
	;;
  *)
	N=/etc/init.d/$NAME
	# echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
	echo "Usage: $N {start|stop|restart|force-reload}" >&2
	exit 1
	;;
esac

exit 0
