2 # ipchains/iptables rules generator
5 # description: ipchains/iptables rules generator
7 # Source function library
8 . /etc/rc.d/init.d/functions
11 CONFIG=/etc/filter/simple.conf
12 GEN_CONFIG=/etc/filter/generated_rules
13 SUBSYS=/var/lock/subsys/filter
14 [ -f /etc/sysconfig/filter ] && . /etc/sysconfig/filter
17 if [ ! -e "$GEN_CONFIG" ]; then
19 elif [ "$GEN_CONFIG" -ot "$CONFIG" ]; then
21 elif [ "$SUBSYS" -ot "$GEN_CONFIG" ]; then
29 iptables=`which iptables 2> /dev/null`
30 ipchains=`which ipchains 2> /dev/null`
31 if [ -n "$iptables" ]; then
33 elif [ -n "$ipchains" ]; then
36 nls "ipchains/iptables not found. Cannot continue"
43 # See how we were called.
47 if [ $confstatus -ge 0 ]; then
48 if [ $confstatus -gt 0 ]; then
51 show "Setting filter rules"
54 [ $? -ne 0 ] && RETVAL=1
55 if [ $RETVAL -eq 0 ]; then
64 show "Flushing filter rules"
68 if [ $RETVAL = 0 ]; then
76 show "Generating %s" "$GEN_CONFIG"
79 filtergen "$CONFIG" `basename $filter` > "$GEN_CONFIG"
90 nls "%s not generated" "$GEN_CONFIG"
93 nls "%s outdated" "$GEN_CONFIG"
96 nls "%s not applied" "$GEN_CONFIG"
99 nls "filter rules applied"
102 [ "$confstatus" -ne 0 ] && RETVAL=3
105 msg_usage "$0 {start|stop|init|restart|force-reload|status}"