#! /bin/sh
# Script to control packet filtering.

# If no rules, do nothing.
[ -f /etc/iptables.rules ] || exit 0

modprobe -q ip_conntrack
modprobe -q ip_nat_ftp
modprobe -q ip_conntrack_ftp
modprobe -q iptable_nat
modprobe -q ip_conntrack_pptp
modprobe -q ip_nat_pptp 

case "$1" in
	start)
		echo -n "Turning on packet filtering:"
		/sbin/iptables-restore < /etc/iptables.rules || exit 1
		echo 1 > /proc/sys/net/ipv4/ip_forward
		echo "."
		;;
	stop)
		echo -n "Turning off packet filtering:"
		echo 0 > /proc/sys/net/ipv4/ip_forward
		/sbin/iptables -X
		/sbin/iptables -F
		/sbin/iptables -t raw -F
		/sbin/iptables -t mangle -F
		/sbin/iptables -t nat -F
		/sbin/iptables -P INPUT ACCEPT
		/sbin/iptables -P OUTPUT ACCEPT
		/sbin/iptables -P FORWARD ACCEPT
		echo "."
		;;
	*)
		echo "Usage: /etc/init.d/packetfilter {start|stop}"
		exit 1
		;;
esac

exit 0
