#!/bin/sh
#
# Script zum  starten eines IP Packetfilters
#
# Description:   Script zum  starten und stoppen eines IPTABLES Firewall
# Autor:	 Sven Neukirchner <sven@konabi.de>
# Date           15.07.2004
# Version:       1.0
# Lizenz:        GPL
#

### BEGIN INIT INFO
# Provides: 	  IP Packetfilter
# Required-Start: $network
# Dependencies:
# Required-Stop:
# Default-Start:  3 5
# Default-Stop:   0 1 2 4 6
# Description:    IP Packetfilter
### END INIT INFO


CONFIG=/etc/sysconfig/firewall

test -x $CONFIG || exit 1

# Connection-Tracking-Module
modprobe ip_conntrack
modprobe ip_conntrack_irc
modprobe ip_conntrack_ftp

INTERN="eth0"
EXTERN="ppp0"


case "$1" in
    start)
	echo -n "Starte iptable Firewall... "
	echo ""
        echo ""
	echo "    Loesche vorhandene Ketten..."
        iptables -F
        iptables -X
        $CONFIG

	echo
	;;

    stop)
	echo -n "Beende iptable Firewall...  "
        echo " "
	echo "    Leere Ketten..."
        iptables -F
        iptables -X
        echo "    Oeffne Firewall..."
	iptables -P INPUT   ACCEPT
	iptables -P OUTPUT  ACCEPT
	iptables -P FORWARD ACCEPT
        echo " "
	echo -n "!!ACHTUNG Firewall offen!!"
	;;

    panic)
        echo -n "Schliesse Firewall...  "
        echo " "
	echo "    Leere Ketten..."
        iptables -F
        iptables -X
	iptables -P INPUT   DROP
	iptables -P OUTPUT  DROP
	iptables -P FORWARD DROP
	;;

    show)

        iptables -L
	;;

    restart)

	echo "    Loesche vorhandene Ketten..."
        iptables -F
        iptables -X
        $CONFIG
	;;

    *)

	echo "Syntax: firewall {start|stop|restart|panic|show}"
	exit 1
esac

exit 0