#!/bin/sh
########################################################################
# Begin ip6tables
#
# chkconfig:	2345 08 92
# Description : Start ip6tables
#
# Authors     : Ken Moffat - ken@linuxfromscratch.org
#               Bruce Dubbs - bdubbs@linuxfromscratch.org
#
# Version     : LFS 7.0
#
########################################################################

### BEGIN INIT INFO
# Provides:          $ip6tables
# Required-Start:    network
# Should-Start:
# Required-Stop:     
# Should-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Loads ip6tables rules.
# Description:       Ip6tables provides IPV6 firewall for Linux systems.
# X-LFS-Provided-By: BLFS / LFS 7.0
### END INIT INFO

. /lib/lsb/init-functions

#shell script name
IP6TABLES=ip6tables
IP6TABLES_DATA=/etc/sysconfig/$IP6TABLES

. $IP6TABLES_DATA-config

tbl_start ()


{
if [ ! -f "$IP6TABLES_DATA" ]; then
  log_warning_msg "${IP6TABLES}: No config file \"$IP6TABLES_DATA\""
  exit 5
else 
  log_info_msg "Setting system IPV6 iptables up,..."
  for iptmod in $IP6TABLES_MODULES
    do
    modprobe $iptmod	    
    done
  $IP6TABLES-restore $OPT $IP6TABLES_DATA;
  evaluate_retval
fi
}

tbl_stop ()

{
log_info_msg "Clearing system IPV6 ip6tables..."
$IP6TABLES --policy INPUT   ACCEPT
$IP6TABLES --policy OUTPUT  ACCEPT
$IP6TABLES --policy FORWARD ACCEPT
$IP6TABLES 		--flush
$IP6TABLES -t nat	--flush
$IP6TABLES -t mangle	--flush
$IP6TABLES		--delete-chain
$IP6TABLES -t nat	--delete-chain
$IP6TABLES -t mangle	--delete-chain
evaluate_retval
}

# only usable for root
if [ $EUID != 0 ]; then
  log_info_msg "${IP6TABLES}: Only usable by root.";
  evaluate_retval
  exit 4
  fi

if [ ! -x /usr/sbin/$IP6TABLES ]; then
  log_info_msg "${IP6TABLES}: /usr/sbin/$IP6TABLES does not exist.";
  evaluate_retval
  exit 5
  fi

case "$1" in
    start)
      tbl_start;
      ;;

    stop)
      tbl_stop;
      ;;

    restart)
      tbl_stop;
      tbl_start;
      ;;

    status)
	log_info_msg2 "$IP6TABLES status..."
        $IP6TABLES	--numeric --list
        $IP6TABLES	-t nat    --numeric --list
        $IP6TABLES	-t mangle --numeric --list
        ;;

    *)
        echo "Usage: $0 {start|clear|lock|status}"
        exit 1
        ;;
esac

# End /etc/init.d/ip6tables

