#!/bin/sh
# Script to control packet filtering.

#
# This must be run whenever permanent modifications to the 
# set of ipchains are desired
#  # ipchains-save > /etc/ipchains.rules
#

# If no rules, do nothing.
[ -f /etc/ipchains.rules ] || exit 0

case "$1" in
    start)
        echo -n "Turning on packet filtering:"
        /sbin/ipchains-restore < /etc/ipchains.rules || exit 1
        ## echo 1 > /proc/sys/net/ipv4/ip_forward
        echo " ok."
        ;;
    stop)
        echo -n "Turning off packet filtering:"
        ## echo 0 > /proc/sys/net/ipv4/ip_forward
        /sbin/ipchains -X
        /sbin/ipchains -F
        /sbin/ipchains -P input ACCEPT
        /sbin/ipchains -P output ACCEPT
        /sbin/ipchains -P forward ACCEPT
        echo " ok."
        ;;
    *)
        echo "Usage: packetfilter {start|stop}"
        exit 1
        ;;
esac

exit 0