#!/usr/bin/bash

if [ "$1" == "start" ]; then
	if [ -e /etc/sysconfig/iptables ]; then
		source /etc/sysconfig/iptables
		if (( $forward == 1 )) ; then
			echo 1 > /proc/sys/net/ipv4/ip_forward
		fi
	fi

	if [ -e /etc/sysconfig/firewall.save ]; then
		/usr/bin/iptables-restore < /etc/sysconfig/firewall.save
	else
		if [ -e /etc/sysconfig/firewall ]; then
			/usr/bin/iptables-restore < /etc/sysconfig/firewall
		fi
		## FIXME: handle nothing case too
	fi

elif [ "$1" == "stop" ]; then
	echo 0 > /proc/sys/net/ipv4/ip_forward
	/usr/bin/iptables-save > /etc/sysconfig/firewall.save
	iptables -F && \
		iptables -P INPUT ACCEPT && \
		iptables -P FORWARD ACCEPT && \
		iptables -P OUTPUT ACCEPT
fi