621646
#!/bin/bash
621646
# config: /etc/sysconfig/arptables
621646
621646
# Source 'em up
621646
. /etc/init.d/functions
621646
621646
ARPTABLES_CONFIG=/etc/sysconfig/arptables
621646
621646
flush_delete_chains() {
621646
	echo -n $"Flushing all chains: "
621646
	if arptables -F; then
621646
		success
621646
	else
621646
		failure
621646
	fi
621646
	echo
621646
621646
	echo -n $"Removing user defined chains: "
621646
	if arptables -X; then
621646
		success
621646
	else
621646
		failure
621646
	fi
621646
	echo
621646
}
621646
621646
start() {
621646
	if [ ! -x /usr/sbin/arptables ]; then
621646
		exit 4
621646
	fi
621646
621646
	# don't do squat if we don't have the config file
621646
	if [ -f $ARPTABLES_CONFIG ]; then
621646
		# If we don't clear these first, we might be adding to
621646
		# pre-existing rules.
621646
                flush_delete_chains
621646
621646
		arptables -Z
621646
621646
		echo -n $"Applying arptables firewall rules: "
621646
		/usr/sbin/arptables-restore < $ARPTABLES_CONFIG && \
621646
			success || \
621646
			failure
621646
		echo
621646
		touch /var/lock/subsys/arptables
621646
	else
621646
		failure
621646
		echo
621646
		echo $"Configuration file /etc/sysconfig/arptables missing"
621646
		exit 6
621646
	fi
621646
}
621646
621646
stop() {
621646
        flush_delete_chains
621646
	echo -n $"Resetting built-in chains to the default ACCEPT policy:"
621646
	arptables -P INPUT ACCEPT && \
621646
		arptables -P OUTPUT ACCEPT && \
621646
		success || \
621646
		failure
621646
	echo
621646
	rm -f /var/lock/subsys/arptables
621646
}
621646
621646
case "$1" in
621646
start)
621646
	start
621646
	;;
621646
621646
stop)
621646
	stop
621646
	;;
621646
621646
restart|reload)
621646
	# "restart" is really just "start" as this isn't a daemon,
621646
	# and "start" clears any pre-defined rules anyway.
621646
	# This is really only here to make those who expect it happy
621646
	start
621646
	;;
621646
621646
condrestart|try-restart|force-reload)
621646
	[ -e /var/lock/subsys/arptables ] && start
621646
	;;
621646
621646
*)
621646
	exit 2
621646
esac
621646
621646
exit 0