#!/bin/sh

# Copyright (C) 2000-2004 NEC Corporation
# All Rights Reserved.

# RCS: $Id: wbmcipchains,v 1.1 2006/12/22 05:28:48 shodai Exp $

##000412 1.2  ipchains.conf¸߳ǧκȥեɤѹ
##000415 1.3  reflectץɲä
##000426 1.4  ;;α̤
##001116 v5.1 ipchains,ip_forwardб(wbmc03-046) haramoto
##040919 v6.0.1 iptables ѹ oyama

# Startup script for IP firewall (ipchains)
#
# chkconfig: 2345 09 91
# description: Activates/Deactivates IP firewall.
#

IPCHCONF="/opt/nec/wbmc/bin/ipchconf"

CONFROOT="/etc/opt/nec/wbmc"
CURCONFFILE="$CONFROOT/ipchains_cur.conf"
DEFCONFFILE="$CONFROOT/ipchains_def.conf"

reflect_ipchconf()
{
	/sbin/modprobe ip_tables

	# ե(ipchains_cur.conf)˽äԤ
	#   ΥޥɤϺǽipchainsΥ롼򤹤٤ƥꥢƤ
	if [ -x $IPCHCONF ]; then
		$IPCHCONF
	fi

	# ͥ˥⥸塼ɤ(Ǥ˥ɤƤƤʤ)
	/sbin/modprobe ip_conntrack
	/sbin/modprobe ip_conntrack_ftp
	/sbin/modprobe ip_conntrack_irc
#	/sbin/modprobe ip_masq_ftp
#	/sbin/modprobe ip_masq_irc
#	/sbin/modprobe ip_masq_quake
#	/sbin/modprobe ip_masq_vdolive
#	/sbin/modprobe ip_masq_cuseeme
#	/sbin/modprobe ip_masq_raudio

	# ()եɤipchconfǹԤ

	# ưǤ뤳Ȥξ
	touch /var/lock/subsys/wbmcipchains
}

case "$1" in
  start)
	if [ -f $DEFCONFFILE ]; then
		/bin/cp -f $DEFCONFFILE $CURCONFFILE
	else
		/bin/rm -f $CURCONFFILE
	fi

	reflect_ipchconf
	;;
  reflect)
	reflect_ipchconf
	;;
  stop)
	# եɤͭޤ̵ˤ
##001116 delete start ----------
#	if [ -f /etc/sysconfig/network ]; then
#		. /etc/sysconfig/network
#		if [ "$FORWARD_IPV4" = "no" -o "$FORWARD_IPV4" = "false" ]; then
#			echo "0" > /proc/sys/net/ipv4/ip_forward
#		else
#			echo "1" > /proc/sys/net/ipv4/ip_forward
#		fi
#	fi
##001116 delete end ----------

	# ٤ƤδܥΥ롼
	/sbin/iptables -F	# 롼ơ
	/sbin/iptables -X	# 桼롣

	# ܥΥݥꥷĤˤ
	/sbin/iptables -P FORWARD ACCEPT
	/sbin/iptables -P INPUT ACCEPT
	/sbin/iptables -P OUTPUT ACCEPT

	# Ǥ뤳Ȥξ
	rm -f /var/lock/subsys/wbmcipchains
	;;
  restart)
	$0 stop
	$0 start
	;;
  *)
	echo "Usage: $0 {start|stop|restart|reflect}"
	exit 1
esac

exit 0
