#!/bin/sh
# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
    set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /usr/lib/init/init-d-script
fi
### BEGIN INIT INFO
# Provides:          firewall
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Should-Start:      ulogd ulogd2
# Should-Stop:       ulogd ulogd2
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Very simple firewall
### END INIT INFO

# Author: Raphaël Halimi <raphael.halimi@gmail.com>

DESC="very simple firewall"
DAEMON=none
NAME=firewall
COMMAND_NAME=none

do_start_cmd_override () {
  iptables -n -L | grep -q "policy DROP" && return 1
  $NAME
  case "$?" in
    0) return 0 ;;
    *) return 2 ;;
  esac
}

do_stop_cmd_override () {
  iptables -n -L | grep -q "policy DROP" || return 1
  $NAME -f
  case "$?" in
    0) return 0 ;;
    *) return 2 ;;
  esac
}

do_status_override () {
  if iptables -n -L | grep -q "policy DROP" ; then
    log_success_msg "$NAME is active"
    return 0
  else
    log_failure_msg "$NAME is not active"
    return 3
  fi
}
