From 6545dc1b51d13943016219e656fbc2b2946a5bc9 Mon Sep 17 00:00:00 2001
From: David Phillips <david@sighup.nz>
Date: Sun, 17 Sep 2017 21:45:59 +1200
Subject: Add starter iptables scripts

---
 conf.d.in/iptables.in |  1 +
 init.d.in/iptables.in | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 conf.d.in/iptables.in
 create mode 100644 init.d.in/iptables.in

diff --git a/conf.d.in/iptables.in b/conf.d.in/iptables.in
new file mode 100644
index 0000000..ded05a4
--- /dev/null
+++ b/conf.d.in/iptables.in
@@ -0,0 +1 @@
+iptables_save="/etc/iptables/iptables.rules"
diff --git a/init.d.in/iptables.in b/init.d.in/iptables.in
new file mode 100644
index 0000000..397a9ae
--- /dev/null
+++ b/init.d.in/iptables.in
@@ -0,0 +1,33 @@
+#!@OPENRC_RUN@
+
+extra_commands="check"
+extra_started_commands="reload"
+
+iptables_name="${SVCNAME}"
+iptables="@BINDIR@/${iptables_name}"
+
+depend() {
+	need localmount
+	before net
+}
+
+checkrules() {
+	${iptables}-restore --test "${IPTABLES_SAVE}"
+}
+
+start() {
+	checkrules || return 1
+	ebegin "Loading ${iptables_name} with rules from ${IPTABLES_SAVE}"
+	${iptables}-restore "${IPTABLES_SAVE}"
+	eend $?
+}
+
+reload() {
+	start
+}
+
+stop() {
+	ebegin "Flushing rules from ${iptables_name}"
+	/usr/lib/systemd/scripts/iptables-flush >/dev/null
+	eend $?
+}
-- 
cgit v1.1