diff options
Diffstat (limited to 'projectroot/etc/init.d/nftables')
-rw-r--r-- | projectroot/etc/init.d/nftables | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/projectroot/etc/init.d/nftables b/projectroot/etc/init.d/nftables new file mode 100644 index 000000000..c10db5d90 --- /dev/null +++ b/projectroot/etc/init.d/nftables @@ -0,0 +1,103 @@ +#!/bin/sh + +# Author: Arturo Borrero Gonzalez <arturo@debian.org> +# Adapted by: Alexander Dahl <ada@thorsis.com> + +# Do NOT "set -e" + +CONF=/etc/nftables.conf + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="firewall service" +NAME=nftables +BIN=/usr/sbin/nft +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$BIN" ] || exit 0 + +do_start() +{ + # Return + # 0 if start OK + # 2 if start NOK + + # nft v0.4 return 0 if ENOENT $CONF + if [ ! -r "$CONF" ] ; then + echo "E: No such $NAME $DESC config file $CONF" >&2 + return 2 + fi + + $BIN -f $CONF || return 2 +} + +do_stop() +{ + # Return + # 0 if stopped + # 1 if already stopped + # 2 if could not be stopped + if ! do_status ; then + $BIN flush ruleset || return 2 + fi +} + +do_status() +{ + # Return + # 0 if no rules + # 1 if rules + if [ "$($BIN list ruleset 2>/dev/null | wc -l)" = "0" ] ; then + return 0 + fi + + return 1 +} + +case "$1" in + start) + echo -n "Starting $DESC ..." + do_start + ret="$?" + case "$ret" in + 0|1) echo " Done." ;; + 2) echo " Failed." ;; + esac + exit $ret + ;; + restart|force-reload) + echo -n "Restarting $DESC ..." + do_start + ret="$?" + case "$ret" in + 0|1) echo " Done." ;; + 2) echo " Failed." ;; + esac + exit $ret + ;; + stop) + echo -n "Stopping $DESC ..." + do_stop + ret="$?" + case "$ret" in + 0|1) echo " Done." ;; + 2) echo " Failed." ;; + esac + exit $ret + ;; + status) + if ! do_status ; then + echo "Status of ${DESC}: rules loaded" + exit 0 + else + echo "Status of ${DESC}: no rules loaded" + exit 1 + fi + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: |