#! /bin/sh
# Copyright (c) 1996 S.u.S.E. Gmbh Fuerth, Germany.  All rights reserved.
#
# Author: GEORG
#
# /etc/init.d/firewall
#
### BEGIN INIT INFO
# Provides: tss      
# Required-Start: $network 
# Required-Stop:
# Default-Start:  3 5
# Default-Stop:
# Description:   My firewall 
### END INIT INFO


. /etc/sysconfig/network/config

# Determine the base and follow a runlevel link name.
base=${0##*/}
link=${base#*[SK][0-9][0-9]}

# Force execution if not called by a runlevel directory.
test $link = $base && START_FIREWALL="yes"
test "$START_FIREWALL" = "yes" || exit 0

test -z $FW_START_CONF && FW_START_CONF="/etc/firewall/fw_start.conf"
test -z $FW_STOP_CONF && FW_STOP_CONF="/etc/firewall/fw_stop.conf"
test -z $FW_BLACKLIST && FW_STOP_CONF="/etc/firewall/black.list"
test -z $FW_INET_DEVICES && FW_INET_DEVICES="ppp0"

# The echo return value for success (defined in /etc/rc.config).
return=$rc_done
case "$1" in
    start)
       echo -n "Set on forwarding: "
       echo "1" > /proc/sys/net/ipv4/ip_forward;
        # check if IP forwarding is enabled
	 
	  if test `cat /proc/sys/net/ipv4/ip_forward` -eq "1"  ; then
	   echo -e "$rc_done"	  
	  else
	   echo -e "\t Cannot enable ip_forwarding $rc_failrd"	   	   
	  fi	  
	   echo "Start up firewall:"
           /usr/local/sbin/myfw.pl -c $FW_START_CONF -id $FW_INET_DEVICES -b $FW_BLACKLIST ||  return=$rc_failrd 
           echo -e "$return"	   
       ;;
    stop)
    	echo "Stop of firewall (ATTENTION: NO PROTETION FOR THE SYSTEM NOW!):"
	 /usr/local/sbin/myfw.pl -c $FW_STOP_CONF ||  return=$rc_failrd 
       ;;
    *)
       echo "Usage: $0 {start|stop}"
       exit 1
       ;;
esac

# Inform the caller not only verbosely and set an exit status.
test "$return" = "$rc_done" || exit 1
exit 0