#!/bin/bash
#
# parallelcluster-iptables
#
# chkconfig: 12345 99 99
# description: Backup and restore iptables rules (both for IPv4 and IPv6)

### BEGIN INIT INFO
# Provides: $parallelcluster-iptables
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 1 2 3 4 5
# Default-Stop: 0 6
# Short-Description: Backup and restore iptables rules
# Description: Backup and restore iptables rules
### END INIT INFO

IPTABLES_RULES_FILE="<%= @iptables_rules_file %>"
IP6TABLES_RULES_FILE="<%= @ip6tables_rules_file %>"

function save_tables() {
  local iptables_command=$1
  local iptables_file=$2
  echo "saving iptables rules to file: $iptables_file"
  mkdir -p $(dirname $iptables_file)
  $iptables_command > $iptables_file
  echo "iptables rules saved to file: $iptables_file"
}

function restore_tables() {
  local iptables_command=$1
  local iptables_file=$2
  if [[ -f $iptables_file ]]; then
    $iptables_command < $iptables_file
    echo "iptables rules restored from file: $iptables_file"
  else
    echo "iptables rules left unchanged as file was not found: $iptables_file"
  fi
}

function start() {
  restore_tables iptables-restore $IPTABLES_RULES_FILE
  restore_tables ip6tables-restore $IP6TABLES_RULES_FILE
}

function stop() {
  save_tables iptables-save $IPTABLES_RULES_FILE
  save_tables ip6tables-save $IP6TABLES_RULES_FILE
}

case "$1" in
start|stop)
    $1
    ;;
*)
    echo "Usage: $0 {start|stop}"
    exit 2
esac

exit $?