package/iptables: add init script

This patch will add an init script that allows
to set a ruleset in /etc/iptables.conf to be loaded
on boot, or flushed on stop, as well as a saving
command to generate a new file.

Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
[Arnout: change handling of readonly filesystem]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/iptables/S35iptables

@@ -0,0 +1,58 @@
+#!/bin/sh
+
+DAEMON="iptables"
+
+IPTABLES_ARGS=""
+
+start() {
+	printf 'Starting %s: ' "$DAEMON"
+	iptables-restore < /etc/iptables.conf
+	status=$?
+	if [ "$status" -eq 0 ]; then
+		echo "OK"
+	else
+		echo "FAIL"
+	fi
+	return "$status"
+}
+
+stop() {
+	printf 'Stopping %s: ' "$DAEMON"
+	iptables -F
+	status=$?
+	if [ "$status" -eq 0 ]; then
+		echo "OK"
+	else
+		echo "FAIL"
+	fi
+	return "$status"
+}
+
+restart() {
+	stop
+	sleep 1
+	start
+}
+
+save() {
+	printf 'Saving %s: ' "$DAEMON"
+	iptables-save > /etc/iptables.conf
+	status=$?
+	if [ "$status" -eq 0 ]; then
+		echo "OK"
+	else
+		echo "SKIP (read-only file system detected)"
+	fi
+	return "$status"
+}
+
+case "$1" in
+	start|stop|restart|save)
+		"$1";;
+	reload)
+		# Restart, since there is no true "reload" feature.
+		restart;;
+	*)
+		echo "Usage: $0 {start|stop|restart|reload}"
+		exit 1
+esac

package/iptables/iptables.mk

@@ -57,4 +57,10 @@ define IPTABLES_LINUX_CONFIG_FIXUPS
 	$(call KCONFIG_ENABLE_OPT,CONFIG_NETFILTER_XTABLES)
 endef
 
+define IPTABLES_INSTALL_INIT_SYSV
+	$(INSTALL) -m 0755 -D package/iptables/S35iptables \
+		$(TARGET_DIR)/etc/init.d/S35iptables
+	touch $(TARGET_DIR)/etc/iptables.conf
+endef
+
 $(eval $(autotools-package))