#!/bin/sh
#
# nftables - Netfilter Tables
#
# chkconfig:   - 09 92
# description: Starts and stops nftables firewall.

# http://fedoraproject.org/wiki/FCNewInit/Initscripts
### BEGIN INIT INFO
# Provides: nftables
# Required-Start: 
# Required-Stop: 
# Default-Stop: 0 1 6
# Short-Description: Starts and stops nftables firewall.
# Description: Starts and stops nftables firewall.
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

exec="/usr/sbin/nftables"
prog=${exec##*/}

[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

lockfile=/var/lock/subsys/$prog

start() {
    echo -n $"Starting $prog: "
    /sbin/nft -f /etc/sysconfig/nftables.conf
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}

stop() {
    echo -n $"Stopping $prog: "
    /sbin/nft flush ruleset
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}

restart() {
    stop
    start
}

case "$1" in
    start|stop|restart)
        $1
        ;;
    condrestart)
        if status $prog >/dev/null ; then
            restart
        fi
        ;;
    reload)
        /sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";'
        exit 3
        ;;
    *)
        echo $"Usage: $0 {start|stop|restart|condrestart}"
        exit 2
esac
