From: Nicolas Thill <nico@openwrt.org>
Date: Sun, 27 Sep 2009 12:35:37 +0000 (+0000)
Subject: firewall: add an fw_clear function to flush rules, like it's done in trunk
X-Git-Tag: 8.09.2~32
X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=aabab726899f65cbcca3fcd02adb879e21a9f0e1;p=openwrt%2Fsvn-archive%2Fopenwrt.git

firewall: add an fw_clear function to flush rules, like it's done in trunk

SVN-Revision: 17757
---

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 3c3d8e1b72..9345de78e9 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -129,6 +129,13 @@ fw_set_chain_policy() {
 	$IPTABLES -P $chain $target
 }
 
+fw_clear() {
+	$IPTABLES -F
+	$IPTABLES -t nat -F
+	$IPTABLES -t nat -X
+	$IPTABLES -X
+}
+
 fw_defaults() {
 	[ -n "$DEFAULTS_APPLIED" ] && {
 		echo "Error: multiple defaults sections detected"
@@ -155,10 +162,7 @@ fw_defaults() {
 	$IPTABLES -P OUTPUT DROP
 	$IPTABLES -P FORWARD DROP
 
-	$IPTABLES -F
-	$IPTABLES -t nat -F
-	$IPTABLES -t nat -X
-	$IPTABLES -X
+	fw_clear
 
 	config_get_bool drop_invalid $1 drop_invalid 1
 
@@ -418,10 +422,7 @@ fw_init() {
 }
 
 fw_stop() {
-	$IPTABLES -F
-	$IPTABLES -t nat -F
-	$IPTABLES -t nat -X
-	$IPTABLES -X
+	fw_clear
 	$IPTABLES -P INPUT ACCEPT
 	$IPTABLES -P OUTPUT ACCEPT
 	$IPTABLES -P FORWARD ACCEPT