Cleanup of iptables-restore/stop code. Don't purge ipsets on stop.

Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9762 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/Perl/Shorewall/Compiler.pm

@@ -798,6 +798,11 @@ sub compiler {
 	#                               S T O P _ F I R E W A L L
 	#             (Writes the stop_firewall() function to the compiled script)
 	#
+	# We must reinitialize Shorewall::Chains before generating the iptables-restore input
+	# for stopping the firewall
+	#
+	Shorewall::Chains::initialize( $family );
+	initialize_chain_table;
 	compile_stop_firewall( $test ); 
 	#
 	# Copy the footer to the object

Shorewall/Perl/Shorewall/Rules.pm

@@ -39,7 +39,6 @@ our @EXPORT = qw( process_tos
 		  setup_ecn
 		  add_common_rules
 		  setup_mac_lists
-		  process_routestopped
 		  process_rules
 		  generate_matrix
 		  setup_mss
@@ -2079,10 +2078,6 @@ sub compile_stop_firewall( $ ) {
 stop_firewall() {
 EOF
 
-    Shorewall::Chains::initialize( $family );
-
-    initialize_chain_table;
-
     if ( $config{ADMINISABSENTMINDED} ) {
 	$filter_table->{OUTPUT}{policy} = 'ACCEPT';
     }
@@ -2272,10 +2267,8 @@ EOF
             #
             grep -q '^-N' ${VARDIR}/ipsets.tmp && mv -f ${VARDIR}/ipsets.tmp ${VARDIR}/ipsets.save
 	fi
+    fi
 EOF
-
-	emit "    ipset -X $_" for @ipsets;
-	emit "fi\n";
     }
     
     emit '