From 96102623ee7884c0ea8be12d6f46da1814671302 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Thu, 14 Aug 2014 09:49:18 -0700
Subject: [PATCH] Apply Thomas D's patch for SAVE_IPSET in the debian
 shorewall-init script

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall-init/init.debian.sh | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/Shorewall-init/init.debian.sh b/Shorewall-init/init.debian.sh
index de7a6557b..b975a21b4 100755
--- a/Shorewall-init/init.debian.sh
+++ b/Shorewall-init/init.debian.sh
@@ -123,6 +123,17 @@ shorewall_start () {
 
   echo "done."
 
+  if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then
+
+      echo -n "Restoring ipsets: "
+
+      if ! ipset -R < "$SAVE_IPSETS"; then
+	  echo_notdone
+      fi
+
+      echo "done."
+  fi
+
   return 0
 }
 
@@ -142,6 +153,20 @@ shorewall_stop () {
 
   echo "done."
 
+  if [ -n "$SAVE_IPSETS" ]; then
+
+      echo "Saving ipsets: "
+
+      mkdir -p $(dirname "$SAVE_IPSETS")
+      if ipset -S > "${SAVE_IPSETS}.tmp"; then
+	  grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS"
+      else
+	  echo_notdone
+      fi
+
+      echo "done."
+  fi
+
   return 0
 }