From 109d78c694e491bc5ad2c9acd0fdfb1cbb7c0bc4 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 16 Jan 2006 21:45:33 +0000
Subject: [PATCH] Restore working 'stop_firewall' for generated script

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index b0248a172..4292a3613 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -8990,6 +8990,45 @@ run_tc() {
     fi
 }
 
+stop_firewall() {
+
+    [ -n "${RESTOREFILE:=restore}" ]
+
+    RESTOREPATH=/var/lib/shorewall/$RESTOREFILE
+
+    if [ -x $RESTOREPATH ]; then
+
+	if [ -x ${RESTOREPATH}-ipsets ]; then
+	    progress_message2 Restoring Ipsets...
+	    #
+	    # We must purge iptables to be sure that there are no
+	    # references to ipsets
+	    #
+	    for table in mangle nat filter; do
+		iptables -t $table -F
+		iptables -t $table -X
+	    done
+
+	    ${RESTOREPATH}-ipsets
+	fi
+
+	echo Restoring Shorewall...
+
+	if $RESTOREPATH; then
+	    echo "Shorewall restored from $RESTOREPATH"
+	    set_state "Started"
+	else
+	    set_state "Unknown"
+	fi
+    elif [ -x /sbin/shorewall ]; then
+	/sbin/shorewall nolock stop
+    fi
+
+    kill $$
+    exit 2
+}
+
+
 __EOF__
     f=$(find_file params)