#!/bin/sh

BASEDIR=/etc/firewall-sosdg
#BASEDIR=`pwd`

. $BASEDIR/options

$IPTABLES --policy INPUT ACCEPT
$IPTABLES --policy OUTPUT ACCEPT
$IPTABLES --policy FORWARD ACCEPT

$IPTABLES --flush &>/dev/null
$IPTABLES -F OUTPUT &>/dev/null
$IPTABLES -F PREROUTING &>/dev/null
$IPTABLES -F POSTROUTING &>/dev/null
$IPTABLES -F -t mangle &>/dev/null
if [ $NAT ]; then
        $IPTABLES -F -t nat &>/dev/null
fi
$IPTABLES -F -t raw &>/dev/null
if [ -s "$BASEDIR/include/ipv4_custom_flush" ]; then
        . "$BASEDIR/include/ipv4_custom_flush"
fi

if [ $IPV6 ]; then
	$IP6TABLES --policy INPUT ACCEPT
	$IP6TABLES --policy OUTPUT ACCEPT
	$IP6TABLES --policy FORWARD ACCEPT
        $IP6TABLES --flush &>/dev/null
        $IP6TABLES -F OUTPUT &>/dev/null
        $IP6TABLES -F PREROUTING &>/dev/null
        $IP6TABLES -F POSTROUTING &>/dev/null
        if [ -s "$BASEDIR/include/ipv6_custom_flush" ]; then
                . "$BASEDIR/include/ipv6_custom_flush"
        fi
fi

exit 0