#!/bin/sh
. /etc/init.d/functions

if [ ! -x /sbin/iptables ]; then
	exit 0
fi

iftable() {
	if fgrep -qsx $1 /proc/net/ip_tables_names; then
		iptables -t "$@"
	fi
}
	chains=`cat /proc/net/ip_tables_names 2>/dev/null`
	for i in $chains; do iptables -t $i -F; done && \
		success "Flushing all chains:" || \
		failure "Flushing all chains:"
	for i in $chains; do iptables -t $i -X; done && \
		success "Removing user defined chains:" || \
		failure "Removing user defined chains:"
	gprintf "Resetting built-in chains to the default ACCEPT policy:"
	iftable filter -P INPUT ACCEPT && \
	iftable filter -P OUTPUT ACCEPT && \
	iftable filter -P FORWARD ACCEPT && \
	iftable nat -P PREROUTING ACCEPT && \
	iftable nat -P POSTROUTING ACCEPT && \
	iftable nat -P OUTPUT ACCEPT && \
	iftable mangle -P PREROUTING ACCEPT && \
	iftable mangle -P OUTPUT ACCEPT && \
	success "Resetting built-in chains to the default ACCEPT policy" || \
	failure "Resetting built-in chains to the default ACCEPT policy"
	echo
exit 0