#!/sbin/runscript # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/files/ipset.initd,v 1.2 2011/10/12 13:26:16 pva Exp $ extra_started_commands="save" IPSET_SAVE=${IPSET_SAVE:-/var/lib/ipset} depend() { before iptables ip6tables use logger } checkconfig() { if [ ! -f "${IPSET_SAVE}" ] ; then eerror "Not starting ${SVCNAME}. First create some rules then run:" eerror "/etc/init.d/${SVCNAME} save" return 1 fi return 0 } start() { checkconfig || return 1 ebegin "Loading ipset session" ipset restore < "${IPSET_SAVE}" eend $? } stop() { # check if there are any references to current sets if ! ipset list | gawk '($1 == "References:" && $2 > 0) { exit 1 }'; then eerror "ipset is in use, can't stop" return 1 fi if [ "${SAVE_ON_STOP}" = "yes" ] ; then save || return 1 fi ebegin "Removing kernel IP sets" ipset destroy eend $? } save() { ebegin "Saving ipset session" touch "${IPSET_SAVE}" chmod 0600 "${IPSET_SAVE}" ipset save > "${IPSET_SAVE}" eend $? }