#!/bin/sh
# Allow WWW traffic
# © 2015, Multapplied Networks, Inc.

NAME="42_www"
CHAIN="allow_www"

iptables_all() {
    iptables "$@"
    ip6tables "$@"
}


start () {
    log_progress_msg $NAME

    remove 2> /dev/null # Remove first to avoid duplicate rules

    iptables_all -N $CHAIN
    iptables_all -A $CHAIN -p tcp --dport 80 -j ACCEPT # HTTP
    iptables_all -A $CHAIN -p tcp --dport 443 -j ACCEPT # HTTPS

    iptables_all -A INPUT -p tcp -j $CHAIN
}
stop () {
    log_progress_msg $NAME
    remove
}
remove () {
    iptables_all -D INPUT -p tcp -j $CHAIN
    iptables_all -F $CHAIN
    iptables_all -X $CHAIN
}
status () {
    iptables_all -L $CHAIN -nv
}

test -f /lib/lsb/init-functions && . /lib/lsb/init-functions

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    restart|force-reload)
        stop
        start
        ;;
    status)
        status
        exit 0
        ;;
    *)
        echo "Usage: $0 {start|stop|restart|force-reload|status}"
        exit 1
        ;;
esac
