#!/usr/bin/perl
#This script was added to do the checks before calling an IPTABLES-SAVE or an IPTABLES-RESTORE.
#The main reason this script was added is to avoid IPTABLES Wipeout when the /etc/multiconf/iptablerules file is corrupted.

$return=0;
$noiptsave=0;
$pid ='';
if ($ARGV[0] eq "save")
{
	
	while($noiptsave == 0)
	{
		$pid=`pidof -x iptables-save`;
		chomp($pid);
		if($pid ne '')
		{
			print "One present\n";
			sleep(10);
			next;
		}
		else
		{
			last;
		}
	}
	`echo 0 > /etc/multiconf/save_status`;
	system("cp -f /etc/multiconf/iptablerules /etc/multiconf/iptablebackup");
	if($? !=  0)
	{
		exit;
	}	
	system("iptables-save > /etc/multiconf/iptablerules");
	if($? == 0)
	{
		system("rm -f /etc/multiconf/iptablebackup");
		if ($? == 0)
		{
			`echo 1 > /etc/multiconf/save_status`;
		}
	}
}
elsif ($ARGV[0] eq "rest")
{
	if( -e "/etc/multiconf/iptablebackup")
	{
		if( -e "/etc/multiconf/save_status")
		{
			open(STATUS,"/etc/multiconf/save_status");
			$save_status = <STATUS>;
			chomp($save_status);
			if ($save_status eq "1")
			{
				system("iptables-restore < /etc/multiconf/iptablerules");
				if($? != 0)
				{
					$return=1;
				}
			}
			else
			{	
				system("iptables-restore < /etc/multiconf/iptablebackup");
				if($? != 0)
				{
					$return=2;
				}
				else
				{
					system("cp -f /etc/multiconf/iptablebackup /etc/multiconf/iptablerules");
				}
				system("rm -f /etc/multiconf/iptablebackup");
			}
		}
		else
		{	
			system("iptables-restore < /etc/multiconf/iptablerules");
			if($? != 0)
			{
				$return=1;
			}
		}
		
	}
	else
	{
		system("iptables-restore < /etc/multiconf/iptablerules");
		if($? != 0)
		{
			$return=1;
		}
	}
	if( -e "/etc/multiconf/save_status")
	{
		`echo 1 > /etc/multiconf/save_status`;
	}
print $return;
}
