## Report a firewall script failure and retreat to a safe place.
echo "$2! Retreating to safe version..."
+ if [ -f /var/run/firewall.save ] && [ -f /var/run/firewall6.save ]; then
+ echo "Trying to loading saved firewall state..."
+ if iptables-restore </var/run/firewall.save &&
+ ip6tables-restore </var/run/firewall6.save; then
+ echo "Previous firewall state restored."
+ return
+ else
+ echo "Failed! Falling back to plan B."
+ fi
+ fi
if ! "$1" revert; then
echo >&2 "Safe firewall failed. You're screwed. Good luck."
exit 1
## NEW.errors.
## Make sure we have an escape route.
- if [ ! -x "$old" ]; then
- echo >&2 "$0: no escape plan: \`$old' is missing"
- exit 1
- fi
+ iptables-save >/var/run/firewall.save.new
+ ip6tables-save >/var/run/firewall6.save.new
+ mv /var/run/firewall.save.new /var/run/firewall.save
+ mv /var/run/firewall6.save.new /var/run/firewall6.save
## Clear the air and make the errors file.
rm -f "$new.errors" "$new.timebomb" "$new.grabbed"