1 files changed, 5 insertions, 33 deletions

diff --git a/abs/core/iptables/ip6tables b/abs/core/iptables/ip6tables
index 1733db2..2d119e3 100755
--- a/abs/core/iptables/ip6tables
+++ b/abs/core/iptables/ip6tables
@@ -4,7 +4,6 @@
 [ -f /etc/conf.d/iptables ] && . /etc/conf.d/iptables
 
 # Set defaults if settings are missing
-[ -z "$IP6TABLES" ] && IP6TABLES=/usr/sbin/ip6tables
 [ -z "$IP6TABLES_CONF" ] && IP6TABLES_CONF=/etc/iptables/ip6tables.rules
 
 . /etc/rc.conf
@@ -12,14 +11,14 @@
 
 case "$1" in
 	start)
-		if [ ! -f $IP6TABLES_CONF ]; then
-			echo "Cannot load iptables rules: $IP6TABLES_CONF is missing!" >&2
+		if [ ! -f "$IP6TABLES_CONF" ]; then
+			echo "Cannot load ip6tables rules: $IP6TABLES_CONF is missing!" >&2
 			exit 1
 		fi
 		stat_busy "Starting IP6 Tables"
 		if [ "$IPTABLES_FORWARD" = "1" ]; then
-                        echo 1 >/proc/sys/net/ipv6/conf/default/forwarding
-                        echo 1 >/proc/sys/net/ipv6/conf/all/forwarding
+			echo 1 >/proc/sys/net/ipv6/conf/default/forwarding
+			echo 1 >/proc/sys/net/ipv6/conf/all/forwarding
 		fi
 		if ck_daemon ip6tables; then
 			/usr/sbin/ip6tables-restore < $IP6TABLES_CONF
@@ -35,42 +34,16 @@ case "$1" in
 		;;
 	stop)
 		stat_busy "Stopping IP6 Tables"
-                echo 0 >/proc/sys/net/ipv6/conf/all/forwarding
-                echo 0 >/proc/sys/net/ipv6/conf/default/forwarding
 		if ! ck_daemon ip6tables; then
 			fail=0
 			for table in $(cat /proc/net/ip6_tables_names); do
-				$IP6TABLES -t $table -F &>/dev/null && \
-					$IP6TABLES -t $table -X &>/dev/null && \
-					$IP6TABLES -t $table -Z &>/dev/null
+				ip6tables-restore < /var/lib/iptables/empty-$table.rules
 				[ $? -gt 0 ] && fail=1
 			done
 			if [ $fail -gt 0 ]; then
 				stat_fail
 			else
 				rm_daemon ip6tables
-				# reset policies
-				for table in filter mangle raw; do
-					if grep -qw $table /proc/net/ip6_tables_names; then
-						$IP6TABLES -t $table -P OUTPUT ACCEPT
-					fi
-				done
-				for table in filter mangle; do
-					if grep -qw $table /proc/net/ip6_tables_names; then
-						$IP6TABLES -t $table -P INPUT ACCEPT
-						$IP6TABLES -t $table -P FORWARD ACCEPT
-					fi
-				done
-				for table in mangle raw; do
-					if grep -qw $table /proc/net/ip6_tables_names; then
-						$IP6TABLES -t $table -P PREROUTING ACCEPT
-					fi
-				done
-				for table in mangle; do
-					if grep -qw $table /proc/net/ip6_tables_names; then
-						$IP6TABLES -t $table -P POSTROUTING ACCEPT
-					fi
-				done
 				stat_done
 			fi
 		else
@@ -79,7 +52,6 @@ case "$1" in
 		;;
 	restart)
 		$0 stop
-		sleep 2
 		$0 start
 		;;
 	save)