--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: iptables.sh
+# Required-Start: $remote_fs $network
+# Required-Stop: $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: iptables firewall
+### END INIT INFO
+
+# Setup ip firewall
+
+. /etc/network/functions.phd
+
+case "$1" in
+ start)
+ /etc/init.d/fail2ban stop
+
+ # Start afresh
+ $IPTABLES -F
+ $IPTABLES -F -t nat
+ $IPTABLES -F -t mangle
+
+ # Default policies
+ $IPTABLES -P INPUT DROP
+ $IPTABLES -P OUTPUT ACCEPT
+ $IPTABLES -P FORWARD DROP
+
+ start_firewall
+ /etc/init.d/rc.masq
+ /etc/init.d/fail2ban start
+ ;;
+
+ stop)
+ /etc/init.d/fail2ban stop
+
+ $IPTABLES -F
+ $IPTABLES -F -t nat
+ $IPTABLES -F -t mangle
+ $IPTABLES -P INPUT DROP
+ $IPTABLES -P OUTPUT DROP
+ $IPTABLES -P FORWARD DROP
+ ;;
+
+ clear)
+ /etc/init.d/fail2ban stop
+
+ # Flush (delete) all rules
+ $IPTABLES -F
+ $IPTABLES -F -t nat
+ $IPTABLES -F -t mangle
+ $IPTABLES -P INPUT ACCEPT
+ $IPTABLES -P OUTPUT ACCEPT
+ $IPTABLES -P FORWARD ACCEPT
+ ;;
+
+ *)
+ echo "Usage: firewall {start|stop|clear}"
+ exit 1
+esac
+
+exit 0