===================================================================
RCS file: /home/cvsd/home/cvs/scripts/shell/firewall/fw-off.sh,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- scripts/shell/firewall/fw-off.sh	2003/08/03 14:11:32	1.1
+++ scripts/shell/firewall/fw-off.sh	2006/08/09 11:50:19	1.2
@@ -11,47 +11,27 @@
 # Changelog:
 # 10/01/2002 - created
 # 02/08/2003 - import into CVS
+# 09/08/2006 - enhanced by Lubomir Host 'rajo' <rajo AT platon.sk> - simplification of rules removal
 #
 
-# $Platon$
+# $Platon: scripts/shell/firewall/fw-off.sh,v 1.1 2003/08/03 14:11:32 nepto Exp $
 
 IPTABLES="/sbin/iptables"
 
-function delete_chain()
-{
-	echo -n "$1/$2: ";
-	while [ -z "`$IPTABLES -t $1 -D $2 1 2>&1 `" ]; do
-		echo -n "#"
-	done
-	echo " OK";
-}
-
-$IPTABLES -t filter -P INPUT ACCEPT
-$IPTABLES -t filter -P OUTPUT ACCEPT
-$IPTABLES -t filter -P FORWARD ACCEPT
-
-delete_chain filter INPUT;
-delete_chain filter OUTPUT;
-delete_chain filter FORWARD;
-delete_chain filter IN_FW;
-delete_chain filter spoofing;
-delete_chain filter syn-flood;
-
-$IPTABLES -X IN_FW 2> /dev/null;
-$IPTABLES -X spoofing 2> /dev/null;
-$IPTABLES -X syn-flood 2> /dev/null;
-
-$IPTABLES -t nat -P PREROUTING ACCEPT
-$IPTABLES -t nat -P OUTPUT ACCEPT
-$IPTABLES -t nat -P POSTROUTING ACCEPT
-
-delete_chain nat PREROUTING;
-delete_chain nat OUTPUT;
-delete_chain nat POSTROUTING;
-
-$IPTABLES -t mangle -P PREROUTING ACCEPT
-$IPTABLES -t mangle -P OUTPUT ACCEPT
-
-delete_chain mangle PREROUTING;
-delete_chain mangle OUTPUT;
+for chain in INPUT OUTPUT FORWARD; do
+	$IPTABLES -t filter -P $chain ACCEPT
+done
+
+for chain in PREROUTING POSTROUTING OUTPUT; do
+	$IPTABLES -t nat -P $chain ACCEPT
+done
+
+for chain in PREROUTING INPUT FORWARD OUTPUT POSTROUTING; do
+	$IPTABLES -t mangle -P $chain ACCEPT
+done
+
+for table in filter nat mangle; do
+	iptables -F -t $table
+	iptables -X -t $table
+done