#!/bin/sh
# @package      hubzero-firewall
# @file         firewall_off
# @author       Rick Kennel <kennell@purdue.edu>
# @copyright    Copyright (c) 2006-2012 HUBzero Foundation, LLC.
# @license      http://www.gnu.org/licenses/lgpl-3.0.html LGPLv3
#
# Copyright (c) 2006-2012 HUBzero Foundation, LLC.
#
# This file is part of: The HUBzero(R) Platform for Scientific Collaboration
#
# The HUBzero(R) Platform for Scientific Collaboration (HUBzero) is free
# software: you can redistribute it and/or modify it under the terms of
# the GNU Lesser General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any
# later version.
#
# HUBzero is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
# HUBzero is a registered trademark of HUBzero Foundation, LLC.

# Knock out source NAT and forwarding
echo '0' > /proc/sys/net/ipv4/ip_forward
modprobe -r ip_nat_ftp
modprobe -r ip_conntrack_ftp
iptables -t nat -F POSTROUTING

# Remove firewalling protecting FORWARD chain
iptables -F FORWARD
iptables -P FORWARD ACCEPT

# Remove input firewall
iptables -F INPUT
iptables -P INPUT ACCEPT

iptables -t nat -F PREROUTING

if [ -f /var/run/fail2ban/fail2ban.pid -a -f /usr/bin/fail2ban-server ]
then
if which invoke-rc.d >/dev/null 2>&1; then
	invoke-rc.d fail2ban restart
else
	/etc/init.d/fail2ban restart
fi
fi
