{
#####STOP FIREWALL####
}
stop)
     echo ""
     echo -n "Shutting down IP masquerade and firewall rules:"
     /sbin/iptables -P FORWARD DROP
     /sbin/iptables -P OUTPUT ACCEPT
     /sbin/iptables -P INPUT {
     # Set "safe" default mode.
     ($SystemMode eq "serveronly") ? "ACCEPT" : "DROP"
}
     /sbin/iptables -F INPUT
     /sbin/iptables -F OUTPUT
     /sbin/iptables -F FORWARD
     /sbin/iptables -F 
{
    $OUT .= '';
    # Allow forwarding of local addresses, as we might be a VPN endpoint
    # in serveronly mode
    # @locals contains a list of local networks, with the real local
    # network first
    my @mylocals = @locals;
    my $local = shift @mylocals;
    $OUT .= "    /sbin/iptables --append FORWARD -s $local" .
			" -d $local -j ACCEPT\n";
    foreach my $network (@mylocals)
    {
	$OUT .= "    /sbin/iptables --append FORWARD -s $network" .
			" -d $local -j ACCEPT\n";
	$OUT .= "    /sbin/iptables --append FORWARD -s $local" .
			" -d $network -j ACCEPT\n";
    }
}     /sbin/iptables -X 
     echo "		Done!"
     echo "" ;;


