Attached is a patch to check if NAT is on and if iptable_mangle is loaded (hence is on) before flushing, deleting and zeroing their respective chains.
--- scriptwriter.c 2005-01-29 07:32:08.000000000 -0500 +++ scriptwriter.c.new 2013-09-03 05:51:13.363810627 -0400 @@ -213,12 +213,16 @@ " $IPT -P INPUT ACCEPT\n" " $IPT -P FORWARD ACCEPT\n" " $IPT -P OUTPUT ACCEPT\n" - " $IPT -t mangle -F 2>/dev/null\n" - " $IPT -t mangle -X 2>/dev/null\n" - " $IPT -t mangle -Z 2>/dev/null\n" - " $IPT -t nat -F 2>/dev/null\n" - " $IPT -t nat -X 2>/dev/null\n" - " $IPT -t nat -Z 2>/dev/null\n" + " if [[ -n $("$LSM" | grep -m1 iptable_mangle) ]]; then\n" + " $IPT -t mangle -F 2>/dev/null\n" + " $IPT -t mangle -X 2>/dev/null\n" + " $IPT -t mangle -Z 2>/dev/null\n" + " fi\n" + " if [ "$NAT" = "on" ]; then\n" + " $IPT -t nat -F 2>/dev/null\n" + " $IPT -t nat -X 2>/dev/null\n" + " $IPT -t nat -Z 2>/dev/null\n" + " fi\n" " retval=$?\n" " if [ $retval -eq 0 ]; then\n" " unlock_firestarter\n"