Attached is a patch to check if NAT is on
and if iptable_mangle is loaded (hence is on)
before flushing, deleting and zeroing their
respective chains.
--- scriptwriter.c 2005-01-29 07:32:08.000000000 -0500
+++ scriptwriter.c.new 2013-09-03 05:51:13.363810627 -0400
@@ -213,12 +213,16 @@
" $IPT -P INPUT ACCEPT\n"
" $IPT -P FORWARD ACCEPT\n"
" $IPT -P OUTPUT ACCEPT\n"
- " $IPT -t mangle -F 2>/dev/null\n"
- " $IPT -t mangle -X 2>/dev/null\n"
- " $IPT -t mangle -Z 2>/dev/null\n"
- " $IPT -t nat -F 2>/dev/null\n"
- " $IPT -t nat -X 2>/dev/null\n"
- " $IPT -t nat -Z 2>/dev/null\n"
+ " if [[ -n $("$LSM" | grep -m1 iptable_mangle) ]]; then\n"
+ " $IPT -t mangle -F 2>/dev/null\n"
+ " $IPT -t mangle -X 2>/dev/null\n"
+ " $IPT -t mangle -Z 2>/dev/null\n"
+ " fi\n"
+ " if [ "$NAT" = "on" ]; then\n"
+ " $IPT -t nat -F 2>/dev/null\n"
+ " $IPT -t nat -X 2>/dev/null\n"
+ " $IPT -t nat -Z 2>/dev/null\n"
+ " fi\n"
" retval=$?\n"
" if [ $retval -eq 0 ]; then\n"
" unlock_firestarter\n"
