bookends.m4: Open up tables we clobbered at exit.

Otherwise the `raw' table gets left dropping everything.  I've no idea
why this didn't actually break everything for ages.

diff --git a/bookends.m4 b/bookends.m4
index b51f8ae..b29047b 100644 (file)
--- a/bookends.m4
+++ b/bookends.m4
@@ -217,5 +217,17 @@ for chain in INPUT FORWARD; do
   run ip46tables -A $chain -g forbidden
 done
 
+## Allow stuff through unknown tables.
+for ip in ip ip6; do
+  for table in $(cat /proc/net/${ip}_tables_names); do
+    case $table in mangle | filter) continue ;; esac
+    ${ip}tables -nL -t $table |
+    sed -n '/^Chain \([^ ]\+\) (policy .*$/ s//\1/p ' |
+    while read chain; do
+      run ${ip}tables -t $table -P $chain ACCEPT
+    done
+  done
+done
+
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------