
v(){
if [ "$flag_verbose" == "yes" ]; then
    echo "$@"
fi
}


####################
## Wrapers #########
####################

ip46tables() {
#############################
# makro { }
#############################
echo "$@" | grep  --regexp="{" --regexp="}" > /dev/null
if [ "$?" == "0" ]; then

# opakowujemy elemnty zawierajace biale znaki w ""
	opts=`perl -e 'foreach $arg (@ARGV) { if ($arg =~/\s+/ ){ print "\"$arg\" "; } else { print "$arg "; }   }  ; ' -- "$@" `

        local pre=`echo  "$opts" | perl -n -e        ' /(.*)\{(.*)\}(.*)/ ; print $1 ; '`
        local post=`echo  "$opts" | perl -n -e       ' /(.*)\{(.*)\}(.*)/ ; print $3 ; '`
        local one;
        for one in `echo  "$opts"  | perl -n -e       ' /(.*)\{(.*)\}(.*)/ ; print $2 ; '`
        do	
                eval ip46tables  $pre$one$post
        done
        return 0
fi
###########################
    echo -n .
    v '**' $IPTABLES_BINARY "$@"
    $IPTABLES_BINARY "$@"
    if [ "$?" != "0" ]; then
#    	set -x 
        echo "ERROR in line: iptables" "$@"
	if [ "$FIRE" = "FAILSAFE" ]; then
		echo "Returning failsave config: $FIRE_FAILSAFE "
		source "$FIRE_FAILSAFE"
		exit 1
	else 
		FIRE="FAILSAFE" 
	        echo "Returning to last known working rules: $BACKUP_DIR/last_ok_fire.sh ."
		source "$FIRE_HEADER" 
		source "$LAST_OK_RULES" 
		exit 1
	fi
    fi
}

iptables () {
	IPTABLES_BINARY="$IP4TABLES_BINARY"
	ip46tables "$@"
}

ip6tables () {
	IPTABLES_BINARY="$IP6TABLES_BINARY"
	ip46tables "$@"
}


######################
### Another finnctions
######################


iptables_flush() {
    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -F
    iptables -F -t nat
    iptables -F -t mangle
    iptables -X
    iptables -X -t nat
    iptables -X -t mangle

    ip6tables -P INPUT ACCEPT
    ip6tables -P OUTPUT ACCEPT
    ip6tables -P FORWARD ACCEPT
    ip6tables -F
    ip6tables -F -t mangle
    ip6tables -X
    ip6tables -X -t mangle
}

print_help() {

cat << _EOF_
USAGE:
$0 [-fhsv]

Withaout arguments fire clean old rules, set default policy to DROP, and
loads rulset from $IPTABLES_RULES. 

If all rules chaged and loaded successfully, copy is created in $BACKUP_DIR. 

  -f  Clean all rules and set default policy to ACCEPT 
  -h  This help
  -s  FailSafe, hardcoded rules: $FIRE_FAILSAFE. 
      Drop all incoming bisides ssh and ICMP 
  -v  Verbose

_EOF_

}
