#!/bin/bash

echo "Installing iptables..."
zypper -nq install iptables iptables-backend-nft

echo "Setting up the init files..."
mkdir -p /usr/libexec/iptables
curl -sO --output-dir /usr/libexec/iptables https://git.xo.nl/marcel/iptables/raw/master/libexec/iptables.init
curl -sO --output-dir /usr/libexec/iptables https://git.xo.nl/marcel/iptables/raw/master/libexec/ip6tables.init
chown root:root /usr/libexec/iptables/*
chmod ug+x /usr/libexec/iptables/*

echo "Setting up the systemd files..."
curl -sO --output-dir /etc/systemd/system https://git.xo.nl/marcel/iptables/raw/master/systemd/iptables.service
curl -sO --output-dir /etc/systemd/system https://git.xo.nl/marcel/iptables/raw/master/systemd/ip6tables.service

echo "Setting up the default firewall configuration..."
curl -sO --output-dir /etc/sysconfig https://git.xo.nl/marcel/iptables/raw/master/config/iptables
curl -sO --output-dir /etc/sysconfig https://git.xo.nl/marcel/iptables/raw/master/config/ip6tables

echo "Enabling iptables on next boot"
systemctl daemon-reload
systemctl enable iptables ip6tables

echo "All done, please ensure the firewall settings are to your liking before rebooting"