#!/bin/bash

# Enable the client's connection to the Internet.
#
# This is called first thing in the morning.
#
# This script must be idempotent (meaning that calling it more than once
# has the same effect as calling it once) since we cannot guarantee
# that every call to connect is matched by a call to disconnect.
# In fact, the /etc/gatekeeper/gatekeeper daemon makes no effort to match
# calls to connect with calls to disconnect.

IPT="/sbin/iptables"
MODPROBE="/sbin/modprobe"

# Make sure the modules we need are loaded:
$MODPROBE ip_tables

# Allow the connection to the server Squid:
$IPT -R blockoutgoing 1 -p tcp --dport 3128 -j ACCEPT
$IPT -R blockoutgoing 2 -p tcp --dport 3130 -j ACCEPT