#!/bin/bash
TEST=`service iptables restart | grep fail`
if [[ -z $TEST ]]; then
 service iptables restart
 echo "No IPtables problems found."
 echo "IPtables now running."
else
iptables-restore /etc/iptables/rules.v4 2>/tmp/errorfile
TEST=`cat /tmp/errorfile`
while [[ "$TEST" == *Error* ]]; do
 LINENUM=`cat /tmp/errorfile | cut -f 2 -d ":" | tail -2 | head -n 1 | tr -d ' '`
 FQDN=`cat /tmp/errorfile | cut -f 1 -d "'" | head -n 1 | cut -f 4 -d " "`
 echo " "
 echo "******** 10-SECOND WARNING ALERT ***********"
 echo "IPtables FQDN problem on line: $LINENUM"
 echo "The unresolvable FQDN is $FQDN."
 echo "This rule will be temporarily disabled to allow IPtables to start."
 echo "Check and correct line $LINENUM in /etc/iptables/rules.v4."
 echo "******** 10-SECOND WARNING ALERT ***********"
 echo " "
 sed -i "$LINENUM s:^:#***:" /etc/iptables/rules.v4
 sleep 10
 iptables-restore /etc/iptables/rules.v4 2>/tmp/errorfile
 TEST=`cat /tmp/errorfile`
done
service iptables restart
sed -i 's|#\*\*\*||' /etc/iptables/rules.v4
echo "IPtables problems noted above were temporarily fixed."
echo "Fix the problems identified in /etc/iptables/rules.v4"
echo "IPtables now running without the offending rules(s)."
fi
